www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukr.net/
Effective URL:
https://www.ukr.net/
Submission: On June 07 via manual (June 7th 2023, 1:40:11 pm UTC) from RU — Scanned from DE

Summary HTTP 226 Redirects Links 291 Behaviour Indicators

Summary

This website contacted 55 IPs in 11 countries across 34 domains to perform 226 HTTP transactions. The main IP is 104.18.8.128, located in and belongs to CLOUDFLARENET, US. The main domain is www.ukr.net. The Cisco Umbrella rank of the primary domain is 144581.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 7th 2023. Valid for: a year.

This is the only time www.ukr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	104.18.8.128 104.18.8.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
27	2606:4700::68... 2606:4700::6812:509	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 9	212.42.75.253 212.42.75.253	8856 (UKRNET Kiev) (UKRNET Kiev)
2 2	212.42.75.249 212.42.75.249	8856 (UKRNET Kiev) (UKRNET Kiev)
5	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	147.135.189.55 147.135.189.55	16276 (OVH) (OVH)
8	212.42.76.151 212.42.76.151	8856 (UKRNET Kiev) (UKRNET Kiev)
4	212.42.83.135 212.42.83.135	8856 (UKRNET Kiev) (UKRNET Kiev)
3	193.200.65.2 193.200.65.2	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	143.244.196.143 143.244.196.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.42.73.60 212.42.73.60	8856 (UKRNET Kiev) (UKRNET Kiev)
2	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 34	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	185.239.172.77 185.239.172.77	55081 (24SHELLS) (24SHELLS)
1	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	3.217.213.80 3.217.213.80	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
13	193.200.65.22 193.200.65.22	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	193.200.64.15 193.200.64.15	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
8	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4007:81e::2003	15169 (GOOGLE) (GOOGLE)
1	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
1 3	52.19.186.154 52.19.186.154	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:e::8	15169 (GOOGLE) (GOOGLE)
1	2600:1f13:800... 2600:1f13:800:7780:6c14:31e2:b563:7653	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1 1	52.51.214.95 52.51.214.95	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:3000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
226	55

12 104.18.8.128 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zakladki.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6812:509 (United States)

ASN13335 (CLOUDFLARENET, US)

upst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 212.42.75.253 (Ukraine) 1 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-253.fwdcdn.com

accounts.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.42.75.249 (Ukraine) 2 redirects

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: frvdc-249.fwdcdn.com

mail.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

go.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st11.rcvlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com

m.mixadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.42.76.151 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv151.fwdcdn.com

pinformer.sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.83.135 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

kinoafisha.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.200.65.2 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: trafmag.com

trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bb.givemelink.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.196.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.42.73.60 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)

counter.ukr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.40 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.239.172.77 (Newham, United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.213.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-213-80.compute-1.amazonaws.com

cookies.nextmillmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 193.200.65.22 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: support.giveme.network

s2.givemelink.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.15 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: affiliates.rozetka.com.ua

afl.rozetka.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4007:81e::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.19.186.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-154.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:e::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5edn6r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f13:800:7780:6c14:31e2:b563:7653 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.214.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-214-95.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 1 redirects f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154 ade.googlesyndication.com — Cisco Umbrella Rank: 315	385 KB
27	fwdcdn.com upst.fwdcdn.com — Cisco Umbrella Rank: 260524	396 KB
27	ukr.net 5 redirects ukr.net — Cisco Umbrella Rank: 69484 www.ukr.net — Cisco Umbrella Rank: 144581 zakladki.ukr.net — Cisco Umbrella Rank: 624821 accounts.ukr.net — Cisco Umbrella Rank: 207166 mail.ukr.net — Cisco Umbrella Rank: 132350 counter.ukr.net — Cisco Umbrella Rank: 182820	155 KB
21	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 121 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 bid.g.doubleclick.net — Cisco Umbrella Rank: 806 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 362 cm.g.doubleclick.net — Cisco Umbrella Rank: 248	278 KB
16	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	161 KB
15	givemelink.cc bb.givemelink.cc — Cisco Umbrella Rank: 294582 s2.givemelink.cc — Cisco Umbrella Rank: 706876	113 KB
9	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 7600 ghb.adtelligent.com — Cisco Umbrella Rank: 6444 sync.adtelligent.com — Cisco Umbrella Rank: 5684	186 KB
8	sinoptik.ua pinformer.sinoptik.ua — Cisco Umbrella Rank: 210102	46 KB
7	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3028 www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 106	2 KB
6	adsafeprotected.com 2 redirects unified.adsafeprotected.com — Cisco Umbrella Rank: 1663 dt.adsafeprotected.com — Cisco Umbrella Rank: 573 pixel.adsafeprotected.com — Cisco Umbrella Rank: 749 static.adsafeprotected.com — Cisco Umbrella Rank: 634	8 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 489	135 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 388	110 KB
5	rcvlink.com go.rcvlink.com — Cisco Umbrella Rank: 47792 st11.rcvlink.com — Cisco Umbrella Rank: 62923	28 KB
4	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1170 r3---sn-4g5edn6r.c.2mdn.net — Cisco Umbrella Rank: 340086 s0.2mdn.net — Cisco Umbrella Rank: 336	2 MB
4	kinoafisha.ua kinoafisha.ua — Cisco Umbrella Rank: 470439	93 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	219 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 612	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	163 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161	7 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5056 adservice.google.de — Cisco Umbrella Rank: 7760	1 KB
2	trafmag.com trafmag.com — Cisco Umbrella Rank: 36019 t.trafmag.com — Cisco Umbrella Rank: 45836	4 KB
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 21193	1 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 52538	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
1	rozetka.com.ua afl.rozetka.com.ua — Cisco Umbrella Rank: 277368	407 B
1	nextmillmedia.com cookies.nextmillmedia.com — Cisco Umbrella Rank: 4242
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 724	277 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	13 KB
1	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 228934	450 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 622495	170 B
1	mgid.com servicer.mgid.com — Cisco Umbrella Rank: 7580	3 KB
1	phoenix-widget.com api.phoenix-widget.com — Cisco Umbrella Rank: 274672	3 KB
1	mixadvert.com m.mixadvert.com — Cisco Umbrella Rank: 294227	729 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1114	7 KB
226	34

	Domain	Requested by
28	tpc.googlesyndication.com	1 redirects f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.ukr.net imasdk.googleapis.com
27	upst.fwdcdn.com	www.ukr.net upst.fwdcdn.com pinformer.sinoptik.ua
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.ukr.net f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com www.googletagservices.com
13	s2.givemelink.cc	bb.givemelink.cc f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
11	securepubads.g.doubleclick.net	www.ukr.net securepubads.g.doubleclick.net f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com www.googletagservices.com
9	accounts.ukr.net	1 redirects upst.fwdcdn.com www.ukr.net accounts.ukr.net
8	fonts.gstatic.com	fonts.googleapis.com
8	pinformer.sinoptik.ua	upst.fwdcdn.com pinformer.sinoptik.ua
8	www.ukr.net	www.ukr.net pinformer.sinoptik.ua upst.fwdcdn.com static.cloudflareinsights.com
7	csi.gstatic.com	imasdk.googleapis.com
6	f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	1 redirects f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
5	cdn.ampproject.org	f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
4	fonts.googleapis.com	f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com tpc.googlesyndication.com
4	ghb.adtelligent.com	player.adtelligent.com
4	counter.ukr.net	www.ukr.net counter.ukr.net
4	kinoafisha.ua	upst.fwdcdn.com kinoafisha.ua
4	go.rcvlink.com	www.ukr.net go.rcvlink.com
4	www.googletagmanager.com	www.ukr.net www.googletagmanager.com
3	dsum-sec.casalemedia.com	2 redirects
3	unified.adsafeprotected.com	1 redirects imasdk.googleapis.com
3	www.googletagservices.com	f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
3	www.google.com	1 redirects www.ukr.net tpc.googlesyndication.com
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
3	region1.analytics.google.com	www.googletagmanager.com
2	r3---sn-4g5edn6r.c.2mdn.net
2	imasdk.googleapis.com	f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
2	bb.givemelink.cc	f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
2	sync.adtelligent.com	1 redirects www.ukr.net
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google.de	www.ukr.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	a4p.adpartner.pro	1 redirects upst.fwdcdn.com
2	mail.ukr.net	2 redirects
2	player.adtcdn.com	www.ukr.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	zakladki.ukr.net	www.ukr.net
2	ukr.net	2 redirects
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	static.adsafeprotected.com
1	pixel.adsafeprotected.com	1 redirects
1	s0.2mdn.net
1	ade.googlesyndication.com
1	dt.adsafeprotected.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	afl.rozetka.com.ua	bb.givemelink.cc
1	www.gstatic.com	f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
1	mug.criteo.com	www.ukr.net
1	cookies.nextmillmedia.com	www.ukr.net
1	t.trafmag.com	www.ukr.net
1	ap.lijit.com	www.ukr.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	st11.rcvlink.com	www.ukr.net
1	s.znctrack.net	www.ukr.net
1	loadercdn.net	www.ukr.net
1	servicer.mgid.com	upst.fwdcdn.com
1	api.phoenix-widget.com	upst.fwdcdn.com
1	trafmag.com	upst.fwdcdn.com
1	m.mixadvert.com	upst.fwdcdn.com
1	static.cloudflareinsights.com	www.ukr.net
226	64

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
orakul.com
www.booking.com
rozetka.com.ua
proizd.ua
rabota.ua
rst.ua
avtoprod.ua
avtosale.ua
osago.avtosale.ua
goroshina.ua
iron-master.com.ua
www.otpusk.ua
www.accordtour.com
dom.ria.com
lun.ua
flatfy.ua
casada.ua
litaclinic.com
med-mebli.com.ua
med-magazin.ua
bit.ly
doctoronline.care
viveohealth.com
teplo.app
vencon.ua
budpolimer.com
goodmax.com.ua
artpotolok.kiev.ua
lascala.ua
luxchrono.com.ua
work.ua
optima.school
pidbir.com
layboard.com
grc.ua
optima.study
cutt.ly
buketland.com.ua
flowers.ua
hvosting.ua
nic.ua
internetua.com
rx-name.ua
sport.ua
btu.org.ua
rada.gov.ua
www.president.gov.ua
court.gov.ua
www.kmu.gov.ua
www.bank.gov.ua
igov.org.ua
covid19.com.ua
adp.digital
a4p.adpartner.pro
www.europe-stomatolog-centre.com.ua
mixadvert.com
m.mixadvert.com
kinoafisha.ua
www.ukrinform.ua
rubryka.com
interfax.com.ua
www.rbc.ua
uatv.ua
espreso.tv
www.pravda.com.ua
socportal.info
zn.ua
bykvu.com
censor.net
ukrainian.voanews.com
ua.news
thepage.ua
uaprom.info
finance.obozrevatel.com
www.unn.com.ua
cripo.com.ua
bomok.com.ua
magnolia-tv.com
usionline.com
tsn.ua
www.fixygen.ua
sil.media
westnews.info
news.obozrevatel.com
toneto.net
bigkyiv.com.ua
players.com.ua
xn--b1alfsfclih.com
forklog.com
vctr.media
ilenta.com
newsyou.info
news.uaportal.com
babel.ua
portaltele.com.ua
autotheme.info
wheel-news.com
nnews.com.ua
u-news.com.ua
ua.tribuna.com
fanday.net
ukrfootball.ua
ukrbasket.net
xsport.ua
ua-vestnik.com
beautytips.kyiv.ua
medfactor.com.ua
medicalanswers.com.ua
novyny.live
ua-novosti.info
woman24.kyiv.ua
bzh.life
www.eurointegration.com.ua
meta.ua
glamour.kyiv.ua
novosti-n.org
focus.ua
cbn.com.ua
realgazeta.com.ua
v-variant.com.ua
politarena.online
informator.ua
pixelinform.com
vogue.ua
zhenskiy.kyiv.ua
womanlife.kyiv.ua
prostoway.com
storinka.com.ua
plyashka.com
rezina.cc
shinadiski.com.ua
www.zapchast.com.ua
autoshini.com
transshina.com.ua
ukrguma.com.ua
kiaparts.com.ua
www.optics-pro.com.ua
ukroptica.com.ua
www.aks.ua
sotnyk.net
helplist.io
www.facebook.com
petlive.com.ua
bank.gov.ua
savelife.in.ua
shelter.dopomagai.org
dovidka.info
sprotyv.mod.gov.ua
klubnatura.pl
www.bamf.de
www.ukrainetakeshelter.com
www.immobilienscout24.de
chytomo.com
zib.com.ua
www.migrationsverket.se
life.pravda.com.ua
www.unterkunft-ukraine.de
life.nv.ua
t.me
upst.fwdcdn.com
trafmag.com
phoenix-widget.com
click.phoenix-widget.com
mgid.com
clck.mgid.com
adline.kiev.ua
mail.ukr.net
zakladki.ukr.net

Subject Issuer	Validity	Valid
ukr.net Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
fwdcdn.com Cloudflare Inc ECC CA-3	`2023-02-07` - `2024-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
adtcdn.com GTS CA 2P2	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.ukr.net Thawte TLS RSA CA G1	`2023-04-29` - `2024-03-29`	a year	crt.sh
*.rcvlink.com Thawte RSA CA 2018	`2022-09-25` - `2023-10-01`	a year	crt.sh
adpartner.pro R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
m.mixadvert.com R3	`2023-05-28` - `2023-08-26`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
kinoafisha.ua Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-14`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
api.phoenix-widget.com R3	`2023-04-24` - `2023-07-23`	3 months	crt.sh
loadercdn.net R3	`2023-05-31` - `2023-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
player.adtelligent.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-31` - `2023-09-05`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
cookies.nextmillmedia.com Amazon RSA 2048 M02	`2023-02-22` - `2023-08-11`	6 months	crt.sh
bb.givemelink.cc R3	`2023-04-11` - `2023-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
s2.givemelink.cc R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.rozetka.com.ua Sectigo RSA Domain Validation Secure Server CA	`2023-01-19` - `2024-02-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
wrapper-vast.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-13` - `2023-11-15`	9 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-05-23` - `2023-08-01`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.ukr.net/
Frame ID: 9B385EA9C2C4BEA04833881DFFEA5B52
Requests: 84 HTTP requests in this frame

Frame: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Frame ID: 096378209F402292868CB3EF7B927872
Requests: 7 HTTP requests in this frame

Frame: https://go.rcvlink.com/ifr/5ysrIfrF92
Frame ID: 6F6C72CD6AD133CA39CC54CFD380CBA0
Requests: 5 HTTP requests in this frame

Frame: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
Frame ID: A7C6804515807799AE77E087BAE49101
Requests: 12 HTTP requests in this frame

Frame: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
Frame ID: C6D7921CF8FB91F246A27C2098B72B2C
Requests: 5 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 87797D444782B5F6C38E187FF8AACB5B
Requests: 1 HTTP requests in this frame

Frame: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B6D341AD538D722BFC49C53A6288DB1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net
Frame ID: F6A11B387EFF076AB8FD824525E69E91
Requests: 2 HTTP requests in this frame

Frame: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F95D0753307F803CCBCB9F8869A9E85F
Requests: 23 HTTP requests in this frame

Frame: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49EA020C9A61465939901880D89700DB
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A3A0D47DD0E6150CE77C9B7FEB19F82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D416BD7B85816E8D4B2EDC4EB93E2B6C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js
Frame ID: 3146E2B4030CD70CD6D148D001C81F3D
Requests: 1 HTTP requests in this frame

Frame: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D1292E4B19A57074669852F32FD7C245
Requests: 35 HTTP requests in this frame

Frame: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D00EAF9DB2810A135D22C6D6A33D4517
Requests: 15 HTTP requests in this frame

Frame: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B8175FDA832504414BB3069B5082BA09
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html
Frame ID: A6DBCA9F65034397663CD893425B63CF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F63822EC8890790CDA5114CCFDA39736
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 00C729A652EC16CACB8159A57FE41640
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UKR.NET: Всі новини України, останні новини дня в Україні та Світі

Page URL History Show full URLs

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

226
Requests

96 %
HTTPS

53 %
IPv6

34
Domains

64
Subdomains

55
IPs

11
Countries

4267 kB
Transfer

8833 kB
Size

39
Cookies

291 Outgoing links

These are links going to different origins than the main page.

URL: http://ua.sinoptik.ua/?utm_source=ukr.net&utm_medium=main_page&utm_campaign=main_izbrannoe
Title: Sinoptik

Search URL Search Domain Scan URL

URL: http://orakul.com/
Title: Оракул

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=375206
Title: Booking

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukr_net_main&utm_medium=banner_logo&utm_campaign=logo_main
Title: Rozetka

Search URL Search Domain Scan URL

URL: https://proizd.ua/
Title: Proizd.ua

Search URL Search Domain Scan URL

URL: https://rabota.ua/ua?utm_source=ukrnet&utm_medium=cpm&utm_campaign=logo
Title: Robota.ua

Search URL Search Domain Scan URL

URL: http://rst.ua/
Title: Машини продають на сайтi RST

Search URL Search Domain Scan URL

URL: https://avtoprod.ua/
Title: Продати авто на AVTOPROD.ua

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/
Title: Avtosale - автосалони України

Search URL Search Domain Scan URL

URL: https://osago.avtosale.ua/insurance/osago
Title: Кращі ціни на автоцивілку

Search URL Search Domain Scan URL

URL: https://goroshina.ua/
Title: Шинний центр ГороШина

Search URL Search Domain Scan URL

URL: https://iron-master.com.ua/ru/glavnaya/
Title: -10% кузовний ремонт авто

Search URL Search Domain Scan URL

URL: http://www.otpusk.ua/?utm_source=ukr.net&utm_medium=cpc&utm_content=general&utm_campaign=ukr.net
Title: 100% турів на Otpusk.ua

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/avtobusni_tury_plyazh_i_more
Title: Тури на море, відпочинок

Search URL Search Domain Scan URL

URL: http://www.booking.com/index.html?aid=338493
Title: Booking - бронювання житла

Search URL Search Domain Scan URL

URL: https://dom.ria.com/uk/novostroyki/?withoutHeader=1&utm_source=ukrnet&utm_medium=clikukrnet_newbuilds&utm_campaign=newbuildings&r_audience=partners_buyers&r_source=ukr.net&r_medium=link&r_campaign=clikukrnet
Title: DOM.RIA - новобудови України

Search URL Search Domain Scan URL

URL: https://lun.ua/
Title: ЛУН - Всі новобудови

Search URL Search Domain Scan URL

URL: https://flatfy.ua/
Title: FLATFY - Квартири шукай

Search URL Search Domain Scan URL

URL: https://casada.ua/massazhnye-kresla-uk
Title: Масажні крісла Casada

Search URL Search Domain Scan URL

URL: https://litaclinic.com/?utm_source=ukr.net&utm_medium=ukr.net&utm_campaign=post
Title: Лікування безпліддя

Search URL Search Domain Scan URL

URL: https://med-mebli.com.ua/
Title: Медичні меблі

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmedtovary
Title: Медичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3idlh7f
Title: Ортопедичний магазин

Search URL Search Domain Scan URL

URL: https://bit.ly/3nKOLeo
Title: Пульсоксиметри

Search URL Search Domain Scan URL

URL: https://med-magazin.ua/?utm_source=ukrnetmainpage&utm_campaign=medmag
Title: Товари для здоров'я

Search URL Search Domain Scan URL

URL: http://doctoronline.care/
Title: Безкоштовні консультації лікарів

Search URL Search Domain Scan URL

URL: https://viveohealth.com/
Title: Онлайн консультації лікарів

Search URL Search Domain Scan URL

URL: https://teplo.app/
Title: Допомога психологів

Search URL Search Domain Scan URL

URL: https://vencon.ua/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=magazin-tehniki-vencon-ukrnet
Title: Магазин техніки Vencon.ua

Search URL Search Domain Scan URL

URL: https://budpolimer.com/?utm_source=ukr.net
Title: Господарські товари

Search URL Search Domain Scan URL

URL: https://goodmax.com.ua/uk/catalog/87-schetchiki-dlya-vody
Title: Лічильники води Goodmax

Search URL Search Domain Scan URL

URL: https://artpotolok.kiev.ua/raschet-stoimosti/
Title: Стелі Art Decor

Search URL Search Domain Scan URL

URL: http://lascala.ua/index.php?utm_source=ukr_netdom&utm_medium=link&utm_campaign=ukr_netdom
Title: Постільна білизна 1+1=3

Search URL Search Domain Scan URL

URL: http://rozetka.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=rozetka
Title: Магазин електронiки

Search URL Search Domain Scan URL

URL: http://luxchrono.com.ua/
Title: Годинники і прикраси Люксхроно

Search URL Search Domain Scan URL

URL: http://work.ua/?utm_source=ukr.net&utm_medium=advert&utm_campaign=main_rabota
Title: WORK.ua – №1 в Україні

Search URL Search Domain Scan URL

URL: http://rabota.ua/ua?utm_source=ukrnet&utm_medium=cpc&utm_campaign=link
Title: ROBOTA.ua - перевірені вакансії

Search URL Search Domain Scan URL

URL: https://optima.school/?utm_source=ukrnetLink&utm_medium=cpm&utm_campaign=workgr&utm_term=ukrnetLink
Title: Дистанційна освіта 1-11 клас

Search URL Search Domain Scan URL

URL: https://pidbir.com/selected/all/search/post=novus/?utm_source=ukrnet&utm_medium=main-link&utm_campaign=metasearch
Title: PidBir - робота без резюме

Search URL Search Domain Scan URL

URL: https://layboard.com/ua
Title: Робота за кордоном - Layboard

Search URL Search Domain Scan URL

URL: http://grc.ua/?utm_source=ukrnet&utm_medium=link&utm_campaign=main_page
Title: GRC.ua-робота професіоналам

Search URL Search Domain Scan URL

URL: https://optima.study/
Title: Курси для дітей і дорослих

Search URL Search Domain Scan URL

URL: https://cutt.ly/1B0Kz3E
Title: Курси програмування

Search URL Search Domain Scan URL

URL: https://buketland.com.ua/
Title: Квіти - BuketLand

Search URL Search Domain Scan URL

URL: http://flowers.ua/
Title: Flowers-доставка квiтів

Search URL Search Domain Scan URL

URL: https://orakul.com/num/
Title: Нумерологічний прогнози

Search URL Search Domain Scan URL

URL: https://www.accordtour.com/vsi_avtobusni_tury
Title: Автобусні тури в Європу

Search URL Search Domain Scan URL

URL: http://hvosting.ua/
Title: Домени і Хостинг Hvosting.ua

Search URL Search Domain Scan URL

URL: http://nic.ua/
Title: NIC.ua - домени і хостинг

Search URL Search Domain Scan URL

URL: http://internetua.com/
Title: СМИ - InternetUA

Search URL Search Domain Scan URL

URL: https://rx-name.ua/domains/tld/com.ua
Title: Домен com.ua 250 ₴ rx-name

Search URL Search Domain Scan URL

URL: https://sport.ua/football?utm_source=ukrnet-mainpage&utm_medium=ukrnet-link
Title: Футбол на Спорт.ua

Search URL Search Domain Scan URL

URL: https://btu.org.ua/
Title: Великий теніс України

Search URL Search Domain Scan URL

URL: http://rada.gov.ua/
Title: Верховна Рада України

Search URL Search Domain Scan URL

URL: https://www.president.gov.ua/
Title: Президент України

Search URL Search Domain Scan URL

URL: https://court.gov.ua/
Title: Верховний Суд

Search URL Search Domain Scan URL

URL: https://www.kmu.gov.ua/
Title: Кабінет Міністрів України

Search URL Search Domain Scan URL

URL: http://www.bank.gov.ua/
Title: Нацбанк

Search URL Search Domain Scan URL

URL: http://igov.org.ua/
Title: iGov - портал державних послуг

Search URL Search Domain Scan URL

URL: https://covid19.com.ua/
Title: Відомості про коронавірус

Search URL Search Domain Scan URL

URL: https://adp.digital/ap-landings/2/publisher.php?utm_source=own_promo&utm_medium=unit&utm_campaign=adpartner

Search URL Search Domain Scan URL

URL: https://a4p.adpartner.pro/click/6513/3222547/25f99cc3-b59b-4f0b-9c3b-026c88312ae1?data=eyJjcmVhdGVkX2F0IjoxNjg2MTQ1MjAzLCJzaG93X2lkIjoiMjVmOTljYzMtYjU5Yi00ZjBiLTljM2ItMDI2Yzg4MzEyYWUxIiwiYWRfdW5pdF9pZCI6NjUxMywicnVsZV9pZCI6MCwiYWRfaWQiOjMyMjI1NDcsImRhdGFfc291cmNlIjoiYXBwLWpzdS1wbC0yMDp0aXplcl9hZCIsInBsYXRmb3JtX2lkIjoxLCJvc19pZCI6NSwiYnJvd3Nlcl9pZCI6MSwiY3VzdG9tZXJfaWQiOiI3OTFkMmNkZS1hNDYxLTRiMzMtYjVjMS0yM2VkOWEwOGZhZmQiLCJyZWdpb25faWQiOjg2LCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0=&hash=8f5a3564fb31abc33df4592694439d81

Search URL Search Domain Scan URL

URL: https://www.europe-stomatolog-centre.com.ua/
Title: <img src="https://upst.fwdcdn.com/temp/blocks/4/5588/head.1.jpg" alt=""/>

Search URL Search Domain Scan URL

URL: https://mixadvert.com/

Search URL Search Domain Scan URL

URL: https://m.mixadvert.com/go/?h=8039d28d7d6e44471aa4db66b1ece545&t=444317&b=1559

Search URL Search Domain Scan URL

URL: http://kinoafisha.ua/

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/inoplanetyanka?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BD%D0%BE%D0%BF%D0%BB%D0%B0%D0%BD%D0%B5%D1%82%D1%8F%D0%BD%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/oberejno-k-n?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9E%D1%81%D1%82%D0%BE%D1%80%D0%BE%D0%B6%D0%BD%D0%BE%2C+%D0%BA%D0%BE%D0%BD%D1%8C
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/straji-galaktiki-3?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A1%D1%82%D1%80%D0%B0%D0%B6%D0%B8+%D0%93%D0%B0%D0%BB%D0%B0%D0%BA%D1%82%D0%B8%D0%BA%D0%B8+3
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/megalodon-cornii-demon?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B5%D0%B3%D0%B0%D0%BB%D0%BE%D0%B4%D0%BE%D0%BD.+%D0%A7%D0%B5%D1%80%D0%BD%D1%8B%D0%B9+%D0%B4%D0%B5%D0%BC%D0%BE%D0%BD
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mavka-lesnaya-pesnya?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B0%D0%B2%D0%BA%D0%B0.+%D0%9B%D0%B5%D1%81%D0%BD%D0%B0%D1%8F+%D0%BF%D0%B5%D1%81%D0%BD%D1%8F
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/riziki-i-pob-csn-efekti?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A0%D0%B8%D1%81%D0%BA%D0%B8+%D0%B8+%D0%BF%D0%BE%D0%B1%D0%BE%D1%87%D0%BD%D1%8B%D0%B5+%D1%8D%D1%84%D1%84%D0%B5%D0%BA%D1%82%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/luaksemburg-luaksemburg?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9B%D1%8E%D0%BA%D1%81%D0%B5%D0%BC%D0%B1%D1%83%D1%80%D0%B3%2C+%D0%9B%D1%8E%D0%BA%D1%81%D0%B5%D0%BC%D0%B1%D1%83%D1%80%D0%B3
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/blekberr?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D0%BB%D1%8D%D0%BA%D0%91%D0%B5%D1%80%D1%80%D0%B8
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/prividi-budinku-vbivc?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D1%80%D0%B8%D0%B7%D1%80%D0%B0%D0%BA%D0%B8+%D0%B4%D0%BE%D0%BC%D0%B0-%D1%83%D0%B1%D0%B8%D0%B9%D1%86%D1%8B
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/forsaj-10?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A4%D0%BE%D1%80%D1%81%D0%B0%D0%B6+%D0%A5
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/best-erotic-shorts-4?utm_source=ukr.net&utm_medium=informer&utm_campaign=Best+Erotic+Shorts+-+4
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/superbratya-mario?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%91%D1%80%D0%B0%D1%82%D1%8C%D1%8F+%D1%81%D1%83%D0%BF%D0%B5%D1%80+%D0%9C%D0%B0%D1%80%D0%B8%D0%BE+%D0%B2+%D0%BA%D0%B8%D0%BD%D0%BE
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/nfluaenser?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%98%D0%BD%D1%84%D0%BB%D1%8E%D1%8D%D0%BD%D1%81%D0%B5%D1%80
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/rusalochska?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A0%D1%83%D1%81%D0%B0%D0%BB%D0%BE%D1%87%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/tatus-v-u-kend?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%B0%D0%BF%D0%B8%D0%BD+%D1%83%D0%B8%D0%BA%D0%B5%D0%BD%D0%B4
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/spider-man-across-the-spider-verse-part-one?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A7%D0%B5%D0%BB%D0%BE%D0%B2%D0%B5%D0%BA-%D0%BF%D0%B0%D1%83%D0%BA%3A+%D1%81%D0%BA%D0%B2%D0%BE%D0%B7%D1%8C+%D0%B2%D1%81%D0%B5%D0%BB%D0%B5%D0%BD%D0%BD%D1%83%D1%8E
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/mizantrop?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D0%B7%D0%B0%D0%BD%D1%82%D1%80%D0%BE%D0%BF
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/pamfir?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9F%D0%B0%D0%BC%D1%84%D0%B8%D1%80
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/kandagar1?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%9C%D0%B8%D1%81%D1%81%D0%B8%D1%8F+%D0%9A%D0%B0%D0%BD%D0%B4%D0%B0%D0%B3%D0%B0%D1%80
Title: купити квитки

Search URL Search Domain Scan URL

URL: https://kinoafisha.ua/ua/films/licar-zod-aku?utm_source=ukr.net&utm_medium=informer&utm_campaign=%D0%A0%D1%8B%D1%86%D0%B0%D1%80%D0%B8+%D0%97%D0%BE%D0%B4%D0%B8%D0%B0%D0%BA%D0%B0
Title: купити квитки

Search URL Search Domain Scan URL

URL: http://avtosale.ua/?utm_source=ukr.net&utm_medium=Logo&utm_campaign=informers

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=936&utm_source=ukr.net&utm_medium=Hyundai_Santa_fe&utm_campaign=informers&CarCommercial=2
Title: 1 265 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=32630&utm_source=ukr.net&utm_medium=Renault_Sandero_stepway&utm_campaign=informers&CarCommercial=2
Title: 437 100 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=1747&utm_source=ukr.net&utm_medium=Ford_Transit_connect&utm_campaign=informers&CarCommercial=2
Title: 681 714 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=927&modelId=954&utm_source=ukr.net&utm_medium=Hyundai_I10&utm_campaign=informers&CarCommercial=2
Title: 377 300 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=32971&utm_source=ukr.net&utm_medium=Ford_Tourneo_custom&utm_campaign=informers&CarCommercial=2
Title: 1 249 559 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=5201&utm_source=ukr.net&utm_medium=Renault_Koleos&utm_campaign=informers&CarCommercial=2
Title: 751 900 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1723&modelId=2237&utm_source=ukr.net&utm_medium=Ford_Kuga&utm_campaign=informers&CarCommercial=2
Title: 805 311 грн

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/?markId=1826&modelId=16977&utm_source=ukr.net&utm_medium=Renault_Duster&utm_campaign=informers&CarCommercial=2
Title: 428 900 грн

Search URL Search Domain Scan URL

URL: https://www.ukrinform.ua/rubric-polytics/3719604-zelenskij-obgovoriv-z-erdoganom-terakt-na-kahovskij-ges-povernenna-polonenih-i-zernovu-ugodu.html
Title: Зеленський обговорив з Ердоганом теракт на Каховській ГЕС, повернення полонених і зернову угоду

Search URL Search Domain Scan URL

URL: https://rubryka.com/2023/06/07/verhnya-palata-parlamentu-shvejtsariyi-pidtrymala-reeksport-zbroyi-v-ukrayinu/
Title: Верхня палата парламенту Швейцарії підтримала реекспорт зброї в Україну

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/news/general/915222.html
Title: Глава МВС: Підтоплено 29 населених пунктів у Херсонській області

Search URL Search Domain Scan URL

URL: https://www.rbc.ua/rus/news/sbu-povidomila-pidozru-7-polonenim-boyovikam-1686144342.html
Title: СБУ повідомила про підозру 7 полоненим бойовикам

Search URL Search Domain Scan URL

URL: https://uatv.ua/uk/sytuatsiya-na-avdiyivskomu-napryamku-u-zsu-ye-pevni-operatyvni-uspihy-dani-miskoyi-vijskovoyi-administratsiyi/
Title: Ситуація на Авдіївському напрямку: у ЗСУ є певні оперативні успіхи — дані міської військової адміністрації

Search URL Search Domain Scan URL

URL: https://espreso.tv/pidriv-rosieyu-kakhovskoi-ges-sprichiniv-zrostannya-tsin-u-sviti-na-pshenitsyu-kukurudzu-ta-oves
Title: Підрив Росією Каховської ГЕС спричинив зростання цін у світі на пшеницю, кукурудзу та овес

Search URL Search Domain Scan URL

URL: https://www.pravda.com.ua/news/2023/06/7/7405767/
Title: У Миколаєві знову піднялася вода через підрив ГЕС

Search URL Search Domain Scan URL

URL: https://socportal.info/ua/news/rosiyani-sprichinili-vitik-amiaku-na-kharkivshchini/
Title: Росіяни спричинили витік аміаку на Харківщині

Search URL Search Domain Scan URL

URL: https://zn.ua/ukr/usa/kirbi-u-spoluchenikh-shtativ-dostatno-resursiv-dlja-toho-shchob-pidtrimuvati-ukrajinu-do-kintsja-finansovoho-roku.html
Title: Кірбі: У Сполучених Штатів достатньо ресурсів для того, щоб підтримувати Україну до кінця фінансового року

Search URL Search Domain Scan URL

URL: https://bykvu.com/ua/bukvy/zelenskyi-proviv-telefonnu-rozmovu-erdohanom-shchodo-kakhovskoi-hes/
Title: Зеленський провів телефонну розмову Ердоганом щодо Каховської ГЕС

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3423242/90_suddiv_vaks_otrymaly_slujbovi_kvartyry_advokat_krykuntrush
Title: 90% суддів ВАКС отримали службові квартири, - адвокат Крикун-Труш

Search URL Search Domain Scan URL

URL: https://ukrainian.voanews.com/a/kherson-evakuatsija/7126769.html
Title: США та інші країни допомагають Україні з евакуацією із затоплених районів

Search URL Search Domain Scan URL

URL: https://ua.news/ua/ukraine/podryv-kahovskoj-ges-sushhestvenno-usylyt-davlenye-kytaya-na-rossyyu
Title: Підрив Каховської ГЕС істотно посилить тиск Китаю на росію

Search URL Search Domain Scan URL

URL: https://thepage.ua/ua/news/sense-bank-hoche-kupiti-polskij-milyarder-zigmunt-solozh
Title: «Сенс Банк» планує купити польский мільярдер

Search URL Search Domain Scan URL

URL: https://uaprom.info/news/189036-nacbank-poyasniv-upovilnennya-inflyaciyi.html
Title: Нацбанк пояснив уповільнення інфляції

Search URL Search Domain Scan URL

URL: https://finance.obozrevatel.com/ukr/economy/v-ukraini-podeshevshayut-ovochi-ale-ne-vsi-ozvucheno-novi-tsini-na-cherven.htm
Title: В Україні подешевшають овочі, але не всі: озвучено нові ціни на червень

Search URL Search Domain Scan URL

URL: https://espreso.tv/ukrzaliznitsya-priznachila-dodatkoviy-potyag-odesa-kiiv
Title: Укрзалізниця призначила додатковий потяг Одеса-Київ

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/2031129-situatsiya-na-zaporizkiy-aes-stabilna-ova
Title: Ситуація на Запорізькій АЕС стабільна – ОВА

Search URL Search Domain Scan URL

URL: https://cripo.com.ua/news/crime/sud-vynis-vyrok-zhintsi-yaka-obikrala-pidlitka-i-namagalas-vidkupytys-vid-vidpovidalnosti/
Title: Суд виніс вирок жінці, яка обікрала підлітка і намагалась відкупитись від відповідальності

Search URL Search Domain Scan URL

URL: https://bomok.com.ua/novyny/cholovika-yakyj-povernuvsya-v-ukrayinu-pislya-sluzhby-v-rosijskij-armiyi-sudyly-za-derzhzradu/
Title: Чоловіка, який повернувся в Україну після служби в російській армії, судили за держзраду

Search URL Search Domain Scan URL

URL: https://internetua.com/vidomo-pro-stan-zdorov-ya-divcsat-yaki-na-harkivsxini-pidirvalisya-na-mini-v-avtomobili
Title: Відомо про стан здоров'я дівчат, які на Харківщині підірвалися на міні в автомобілі

Search URL Search Domain Scan URL

URL: http://magnolia-tv.com/news/91280-na-kyyivshchyni-politsiya-zatrymala-molodyka-za-pidozroyu-u-vyhotovlenni-ta-zbuti?prov=ukrnet
Title: На Київщині поліція затримала молодика за підозрою у виготовленні та збуті амфетаміну. ВІДЕО

Search URL Search Domain Scan URL

URL: https://usionline.com/zhorstka-avariia-pid-odesoiu-postrazhdaly-malenki-dity-foto/
Title: Жорстка аварія під Одесою: постраждали маленькі діти (фото)

Search URL Search Domain Scan URL

URL: https://internetua.com/u-hmelnickomu-upc-mp-pozbavili-prava-koristuvatisya-16-zemelnimi-dilyankami
Title: У Хмельницькому УПЦ МП позбавили права користуватися 16 земельними ділянками

Search URL Search Domain Scan URL

URL: https://tsn.ua/svit/termin-legalnogo-perebuvannya-ukrayinciv-u-polschi-zakon-pro-dopomogu-bizhencyam-zmineno-2345428.html
Title: Термін легального перебування українців у Польщі: закон про допомогу біженцям змінено

Search URL Search Domain Scan URL

URL: http://www.fixygen.ua/news/20230607/volonteri-tchhu.html
Title: Волонтери ТЧХУ евакуюють маломобільних людей із зон підтоплення

Search URL Search Domain Scan URL

URL: https://thepage.ua/ua/news/yak-mozhna-dopomogti-postrazhdalim-vid-pidrivu-kahovskoyi-ges
Title: Триває евакуація на Херсонщині: чого найбільше потребують постраждалі

Search URL Search Domain Scan URL

URL: https://sil.media/p/ukrayinski-mittsi-vidreaguvali-na-pidriv-kakhovskoyi-ges-813875
Title: Українські митці відреагували на підрив Каховської ГЕС

Search URL Search Domain Scan URL

URL: http://westnews.info/news/Lvivyanina-yakij-obikrav-vijskovogo-na-Lichakivskomu-kladovishhi-zatrimali-u-Kiyevi.html
Title: Львів'янина, який обікрав військового на Личаківському кладовищі, затримали у Києві

Search URL Search Domain Scan URL

URL: https://news.obozrevatel.com/ukr/kiyany/proisshestviya/u-kievi-na-pishohidnomu-perehodi-zitknulis-velosipedist-ta-cholovik-na-elektrosamokati-oboh-gospitalizuvali-foto.htm
Title: У Києві на пішохідному переході зіткнулись велосипедист та чоловік на електросамокаті: обох госпіталізували. Фото

Search URL Search Domain Scan URL

URL: https://toneto.net/news/kultura/ki--vska-ges-zahishchena-v--d-drg-ta-udar--v-z-pov--trya----na--v-us---mogliv---zagrozi-anal--zuyutsya-ta-priymayutsya-neobh--dn---zahodi-ki--vshchina
Title: Київська ГЕС захищена від ДРГ та ударів з повітря – Наєв

Search URL Search Domain Scan URL

URL: https://www.unn.com.ua/uk/news/2031127-u-kiyevi-zapratsyuvav-servis-yekutochok-dlya-timchasovogo-pritulku-tvarin
Title: У Києві запрацював сервіс "єКуточок" для тимчасового притулку тварин

Search URL Search Domain Scan URL

URL: https://bigkyiv.com.ua/novyj-park-na-chest-geroya-ukrayiny-v-kyyevi-gromada-rajonu-zvernulas-do-klychka/
Title: Новий парк на честь Героя України в Києві: громада району звернулась до Кличка

Search URL Search Domain Scan URL

URL: https://players.com.ua/news/twitch-posilila-pravila-dlya-strimeriv-ale-cherez-kritiku-kompaniya-majzhe-vidrazu-vidminila-zmini/
Title: Twitch посилила правила для стримерів, але через критику компанія майже відразу відмінила зміни

Search URL Search Domain Scan URL

URL: https://xn--b1alfsfclih.com/sec-%d0%bf%d1%80%d0%b5%d0%b4%d1%81%d1%82%d0%b0%d0%b2%d0%bb%d1%8f%d1%94-%d0%bd%d0%be%d0%b2%d1%83-%d0%b5%d1%80%d1%83-%d0%b4%d0%bb%d1%8f-%d0%ba%d1%80%d0%b8%d0%bf%d1%82%d0%be%d0%b2%d0%b0%d0%bb%d1%8e%d1%82/
Title: SEC представляє нову еру для криптовалют

Search URL Search Domain Scan URL

URL: https://forklog.com/news/circle-poluchila-litsenziyu-platezhnogo-uchrezhdeniya-v-singapure
Title: Circle получила лицензию платежного учреждения в Сингапуре

Search URL Search Domain Scan URL

URL: https://vctr.media/ua/nova-nejronka-vid-google-stvoryuye-zobrazhennya-v-styli-odniyeyi-kartynky-foto-186379/
Title: Навіщо Google навчив нейронку імітувати різні візуальні стилі?

Search URL Search Domain Scan URL

URL: https://ilenta.com/uk/news/smartphone/smartphone_4775.html
Title: Глобальний варіант Xiaomi 13 Ultra побував у Bluetooth SIG

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/06/najstarishomu-shimpanze-na-yevropejskomu-kontinenti-vipovnilosya-50-rokiv
Title: Найстарішому шимпанзе на європейському континенті виповнилося 50 років

Search URL Search Domain Scan URL

URL: https://internetua.com/-ce-katastrofa-vcseni-ocinili-yak-agresiya-proti-ukrayini-zbilshit-shkidlivi-vikidi
Title: "Це катастрофа". Вчені оцінили, як агресія проти України збільшить шкідливі викиди

Search URL Search Domain Scan URL

URL: https://news.uaportal.com/ukr/section-news/news-v-meksike-nashli-kanoe-naroda-majya-vozrastom-1000-let-07-06-2023.html
Title: В Мексиці знайшли каное народу майя віком 1000 років

Search URL Search Domain Scan URL

URL: https://babel.ua/news/94808-na-kosta-rici-samka-krokodila-vidklala-yaycya-bez-statevogo-kontaktu-iz-samcem-ce-pershiy-zafiksovaniy-vipadok
Title: На Коста-Ріці самка крокодила відклала яйця без статевого контакту із самцем. Це перший зафіксований випадок

Search URL Search Domain Scan URL

URL: https://portaltele.com.ua/news/kosmos/atomy-temnoyi-materiyi-mozhut-utvoryuvaty-tinovi-galaktyky-zi-shvydkym-utvorennyam-zirok.html
Title: Атоми темної матерії можуть утворювати тіньові галактики зі швидким утворенням зірок

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/06/ukra%d1%97nci-zavezli-rekordnu-kilkist-avtomobiliv-z-za-kordonu-yaki-modeli-najpopulyarnishi
Title: Українці завезли рекордну кількість автомобілів з-за кордону: які моделі найпопулярніші

Search URL Search Domain Scan URL

URL: https://autotheme.info/military/194366-zsu-otrimali-na-ozbroyennya-bojovu-mashinu-na-bazi-tanka-foto.html
Title: ЗСУ отримали на озброєння бойову машину на базі танка (фото)

Search URL Search Domain Scan URL

URL: https://wheel-news.com/12177-volvo-predstavyla-ex30-naykompaktnishyy-i-nayshvydshyy-krosover-brendu
Title: Volvo представила EX30: найкомпактніший і найшвидший кросовер бренду

Search URL Search Domain Scan URL

URL: https://nnews.com.ua/na-ukrayinskyh-dorogah-z-yavylasya-nova-unikalna-rozmitka-foto.html
Title: На українських дорогах з’явилася нова унікальна розмітка (Фото)

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/148133-ponad-pivmiliona-ukrainskykh-avtomobiliv-mozhut-staty-nelegalnymy-roziasnennia.html
Title: Понад півмільйона українських автомобілів можуть стати нелегальними - роз’яснення

Search URL Search Domain Scan URL

URL: https://ua.tribuna.com/uk/football/1000000072647-luchesku-poluchil-predlozhenie-ot-alnasra-no-vryad-li-so/
Title: Луческу отримав пропозицію від «Аль-Насра», але навряд чи погодиться (DigiSport)

Search URL Search Domain Scan URL

URL: https://fanday.net/news/dovbik-reshilsya-na-novyi-kontrakt-s-dneprom-1-zhurnalist-obyasnil-kak-eto-otrazitsya-na-ego-transfere-v-evropu
Title: Довбик решился на новый контракт с Днепром-1: журналист объяснил, как это отразится на его трансфере в Европу

Search URL Search Domain Scan URL

URL: https://ukrfootball.ua/news/seleznov-ta-iogo-proshalnii-match-aliyev-opublikuvav-video-diistva-sho-vidbulosya-pislya-gri/
Title: Селезньов та його прощальний матч: Алієв опублікував відео дійства, що відбулося після гри

Search URL Search Domain Scan URL

URL: http://ukrbasket.net/news/marina-maksimchuk-emoc-gravcv-vd-uchast-v-vyubl-vart-togo-schob-provoditi-podbn-zmagannya
Title: Марина Максимчук: Емоції гравців від участі в ВЮБЛ варті того, щоб проводити подібні змагання

Search URL Search Domain Scan URL

URL: https://xsport.ua/ua/boxing_s/news/promouter-usyka-vystupyv-z-zhorstkymy-vymogamy-do-f-yuri-byysya-abo-idy-u-vidstavku_8804877/
Title: Промоутер Усика виступив з жорсткими вимогами до Ф’юрі – бийся або іди у відставку

Search URL Search Domain Scan URL

URL: https://bykvu.com/ua/bukvy/masovyi-mor-ryby-vnaslidok-pidryvu-kakhovskoi-hes-u-moz-nadaly-alhorytm-dii-na-tli-zrostaiuchoi-nebezpeky/
Title: Масовий мор риби внаслідок підриву Каховської ГЕС: у МОЗ надали алгоритм дій на тлі зростаючої небезпеки

Search URL Search Domain Scan URL

URL: https://ua-vestnik.com/zdorovya/likari-nazvali-golovnu-prichinu-poyavi-xvorobi-parkinsona.html
Title: Лікарі назвали головну причину появи хвороби Паркінсона

Search URL Search Domain Scan URL

URL: https://beautytips.kyiv.ua/novini/nevrolog-z-ssha-nazvav-produkt-dlya-polipshennya-yakosti-snu/
Title: Невролог з США назвав продукт для поліпшення якості сну

Search URL Search Domain Scan URL

URL: https://medfactor.com.ua/novini/poyavu-krov-8217-yanih-plyam-v-ochah-pov-8217-yazali-iz-visokim-tiskom/
Title: Появу кров’яних плям в очах пов’язали із високим тиском

Search URL Search Domain Scan URL

URL: https://medicalanswers.com.ua/novyny/171-liky-vid-stresu-187-likar-rozpovila-yaki-solodoshhi-yisty-pid-chas-vijny/
Title: «Ліки від стресу»: лікар розповіла, які солодощі їсти під час війни

Search URL Search Domain Scan URL

URL: https://novyny.live/shou-biznes/druzhina-timura-miroshnichenka-shokuvala-prichinoiu-z-iakoyi-voni-dosi-ne-vsinovili-ditinu-99090.html
Title: Дружина Тімура Мірошниченка шокувала причиною, з якої вони досі не всиновили дитину

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/06/andzhelina-dzholi-pochala-spivpracyuvati-z-vidomim-francuzkim-budinkom-modi
Title: Анджеліна Джолі почала співпрацювати з відомим французьким будинком моди

Search URL Search Domain Scan URL

URL: https://ua-novosti.info/shoubiznes/andrij-dzhedzhula-zaintriguvav-faniv-fotografiyeyu-z-nemovlyam-na-rukax-ya-znovu-tato.html
Title: Андрій Джеджула заінтригував фанів фотографією з немовлям на руках: “Я знову тато”

Search URL Search Domain Scan URL

URL: https://woman24.kyiv.ua/shou-biznes/dzhennifer-lopes-na-shopingu-v-duzhe-provokatsijnij-sukni-z-rozrizami-do-sidnits/
Title: Дженніфер Лопес на шопінгу в дуже провокаційній сукні з розрізами до сідниць

Search URL Search Domain Scan URL

URL: https://bzh.life/ua/mesta-i-veshi/1686143954-brend-medicine-vipustiv-kolektsiyu-motivami/
Title: Польський бренд випустив колекцію одягу за мотивами Марії Примаченко

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/06/do-polshhi-perekidayut-pershi-pivdennokorejski-vinishhuvachi-fa-50
Title: До Польщі перекидають перші південнокорейські винищувачі FA-50

Search URL Search Domain Scan URL

URL: https://internetua.com/papu-rimskogo-gospitalizuvali-dlya-operaciyi-na-cserevnii-porojnini
Title: Папу Римського госпіталізували для операції на черевній порожнині

Search URL Search Domain Scan URL

URL: https://bykvu.com/ua/bukvy/lisovi-pozhezhi-poshyriuiutsia-kanadoiu-vid-brytanskoi-kolumbii-do-novoi-shotlandii/
Title: Лісові пожежі поширюються Канадою: від Британської Колумбії до Нової Шотландії

Search URL Search Domain Scan URL

URL: https://censor.net/ua/news/3423238/yes_rozpochav_provadjennya_proty_polschi_cherez_zakon_pro_rosiyiskyyi_vplyv
Title: ЄС розпочав провадження проти Польщі через закон про російський вплив

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2023/06/7/7163228/
Title: У Литві визнали неконституційним закон, ухвалений для стримування навали мігрантів із Білорусі

Search URL Search Domain Scan URL

URL: https://meta.ua/uk/news/world/78073-yapontsi-pochali-vidviduvati-kursi-z-posmishok/
Title: Японці почали відвідувати курси з посмішок

Search URL Search Domain Scan URL

URL: https://ua-vestnik.com/kurjozi/pesik-yakij-otrimav-ulyubleni-lasoshhi-roztancyuvavsya-vid-radosti.html
Title: Песик, який отримав улюблені ласощі, розтанцювався від радості

Search URL Search Domain Scan URL

URL: https://glamour.kyiv.ua/domogospodarka/kumedne-video-pro-nahabnogo-fazana-yakij-virishiv-polasuvati-obidom-kota/
Title: Кумедне відео про нахабного фазана, який вирішив поласувати обідом кота

Search URL Search Domain Scan URL

URL: https://u-news.com.ua/148121-khlopchyk-v-12-rokiv-otrymav-piat-dyplomiv-pro-vyshchu-osvitu-ak-iomu-ce-vdalosia.html
Title: Хлопчик в 12 років отримав п'ять дипломів про вищу освіту: як йому це вдалося

Search URL Search Domain Scan URL

URL: https://novosti-n.org/ua/ukraine/Prykolni-fotky-zrobleni-v-potribnyj-moment-304020
Title: Прикольні фотки, зроблені в потрібний момент

Search URL Search Domain Scan URL

URL: https://focus.ua/uk/voennye-novosti/571237-ukrajinski-fahivci-buduvatimut-patrulni-kateri-dlya-dpsu-u-franciji-foto
Title: Українські фахівці будуватимуть патрульні катери для ДПСУ у Франції (фото)

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/06/druzhina-ronaldu-prijshla-na-simejne-svyato-u-vidvertomu-vbranni-foto
Title: Дружина Роналду прийшла на сімейне свято у відвертому вбранні (ФОТО)

Search URL Search Domain Scan URL

URL: https://toneto.net/news/kultura/use-vir--shu---kohannya--chotiri-m--lyarderi--yak---obrali-za-druginu--zvichaynih--g--nok--zruynuvavshi-stereotipi--foto-pr--stsilla-chan-podaruvala-marku-tsukerbergu-3-donok-lyudi
Title: Стали відомі чотири мільярдери, які обрали за дружину "звичайних" жінок, зруйнувавши стереотипи

Search URL Search Domain Scan URL

URL: https://cbn.com.ua/2023/06/07/u-kropyvnytskomu-provely-v-ostannyu-put-zagyblogo-pilota-foto/
Title: У Кропивницькому провели в останню путь загиблого пілота (фото)

Search URL Search Domain Scan URL

URL: https://realgazeta.com.ua/v-khersoni-tryvaie-evakuatsiia-yak-zaraz-vyhliadaie-zatoplene-misto/
Title: В Херсоні триває евакуація. Як зараз виглядає затоплене місто

Search URL Search Domain Scan URL

URL: https://v-variant.com.ua/bilia-bakhmuta-zsu-vzialy-v-polon-chotyrokh-rosiyskykh-okupantiv-video/
Title: Біля Бахмута ЗСУ взяли в полон чотирьох російських окупантів (відео)

Search URL Search Domain Scan URL

URL: https://novyny.live/society/zelenskii-pokazav-zvorushlive-video-iak-zhiteli-khersonshchini-riatuiut-tvarin-99085.html
Title: Зеленський показав зворушливе відео, як жителі Херсонщини рятують тварин

Search URL Search Domain Scan URL

URL: https://politarena.online/rosiiany-pidirvaly-amiakoprovid-na-kharkivshchyni-v-merezhi-z-iavylosia-video-23378/
Title: Росіяни підірвали аміакопровід на Харківщині: в мережі з’явилося відео

Search URL Search Domain Scan URL

URL: https://internetua.com/zirvav-evakuaciua-ukrayinskii-dron-atakuvav-btr-ta-vraziv-bagato-okupantiv-video-
Title: Зірвав евакуацію: український дрон атакував БТР та вразив багато окупантів (відео)

Search URL Search Domain Scan URL

URL: https://informator.ua/uk/dron-povernuvsya-viyskovi-406-ji-brigadi-peredali-ryativnu-plyashku-vodi-zhinci-y-dityam-na-dahu-zatoplenogo-budinku-video
Title: Дрон повернувся: військові 406-ї бригади передали рятівну пляшку води жінці й дітям на даху затопленого будинку - відео

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/06/lev-bude-v-centri-uvagi-a-na-divu-chekaye-samotnist-goroskop-do-kincya-tizhnya
Title: Лев буде в центрі уваги, а на Діву чекає самотність: гороскоп до кінця тижня

Search URL Search Domain Scan URL

URL: https://pixelinform.com/home/ruchky-plyty-syayatymut-yak-novi-yak-vidmyty-yih-vid-sharu-zastarilogo-zhyru/
Title: Ручки плити сяятимуть, як нові: як відмити їх від шару застарілого жиру

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/vogueman/shopping/cholovichi-futbolki-vid-ukrajinskih-brendiv-52502.html
Title: Made in Ukraine: 10 чоловічих футболок на будь-який смак

Search URL Search Domain Scan URL

URL: https://zhenskiy.kyiv.ua/lifestyle/majstri-lezhati-na-divani-tri-znaki-zodiaku-yakih-vvazhayut-najbilsh-ledachimi/
Title: Майстри лежати на дивані: три знаки Зодіаку, яких вважають найбільш ледачими

Search URL Search Domain Scan URL

URL: https://womanlife.kyiv.ua/lifestyle/nazvano-tri-znaki-zodiaku-shho-znahodyatsya-pid-zahistom-vishhih-sil-bidi-yih-ominayut/
Title: Названо три знаки зодіаку, що знаходяться під захистом вищих сил: біди їх оминають

Search URL Search Domain Scan URL

URL: https://prostoway.com/47005-oryginalna-namazka-na-snidanok-dlya-mlyncziv-ta-bulochok
Title: Оригінальна намазка на сніданок для млинців та булочок

Search URL Search Domain Scan URL

URL: https://newsyou.info/2023/06/cikavij-sposib-yak-zrobiti-myaso-sokovitim-i-smachnishim
Title: Цікавий спосіб, як зробити м’ясо «соковитим» і смачнішим

Search URL Search Domain Scan URL

URL: http://storinka.com.ua/ukr/2023/06/prostoj-i-neobycajno-vkusnyj-recept-limonnogo-piroga-s-makom/
Title: Простий та надзвичайно смачний рецепт лимонного пирога з маком

Search URL Search Domain Scan URL

URL: https://plyashka.com/nizhnyy-i-smachnyy-pashtet-iz-500-hram-kuryachoho-file-dilyusya-perevirenym-retseptom/
Title: Ніжний і смачний паштет із 500 грам курячого філе: ділюся перевіреним рецептом

Search URL Search Domain Scan URL

URL: https://zhenskiy.kyiv.ua/retsepti/kreker-z-kunzhutom-ta-arahisom/
Title: Крекер з кунжутом та арахісом

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpd&utm_campaign=banner_shiny-diski_brendirovanie-toplivo&utm_content=120-77

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aries/today.html
Title: Овен

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/taurus/today.html
Title: Телець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/gemini/today.html
Title: Близнюки

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/cancer/today.html
Title: Рак

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/lion/today.html
Title: Лев

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/virgo/today.html
Title: Дiва

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/libra/today.html
Title: Терези

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/scorpio/today.html
Title: Скорпiон

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/sagittarius/today.html
Title: Стрiлець

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/capricorn/today.html
Title: Козоріг

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/aquarius/today.html
Title: Водолій

Search URL Search Domain Scan URL

URL: http://orakul.com/horoscope/astrologic/general/pisces/today.html
Title: Риби

Search URL Search Domain Scan URL

URL: http://orakul.com/sonnik/
Title: Сонник

Search URL Search Domain Scan URL

URL: http://orakul.com/imena/
Title: Тлумачення імен

Search URL Search Domain Scan URL

URL: http://orakul.com/taro/
Title: Таро

Search URL Search Domain Scan URL

URL: https://shinadiski.com.ua/
Title: Шини для авто та диски

Search URL Search Domain Scan URL

URL: https://www.zapchast.com.ua/
Title: Автозапчастини

Search URL Search Domain Scan URL

URL: http://rezina.cc/?utm_source=ukr.net&utm_medium=cpc&utm_campaign=link_shiny-diski_ssylka-na-glavnoy&utm_content=text
Title: Авторезина та диски

Search URL Search Domain Scan URL

URL: http://avtosale.ua/new_tender/
Title: Купити нове авто

Search URL Search Domain Scan URL

URL: https://autoshini.com/?utm_source=ukr.net
Title: Шини та диски

Search URL Search Domain Scan URL

URL: http://transshina.com.ua/
Title: Автошини та диски

Search URL Search Domain Scan URL

URL: https://ukrguma.com.ua/poroshkove-farbuvannya/
Title: Фарбування дисків

Search URL Search Domain Scan URL

URL: http://kiaparts.com.ua/
Title: Запчаст. Kia, Hyundai

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_liberti-967/
Title: Інфініті ВІДІ Ліберті

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_insite-1120/
Title: Хонда ВІДІ Інсайт

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_armada-993/
Title: Ніссан ВІДІ Армада

Search URL Search Domain Scan URL

URL: http://avtosale.ua/avtosalon/Vidi_avtostrada-961/
Title: Corolla в наявності

Search URL Search Domain Scan URL

URL: https://www.optics-pro.com.ua/?utm_source=ukrnet&utm_medium=links&utm_campaign=optica
Title: Оптика для полювання

Search URL Search Domain Scan URL

URL: https://ukroptica.com.ua/
Title: Тепловізори і оптика

Search URL Search Domain Scan URL

URL: https://www.aks.ua/uk/
Title: Мобільні аксесуари

Search URL Search Domain Scan URL

URL: https://sotnyk.net/ua/teplovizory/
Title: Військові тепловізори

Search URL Search Domain Scan URL

URL: https://helplist.io/
Title: Об'єднання волонтерів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/687761881312683
Title: Свалявський рух опору

Search URL Search Domain Scan URL

URL: https://petlive.com.ua/
Title: Перетримка тварин

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/about/support-the-armed-forces
Title: Допомога ЗСУ

Search URL Search Domain Scan URL

URL: https://savelife.in.ua/donate/
Title: Підтримка армії

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/create?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_host&utm_id=ukrnet
Title: Житло біженцям

Search URL Search Domain Scan URL

URL: https://dovidka.info/
Title: Dovidka.info

Search URL Search Domain Scan URL

URL: https://www.facebook.com/president.gov.ua
Title: Офіс Президента

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KabminUA
Title: Кабінет Міністрів

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mvs.gov.ua
Title: Мін. внутрішніх справ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MNS.GOV.UA
Title: ДСНС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TerritorialDefenseForces
Title: ТерО ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUStratCom
Title: СтратКом ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dsszzi
Title: Держспецзвʼязок

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AFUkraine
Title: ЗС України

Search URL Search Domain Scan URL

URL: https://sprotyv.mod.gov.ua/
Title: Центр нац. спротиву

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GeneralStaff.ua
Title: Ген штаб ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MinistryofDefence.UA
Title: Міністерство оборони

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UA.National.Police
Title: Національна поліція

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DPSUkraine
Title: ДПС України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NGUmainpage
Title: Нацгвардія України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StratcomCentreUA
Title: Центр інф. безпеки

Search URL Search Domain Scan URL

URL: https://www.facebook.com/navy.mil.gov.ua
Title: ВМС ЗСУ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CinCAFU
Title: Головнокомандувач

Search URL Search Domain Scan URL

URL: https://klubnatura.pl/pages/solidarni-z-ukraina
Title: Допомога в Польщі

Search URL Search Domain Scan URL

URL: https://www.bamf.de/DE/Themen/AsylFluechtlingsschutz/ResettlementRelocation/InformationenEinreiseUkraine/informationen-einreise-ukraine-node.html
Title: Допомога в Німеччині

Search URL Search Domain Scan URL

URL: https://www.ukrainetakeshelter.com/
Title: Розміщення біженців

Search URL Search Domain Scan URL

URL: https://www.immobilienscout24.de/lp/hilfe-fuer-die-ukraine.html
Title: Житло в Німеччині

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/
Title: Прихисток для біженців

Search URL Search Domain Scan URL

URL: https://chytomo.com/dlia-kulturnykh-diiachiv-i-osvitian-dopomoha-i-pratsevlashtuvannia-za-kordonom/
Title: Працевлаштування за кордоном

Search URL Search Domain Scan URL

URL: https://zib.com.ua/ua/151001-timchasoviy_zahist_na_kipri_mozhlivosti_dlya_ukrainciv.html
Title: Допомога на Кіпрі

Search URL Search Domain Scan URL

URL: https://www.migrationsverket.se/English/About-the-Migration-Agency/The-situation-in-Ukraine.html
Title: Допомога в Швеції

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/03/11/247770/
Title: Пошук житла

Search URL Search Domain Scan URL

URL: https://www.unterkunft-ukraine.de/request
Title: Знайти житло

Search URL Search Domain Scan URL

URL: https://www.facebook.com/752118234860641/posts/7149925781746489/?d=n
Title: Сайти допомоги

Search URL Search Domain Scan URL

URL: https://shelter.dopomagai.org/?utm_source=ukrnet&utm_medium=banner&utm_campaign=ukrnet_guest&utm_id=ukrnet
Title: Безкоштовне житло в Україні

Search URL Search Domain Scan URL

URL: https://vogue.ua/article/culture/puteshestviya/kijiv-vilnyus-shcho-maye-znati-kozhen-ukrajinskiy-bizhenec.html
Title: Допомога у Вільнюсі

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/bizhenci-z-ukrajini-do-latviji-yak-i-de-peretnuti-kordon-otrimati-dopomogu-robotu-ta-de-zhiti-50228296.html
Title: Допомога у Латвії

Search URL Search Domain Scan URL

URL: https://t.me/miUkraune
Title: Міністерство інфраструктури України

Search URL Search Domain Scan URL

URL: https://t.me/uksatse_official
Title: Украерорух

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uspa.gov.ua
Title: Адміністрація морських портів України

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DSBT.UA
Title: Державна служба України з безпеки на транспорті (ДСБТ)

Search URL Search Domain Scan URL

URL: https://t.me/UkrzalInfo
Title: Укрзалізниця

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airportboryspil/
Title: Міжнародний аеропорт “Бориспіль”

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lvivinternationalairport/
Title: Міжнародний аеропорт “Львів”

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_5_1.pdf
Title: ФОП 3-ї групи ЄП-5%

Search URL Search Domain Scan URL

URL: https://upst.fwdcdn.com/helpful/2022_07_11_manual_3gr_2_1.pdf
Title: ФОП 3-ї групи ЄП 2%

Search URL Search Domain Scan URL

URL: https://trafmag.com/

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NjJ8MTM4NzJ8ODAuMjU1LjcuMTAzfDU4MTUzMjA0fDE2ODYxNDUyMDN8MTYyOTYzNjU0OGE0MzE4ZGY0OWFkYjE3Nzc5OGY3OTJ8MzMz&vid=7103374408927023&pstcnt=4_0
Title: 3999 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NjJ8MTM4NzJ8ODAuMjU1LjcuMTAzfDcyODEyMjk3fDE2ODYxNDUyMDN8ODNlYzcwMDI4ZWIxMzI1NzczOGYzZmJiODJkYzY2MmN8MzMz&vid=7103374408927023

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NjJ8MTM4NzJ8ODAuMjU1LjcuMTAzfDU4MTU5NjYyfDE2ODYxNDUyMDN8OGY1OTUyMWVjNjk1MzE2NjU4OTVmN2E3MWRkZGI5MGV8MzMz&vid=7103374408927023&pstcnt=4_0
Title: от 253 грн

Search URL Search Domain Scan URL

URL: https://trafmag.com/letsgo?data=NjJ8MTM4NzJ8ODAuMjU1LjcuMTAzfDcyODEyMjk4fDE2ODYxNDUyMDN8YzY0MTRiYWQ1MTFjZjdiNDE2Y2RmZTZmOWIzNTQzZGN8MzMz&vid=7103374408927023

Search URL Search Domain Scan URL

URL: https://phoenix-widget.com/

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/.eJx1kU2O3CAQha8SeZFVsDHGYLdkRZoj5AKtAsptZBssfjzTiXL30N2a7GZXPL56xaP-VDls1aVaUjripWluOUSM1iWfQ6393sCaMmzujsT508dkG0yeuPx7cZ6c1mAiXJINk7vDHQg4iAmiLeXpN6-X1Z-lTDa6vEEkJzk2SEgCKnQrNC3rOOva5mdO-zWWoRqnY_Ho7Mf3h7SjsXmf9KGfRw37Afbmpn5WTGIrOxw5G1DMFKVSzDyphGGfBB1AjhyH2RiNdBBS4IhIXz7eJXRpElz2apQw9rQToIzpcZBc0epHdQSvMUYfyu9oH7D-L8Q6gDN-rxVErN_AOQy_nkppe7fmhulqTWl7PkErNQ5MKqlmzrjhff9wf91_Pf0z6Mvoq7QFXCAun1AnocV2RlMAapRCiYqLYWgZUs0LnOyOZT37UXBGWUeoIFR-a7sLpxfa1VLIso0C5ojh5brS7lTHx5qiNlYsw2Omeka-pvuBhTA4Q95S9fcfd5u_3Q.d0geMkqaWEllReMGVffyIV7qe48

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/608a794e8fddce08676e9ee0/.eJx1kU1u5CAQha8y8mJWwaYxYLslK1KOMBdo8VO0kfmxAHfSM5q7D-2eZJcdvPrqVT340-zJNedmKWXL567z9hrgPbcq-u5x6Jw1kMvdQXeN8eoA7Vo4W5BYV7GHckdrLDHdvUUB0Bbd73ir9YxkdABI3_YFOSjtUrx73Yu_5LgnBfO2RAj24-dD8qDt7me1qeOqhN9EXWNmSgg6SkpNTwycxDhxzIniB1Ug-ZnjUQwThdForQCPfOAwAeCnTwwFQpk55XTAkjIwwE6TUZpKQiRtXpotRQU5x1RfQMUE7ZeQ2ySCjr6VIkP7JkKA9OtQatu71VcoF6tr27GCknIaySAHaSihmjKGK_asfz_9M-jT6Lu0FVxEXv5D7GSkIZwwpYAS0svJMEKIYFRSY3SFi_X1w6p1xQkmPcIc4eHHqT9TfMZ9O_Bh6scK7hnS03XF_U1uH2vJSlu-jA8beUS-lPsGldBgxO5K8_cfoVe2Hw.IDqV9uR1CdKXb0ZFqClZLBFVKsc

Search URL Search Domain Scan URL

URL: https://mgid.com/

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16263798/i/57452893/0/pp/1/1?h=59-waG0Psr6YE5i4KjMGqBoa3gE6byk1kBt6VhCNxx4G75R-2Kd-y3rFOUlFgKvMmyhi0GKxq4J9QOnXwDu-8A**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16018230/i/57452893/0/pp/2/1?h=59-waG0Psr6YE5i4KjMGqLDSjkSA1FxCIGipgtNp5tbFkTTmAzkUB1uLQdFBo_vH79aCrN_Ie_Ep99KHMe3rOQ**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/11249008/i/57452893/0/pp/3/1?h=59-waG0Psr6YE5i4KjMGqOJxxvEg4MulH1zFtvod6whzZLBxxWilp74zw_zGsP5qkh4BYGrcbfxt4bNE1NxV1w**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16357326/i/57452893/0/pp/4/1?h=59-waG0Psr6YE5i4KjMGqNwgcmLzPoo9lvOLeSULIHCYUBwAgFKjn0QMDBBXSaejMgREoo9JT_ewZxwLOS5I5Q**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15662161/i/57452893/0/pp/5/1?h=59-waG0Psr6YE5i4KjMGqA0_ea7cesls5rbvQGtXcDODcB-g24zvrCmcf8FeC2awbBoZ7pKXZPryyCmVKpD8EA**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14662782/i/57452893/0/pp/6/1?h=59-waG0Psr6YE5i4KjMGqPG55ZeZWDj2hJZVjOSMeQ5C4HPY9ixcM1qA4uoZ1Uppg7bmF-w20_1mhuJ2uZbzpA**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/13944843/i/57452893/0/pp/7/1?h=59-waG0Psr6YE5i4KjMGqEIKNUVq3Ra_EIdTHuyAt2qGvsqW3EQLDTtJBelQE3y85eGFH8pdy42WqpuEXqrB9g**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/15319642/i/57452893/0/pp/8/1?h=59-waG0Psr6YE5i4KjMGqPXz06lc35k78Jm_Wa1JPDfx2X9KKcH2fnjzbCva1UhYicOOGpkpvkLAqXeYVqpJdg**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16357341/i/57452893/0/pp/9/1?h=59-waG0Psr6YE5i4KjMGqKXqwfKa-PJs3yFP57VheylwiCmxXTdWny0aXw7o2zWTjFp9nPi8fTaORh-o0ZG5zg**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/16186454/i/57452893/0/pp/10/1?h=59-waG0Psr6YE5i4KjMGqMnSspp231hg0IJiTpaYYjd4-CYhxYfFuNQYvIQfeXN-p_lITk3t4c96xgRmb1wEbw**&rid=ce3921f1-0538-11ee-b4a2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&ct=1&st=120&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*

Search URL Search Domain Scan URL

URL: http://adline.kiev.ua/
Title: Реклама на порталі

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/password_recovery
Title: Забыли пароль?

Search URL Search Domain Scan URL

URL: https://mail.ukr.net/q/reg
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://zakladki.ukr.net/index.php?action=export
Title: Скачати

Search URL Search Domain Scan URL

URL: http://zakladki.ukr.net/
Title: +ukr.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukr.net/ HTTP 301
https://ukr.net/ HTTP 301
https://www.ukr.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://mail.ukr.net/widget?lang=uk&theme=default HTTP 303
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client HTTP 303
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG HTTP 303
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Request Chain 105

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fc08d6ab-786b-4493-ba23-521f9b05759d

Request Chain 107

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=4339079a6c83a9ca

Request Chain 109

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=UFl2pHx5Ky9wQ1cyOXBoWjBoTkFtcXRody85REZ6U2dZczdJS2l4MU5sVHJ4VGhJYTlkRkFHaEpRZ1ZZQUZwNU9yNk1iWTJnZmUySHJGYjVBbGQyd2JrMm9DaHhrOTFXOXQxWDNvVTJTK2ZkTTZ5QjBFWHY4U1IrMFNmaXlpTnpxbmtnMTY3QUFIaG4vRTRRUElZTTZLZUV5TmNhdUZzU2FQdzVzWDcwcFZhSjBZRVZWMnF0YkxaODJRTldLZVhnOUNhamZzeG05NTFBQ1lNVEwvaG00RUt5SjJlbkhtOHNiZ1dqTVhzTkh1MnFJUGppTWpCdDF5bnBEM2RUSW5wd1FNcmlXZXpTYUdYNUkwcWptZDhteXNqRUYrUT09fA&cppv=2

Request Chain 128

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_guHKSRCwCRiwCTII8X2Ur5dTIYs HTTP 301
https://tpc.googlesyndication.com/simgad/3256441917561582141

Request Chain 193

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 212

https://gcdn.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/75BDD2C064DBDE6CB557452B70C809395DB068C3.3684E837A80428D3A6A0DE0DD7D89BADA53000D2/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/469550A8B836088C31AFFB8C46F1BE77C525CFE6.336C7DA44895DCB1559106DCB24E1B54BDACD11C/key/cms1/cms_redirect/yes/mh/Vx/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1686144771/mv/m/mvi/3/pl/36/file/file.mp4

Request Chain 220

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZjU2YTJhZmJiMjU2MDgzZjY5YzgzMjRhOWI4YjQ4Yjkuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsInhzaWQiOiI2YjU3NzlkNC1mNzJjLTRjMjMtOGQ0Ni05NmNjYThkZjAxNDIifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAyMjQ3MzIzMDkiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjg2MTQ1MjA1OTcxMDUwNzE1IiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1434172&pubEntityId=70774489 HTTP 303
https://dt.adsafeprotected.com/dt?anId=10173&asId=6b5779d4-f72c-4c23-8d46-96cca8df0142&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Request Chain 225

https://pixel.adsafeprotected.com/rfw/st/1434172/70774493/skeleton.gif?xmtp=v&xmapp=0&xsId=6b5779d4-f72c-4c23-8d46-96cca8df0142&bidurl=https://www.ukr.net/&ias_campId=1013136622&ias_pubId=pub-2923577365468476&ias_placementId=20224732309&ias_chanId=1&ias_dealId=549644393847793680&ias_impId=v4~~ABAjH0hJOVJn0kK7yoYlwzW3bnGu&ias_dspId=3&ias_creativeId=190295504&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQz84P4zDiArArpLNHIpFEKmRKNAuk6_c3Wf1E-g2qzxuxkclwUljaycdpuOrwPPp-PPtDzF4uY9BWaOwkC3HosBcfEVYYgoXRVg6d_OzGiMcJ975qaC13-4ZR5dfQDxt6oSKgNEIgx-6RW5y40a3zztZ0RO_kBnLqm_3jgh5ihkiHGcYFhLGUsz1t6jdFyoe9DqsKbnlannT85Ag&sai=AMfl-YR_Bz90UYaZA6hPsMp6hkIA5KYgSh2mMYJOvtYDG4J-hkQgbVASmPYapM1d2-_IHeQCe7n6zDoDe9MATCfbXEdEYJdRuf6PI1pjlYXz03Y7cftM4fH5LiMQHjRrdClOUBJy4mIzNenWZ8VN6ta-yGRW&sig=Cg0ArKJSzOQV53rvCe4iEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=70774493&redirectedRetries=0 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=6b5779d4-f72c-4c23-8d46-96cca8df0142

Request Chain 227

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYg_HU5gEgATAB&v=APEucNXH5vhW7YPBF12VX-To6weZoo8RCTt7D_RQSPwWVuTzlpJRuASWx2AQzkd_bpJNdUo9ooBV8pDLw-As7k07S7Uu1Fxe8w HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZICIt1WbbRpjcztC9INaWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKL2cw71C5haLSMz-3X9VMQ&google_cver=1

226 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ukr.net/
Redirect Chain

http://ukr.net/
https://ukr.net/
https://www.ukr.net/

155 KB
42 KB

80ms
54ms

Document
text/html

104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8577c46566106b16463adbf14b0861e8d247ba1ce9d9575330d62221e79e9daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
cf-cache-status: DYNAMIC
cf-ray: 7d394dfc3baf18df-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 07 Jun 2023 13:40:02 GMT
expires: -1
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7d394dfb9af718df-FRA
content-type: text/html
date: Wed, 07 Jun 2023 13:40:02 GMT
location: https://www.ukr.net/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 123 KB
47 KB 196ms
103ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

712328bc23cb5a55cddc119b5845996118b03e60bc77d5f4c95991ed7ca3b2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 13:40:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 123ms
49ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f757044fa067960c89b77d10fecb4ff4f02552180cf3d0d94b4b98ee28df863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41477
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Jun 2023 13:40:02 GMT

GET
H2 200 top_links.css
upst.fwdcdn.com/css/1685004627/ 1 KB
625 B 211ms
97ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/1685004627/top_links.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f723cee3a3c0a92cdd66281c85f841b8743a6b6317e376360b55300425017fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 08:51:03 GMT
server: cloudflare
age: 1140525
etag: W/"646f2177-48c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
cf-ray: 7d394dfd7f663a8a-FRA
expires: Thu, 06 Jun 2024 13:40:02 GMT

GET
H2 200 /
upst.fwdcdn.com/css/ 4 KB
2 KB 210ms
96ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/??portal/normalize.css,portal/slick.css,portal/core.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=31536000
cf-ray: 7d394dfd7f683a8a-FRA
expires: Thu, 06 Jun 2024 13:40:02 GMT

GET
H2 200 main.css
upst.fwdcdn.com/css/4/portal/ 44 KB
9 KB 162ms
49ms Stylesheet
text/css 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/css/4/portal/main.css
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5065b65c7cc17d8605ab0379141167be378f306d3bbf1baea7b6c7a4857a6948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 10:20:02 GMT
server: cloudflare
age: 3542099
etag: "6448fad2-204a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d394dfd7f693a8a-FRA
content-length: 8266
expires: Thu, 06 Jun 2024 13:40:02 GMT

GET
H2 200 _desktop.js Show response
www.ukr.net/news/ 20 B
210 B 57ms
56ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/news/_desktop.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 13:06:40 GMT
server: cloudflare
age: 2002
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7d394dfccc8018df-FRA
x-xss-protection: 1; mode=block
expires: Wed, 07 Jun 2023 17:40:02 GMT

GET
H2 200 concat.js Show response
upst.fwdcdn.com/js/4/portal/ 167 KB
52 KB 164ms
53ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 May 2023 14:23:02 GMT
server: cloudflare
age: 774944
etag: "6474b546-cc89"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d394dfd7f6b3a8a-FRA
content-length: 52361
expires: Thu, 06 Jun 2024 13:40:02 GMT

GET
H2 200 main.js Show response
upst.fwdcdn.com/js/8/portal/ 61 KB
17 KB 208ms
97ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/8/portal/main.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e131b4937b9fbc7e1f100c8fd175f0d95b89a742bd9396f0d09c548c4a170ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 09:27:02 GMT
server: cloudflare
age: 15104
etag: "64804d66-4318"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d394dfd7f6c3a8a-FRA
content-length: 17176
expires: Thu, 06 Jun 2024 13:40:02 GMT

GET
H2 200 zakladki_v2.min.js Show response
zakladki.ukr.net/bookmarks/js/ 104 KB
19 KB 61ms
54ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zakladki.ukr.net/bookmarks/js/zakladki_v2.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Aug 2020 10:42:05 GMT
server: cloudflare
age: 28163
etag: W/"5f366a7d-19e00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7d394dfcdc9818df-FRA
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 970x90.png
upst.fwdcdn.com/img/ 3 KB
3 KB 47ms
46ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/970x90.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 87754
etag: "6447ce22-cd3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dfe38603a8a-FRA
content-length: 3283
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 logo_ua09660773b06adb86fe0e477c06023f57.gif
upst.fwdcdn.com/temp/holidays/12408/ 6 KB
6 KB 50ms
46ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12408/logo_ua09660773b06adb86fe0e477c06023f57.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f54e609c3f48167e8890f44e5992e2692615bb8079494126000e020f950ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 13:01:00 GMT
server: cloudflare
age: 2277
etag: "64807f8c-18f5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d394dfe487c3a8a-FRA
content-length: 6389
expires: Wed, 07 Jun 2023 17:40:02 GMT

GET
H2 200 title_img_ua09660773b06adb86fe0e477c06023f57.gif
upst.fwdcdn.com/temp/holidays/12408/ 1 KB
1 KB 56ms
51ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/temp/holidays/12408/title_img_ua09660773b06adb86fe0e477c06023f57.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b5c7e3df996697ddd0a7fd62858e6071d64c22fe0f33bf3a025a688ca550bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 13:01:00 GMT
server: cloudflare
age: 2277
etag: "64807f8c-428"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7d394dfe487f3a8a-FRA
content-length: 1064
expires: Wed, 07 Jun 2023 17:40:02 GMT

GET
H2 200 grey-pix.gif
upst.fwdcdn.com/img/ 53 B
181 B 55ms
50ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/grey-pix.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 34540
etag: "51b860f4-35"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dfe48813a8a-FRA
content-length: 53
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 fuels-banner-ua.png
upst.fwdcdn.com/img/commercial/ 4 KB
4 KB 52ms
47ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Oct 2014 14:11:04 GMT
server: cloudflare
age: 34066
etag: "542eae78-1134"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dfe48823a8a-FRA
content-length: 4404
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 fuels-banner-bottom-ua.png
upst.fwdcdn.com/img/commercial/ 5 KB
5 KB 56ms
51ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/commercial/fuels-banner-bottom-ua.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Oct 2014 10:17:53 GMT
server: cloudflare
age: 470697
etag: "5437b251-134e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dfe48833a8a-FRA
content-length: 4942
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 300x250.png
upst.fwdcdn.com/img/ 4 KB
4 KB 59ms
54ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x250.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 87665
etag: "6447ce22-e74"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dfe48853a8a-FRA
content-length: 3700
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 300x145.png
upst.fwdcdn.com/img/ 3 KB
3 KB 56ms
52ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/300x145.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Apr 2023 12:57:06 GMT
server: cloudflare
age: 11932
etag: "6447ce22-a9f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dfe48873a8a-FRA
content-length: 2719
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 top-logo-ua-mod3.gif
upst.fwdcdn.com/img/ 5 KB
5 KB 55ms
51ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/top-logo-ua-mod3.gif
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 586541
etag: "51b860f4-140f"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dfe48883a8a-FRA
content-length: 5135
expires: Wed, 14 Jun 2023 13:40:02 GMT

GET
H2 200 email-decode.min.js Show response
www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
819 B 42ms
41ms Script
application/javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 May 2023 15:21:01 GMT
server: cloudflare
etag: W/"6476145d-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7d394dfe2e4418df-FRA
expires: Fri, 09 Jun 2023 13:40:02 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 183ms
88ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.ukr.net/
Origin: https://www.ukr.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7d394dfedae00497-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 69ms
64ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5903420-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQCXMKT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5c78df152dbd106a57a8582589d90c1f624ad6d7b742d64c74bdbc7b31cd7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 13:40:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 57ms
52ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e054225478a20d2f3bb519a1f4e104231e72e2a900c7fbfc5075a2eb0ee6f99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84808
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Jun 2023 13:40:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 138ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5903420-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 12:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3876
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 07 Jun 2023 14:35:27 GMT

GET
H2 200 hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/468373/ 920 B
1 KB 152ms
49ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/468373/hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 10:46:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 427
etag: W/"64806007-398"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yo5d0BHS7xxLn8mrNFqr1rx8cpACbPIWgcbkXftRZTdalG7IRCGLzcVxj%2FK7enDJ45Xz4319poYC2LW2JVnkVw7dBP%2BMFwj7mAACbDhTB%2BtabE4znhtVVWcomUjqwOueTuKddztaez4I7iqinFmMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7d394dfeee54bbb6-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 07 Jun 2023 13:47:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 208ms
116ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51182235147cecb5d00caa5034b5625101584aa813607ca338d227474f36505b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25167
x-xss-protection: 0
server: cafe
etag: 118 / 19515 / 31075092 / config-hash: 477340865933111811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:40:03 GMT

GET
H2 200 wrapper_hb_742228_17438.js Show response
player.adtcdn.com/prebidlink/468373/ 2 KB
1 KB 193ms
90ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/468373/wrapper_hb_742228_17438.js
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2d917c1d2c627d10b96fd21dcf38dcce63f3d79266b8fc83894b9e1f75ca14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 10:46:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 427
etag: W/"64806007-701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr98ZOV2J1UK3%2Fk1aexf9nynnh1zmAr4qeUs9HvZBQ8b7cpcsQq23DIT%2FBQ66gyXevolwOmWcYGNLSTGX4w%2FxpD1DcgahSPGedJD8j5kgxtX%2FR5HoOfTEkZ5ZOtNIsa%2BJc%2FE2x%2FJXh93DTHsHZxJdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7d394dfeee55bbb6-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 07 Jun 2023 13:47:56 GMT

GET
H2 200 test Show response
accounts.ukr.net/public/access/ 2 B
271 B 137ms
42ms XHR
text/plain 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/public/access/test?_=1686145202919
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
x-upstream: 4210.10.20.48:5080
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie
content-length: 2

GET
H2

200

https://mail.ukr.net/widget?lang=uk&theme=default
https://accounts.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG&action=login_client
https://mail.ukr.net/login?client_id=xQCeAoX3vV8zg41Md3qG
https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

1 KB
1 KB

45ms
45ms

Document
text/html

212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),

Reverse DNS

frvdc-253.fwdcdn.com

Software

nginx /

Resource Hash

4db4b0625c98a8e616acabeb5b02bc53037c652e41db77afeae95de242ae5eec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://.ukr.net http://.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://.ukr.net; report-uri /csp-blocked
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOW-FROM https://www.ukr.net/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' https://*.ukr.net https://www.google.com https://google.com https://www.gstatic.com https://gstatic.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.ukr.net; child-src 'self' https://www.google.com https://google.com; frame-src 'self' https://www.google.com https://google.com https://recaptcha.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://ukrnet.com.ua; form-action https://*.ukr.net www.ukr.net ukr.net; object-src 'self'; font-src 'self'; connect-src 'self' https://*.ukr.net; report-uri /csp-blocked
content-type: text/html; charset=UTF-8
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Wed, 07 Jun 2023 13:40:02 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-frame-options: ALLOW-FROM https://www.ukr.net/
x-upstream: 4210.10.20.49:5080
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' blob: https://*.ukr.net https://target.ukr.net https://accounts.ukr.net https://stage4.ukr.net https://*.fwdcdn.com https://*.adriver.ru https://*.google-analytics.com https://*.googlesyndication.com https://*.googleapis.com https://*.googletagservices.com https://*.googletagmanager.com https://*.doubleclick.net https://partner.googleadservices.com https://www.google.com https://www.gstatic.com 'sha256-AcJhwe4dqmo30pWvKwn3Md7IBhj0dLqVR9mYFFzf+Yw=' 'sha256-djyGrQc6ZbFFlYUcvetvyNFaKc2Vo0FNi2IsBKsT50E='; style-src 'self' 'unsafe-inline' https://*.fwdcdn.com https://*.ukr.net https://fonts.googleapis.com/css https://*.googlesyndication.com; img-src 'self' data: blob: https://*.fwdcdn.com https://*.ukr.net:* http://*.edisk.ukr.net https://*.ukr.net http://*.ukr.net https://*.edisk.download https://*.files.ukr.net https://*.adriver.ru https://*.google-analytics.com https://*.gstatic.com https://*.googlesyndication.com https://*.google.com https://*.doubleclick.net https://loadercdn.net https://*.rzk-m.com https://*.plaxlab.com; child-src 'self' blob: https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-src data: 'self' https://*.ukr.net https://jail.fwdcdn.com https://docw.fwdcdn.com https://*.adriver.ru https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; frame-ancestors https://*.ukr.net http://*.ukr.net www.ukr.net ukr.net https://*.g.doubleclick.net https://jail.fwdcdn.com https://fileview.fwdcdn.com https://fileview-test.fwdcdn.com; object-src 'self' https://*.adriver.ru https://*.googlesyndication.com https:; media-src 'self'; font-src 'self' https://fonts.gstatic.com https://*.googlesyndication.com; manifest-src 'self' https://*.ukr.net; connect-src 'self' https://*.ukr.net:* https://*.fwdcdn.com https://localhost https://*.doubleclick.net https://*.googlesyndication.com https://s.znctrack.net; report-uri /csp-blocked?from=
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Wed, 07 Jun 2023 13:40:02 GMT
location: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
server: nginx

GET
H2 200 5ysrIfrF92 Show response
go.rcvlink.com/ifr/ Frame 6F6C 15 KB
7 KB 186ms
40ms Document
text/html 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 07 Jun 2023 13:40:03 GMT
etag: W/"63c6f377-3b12"
expires: Thu, 08 Jun 2023 13:40:03 GMT
last-modified: Tue, 17 Jan 2023 19:13:59 GMT
server: nginx

GET
H2 200 v2 Show response
a4p.adpartner.pro/jsunit/jsonp/ 1 KB
846 B 312ms
181ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/jsunit/jsonp/v2?id=6513&unit_id=6513&place_id=6513&himg=200&location=http://ukr.net/&callback=jQuery300010491844289775187_1686145202892&_=1686145202893
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 9934cf27a9d1d9fb3b63a78f21829c47deb3b9709e7faafba3658710d7c7af66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
m.mixadvert.com/show_json/ukrnet/ 517 B
729 B 463ms
312ms Script
text/html 147.135.189.55
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://m.mixadvert.com/show_json/ukrnet/?id=1559&callback=jQuery300010491844289775187_1686145202894&_=1686145202895

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.135.189.55 , France, ASN16276 (OVH, FR),

Reverse DNS

m.mixadvert.com

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

1310c2941392644f8bf126f67d39cb6d97e88e7d2bf19cc129d1855d81ac8083

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
strict-transport-security: max-age=15768000, max-age=15768000
content-encoding: gzip
server: nginx/1.12.0
x-powered-by: PHP/5.4.16
content-type: text/html; charset=utf-8

GET
H2 200 pinformer4.php Show response
pinformer.sinoptik.ua/ Frame A7C6 6 KB
2 KB 156ms
44ms Document
text/html 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: ca2187b2d14b827d7c877df5802ec38d7263eafacd5b80450fec8754972dbbcd

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Wed, 07 Jun 2023 13:45:03 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
vary: Accept-Encoding

GET
H2 200 ukrnet_ua.html Show response
kinoafisha.ua/widget/ Frame C6D7 349 KB
17 KB 137ms
43ms Document
text/html 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: b6cf17d31a5567f14b2e686122655d6e86b1eb8b2ba2f588c641815241038dc0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html
date: Wed, 07 Jun 2023 13:40:03 GMT
etag: W/"64807f51-573ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 07 Jun 2023 13:00:01 GMT
server: nginx

GET
H2 200 ukrnet2.js Show response
trafmag.com/ 3 KB
3 KB 143ms
55ms Script
application/json 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://trafmag.com/ukrnet2.js?callback=jQuery300010491844289775187_1686145202896&_=1686145202897

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

ca9b9f086dbc02b393266651bf83c5a30f6b1fca2815d5a9b53bd5068c4dc73d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: application/json; charset=utf-8
date: Wed, 07 Jun 2023 13:40:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 ukrnet Show response
api.phoenix-widget.com/api/v2/ 2 KB
3 KB 868ms
748ms Script
application/json 143.244.196.143
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.phoenix-widget.com/api/v2/ukrnet?callback=jQuery300010491844289775187_1686145202898&_=1686145202899

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.196.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

844d2d971c416310f4abad69675bf32cd41d7cbb2dc45e4d29e49331e9564df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
amp-same-origin: true
etag: "9e36c08620dabb011cc7b8d042ff7edacc7f90a1"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
content-length: 2408

GET
H2 200 1119189 Show response
servicer.mgid.com/ 8 KB
3 KB 220ms
119ms Script
application/json 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1119189?callback=jQuery300010491844289775187_1686145202900&_=1686145202901
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08bd8f890366e3fe0e41ab2472ef31644d656ebe3600aff93f641ff2fcd477a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7d394dff2a6d7747-LHR
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 addlink.gif
zakladki.ukr.net/bookmarks/img/ 2 KB
2 KB 53ms
52ms Image
image/gif 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zakladki.ukr.net/bookmarks/img/addlink.gif

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
last-modified: Tue, 20 Aug 2013 02:30:01 GMT
server: cloudflare
age: 24656
etag: "5212d4a9-6dc"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394dff3f6c18df-FRA
content-length: 1756
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/c5/ 1 B
415 B 142ms
41ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/c5/cnt.php?rand=0.12484158265041323&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:03 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Wed, 07 Jun 2023 13:40:02 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/aid/portal/ 312 B
702 B 142ms
42ms Script
application/octet-stream 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.20806350578974975&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4f4246f9ebb924f7b062ac271c33c00349e658b1b7c2784cae64a6dfcfc489c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:03 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Wed, 07 Jun 2023 13:40:02 GMT

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/lid/329/ 1 B
415 B 137ms
41ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/lid/329/cnt.php?rand=0.22203863523039846&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:03 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Wed, 07 Jun 2023 13:40:02 GMT

GET
H2 204 /
loadercdn.net/ 0
170 B 233ms
68ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?u=c05beaaf8fcfcf7b&d=www.ukr.net
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Jun 2023 13:40:03 GMT
server: openresty

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 139ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je3650&_p=851915598&_gaz=1&cid=1447050822.1686145203&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686145203&sct=1&seg=0&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 90ms
49ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-75WQ2FHNW7&cid=1447050822.1686145203&gtm=45je3650&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 160ms
65ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-75WQ2FHNW7&cid=1447050822.1686145203&gtm=45je3650&aip=1&z=188170975

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 137ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je3650&_p=851915598&cid=1447050822.1686145203&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Fwww.ukr.net%2F&dp=%2F&sid=1686145203&sct=1&seg=1&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=page_view&_ee=1&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hbp_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 459 KB
145 KB 188ms
80ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/468373/hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3781036262c122e1a5c69ce22ade5efed89dd693f30ef89bff924f59904d4a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 09 Jun 2023 13:40:03 GMT
date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Tue, 30 May 2023 12:04:36 GMT
server: nginx
etag: W/"6475e654-72b50"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 48ms
47ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=851915598&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ukr.net%2F&dp=%2F&ul=en-us&de=UTF-8&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACgAI~&jid=250826994&gjid=1142515832&cid=1447050822.1686145203&tid=UA-5903420-1&_gid=2029213508.1686145203&_r=1&gtm=457e3650&cd1=Unregistered&cd2=n&cd3=0&jsscut=1&z=1713154791

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swPortal2.css
pinformer.sinoptik.ua/css/15/ Frame A7C6 11 KB
3 KB 42ms
42ms Stylesheet
text/css 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 13:04:12 GMT
server: nginx
etag: W/"5f620d4c-2deb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000, public
expires: Fri, 07 Jul 2023 13:40:03 GMT

GET
H2 200 swPortal4.js Show response
pinformer.sinoptik.ua/js/15/ Frame A7C6 115 KB
38 KB 48ms
47ms Script
application/x-javascript 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 14:54:44 GMT
server: nginx
etag: W/"5f622734-1cc1f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000, public
expires: Fri, 07 Jul 2023 13:40:03 GMT

GET
H2 200 t.gif
pinformer.sinoptik.ua/img/ Frame A7C6 43 B
232 B 43ms
41ms Image
image/gif 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/t.gif
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Thu, 23 Oct 2014 10:32:30 GMT
server: nginx
etag: "5448d93e-2b"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Jul 2023 13:40:03 GMT

GET
H2 200 1_0.jpg
pinformer.sinoptik.ua/img/partners/pinformer/ Frame A7C6 1 KB
1 KB 42ms
41ms Image
image/jpeg 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/1_0.jpg
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-532"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1330
expires: Fri, 07 Jul 2023 13:40:03 GMT

GET
H2 200 / Show response
www.ukr.net/sinoptik/102950159/ Frame A7C6 0
302 B 52ms
52ms Script
application/x-javascript 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ukr.net/sinoptik/102950159/
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/pinformer4.php?lang=ua&rnd=1686145202936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 7 Jun 2023 13:40:03 UTC
server: cloudflare
etag: "51b98b6a-0"
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
accept-ranges: bytes
cf-ray: 7d394dffe82318df-FRA
content-length: 0
expires: Wed, 7 Jun 2023 13:40:03 UTC

GET
DATA 200
OK truncated
/ Frame C6D7 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 m_25clfmmptransformers-rise-of-the-beasts.jpg
kinoafisha.ua/upload/2021/06/films/9582/ Frame C6D7 28 KB
28 KB 43ms
42ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2021/06/films/9582/m_25clfmmptransformers-rise-of-the-beasts.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 84388bf6f694149cd7beb103b12645145c4bf69a23e826086124e2a72c22f2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Wed, 10 May 2023 17:05:51 GMT
server: nginx
etag: "645bceef-7095"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28821
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 m_257v3fa6spider-man-across-the-spider-verse-part-one.jpg
kinoafisha.ua/upload/2021/12/films/9733/ Frame C6D7 28 KB
28 KB 85ms
85ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2021/12/films/9733/m_257v3fa6spider-man-across-the-spider-verse-part-one.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 414ceefac37797a764d25cea199c2d9c5b2e9d8b4051866bd9d9725bf3991f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Fri, 07 Apr 2023 14:21:49 GMT
server: nginx
etag: "643026fd-6e14"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 28180
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 m_259r43tpnfluaenser.jpg
kinoafisha.ua/upload/2023/03/films/10005/ Frame C6D7 20 KB
20 KB 86ms
86ms Image
image/jpeg 212.42.83.135
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kinoafisha.ua/upload/2023/03/films/10005/m_259r43tpnfluaenser.jpg
Requested by: Host: kinoafisha.ua
URL: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.83.135 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 756be8b477b918cb4878a275d6f540218f9eb9247e953ecd4aec42b8a34d8d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kinoafisha.ua/widget/ukrnet_ua.html?rnd=1686145202938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Thu, 20 Apr 2023 19:42:46 GMT
server: nginx
etag: "644195b6-50f7"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 20727
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 hbw_master_742228_17438.js Show response
player.adtelligent.com/prebidlink/WPK1V/ 136 KB
37 KB 232ms
136ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/WPK1V/hbw_master_742228_17438.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/468373/wrapper_hb_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e6ff146bf36075f5a6748d00b9fbde590fd58e21fa6a07dbb73df3cb4faadf69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires: Fri, 09 Jun 2023 13:40:03 GMT
date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 10:46:31 GMT
server: nginx
etag: W/"64806007-221ae"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 start.json Show response
www.ukr.net/ajax/ 70 KB
15 KB 57ms
57ms XHR
application/json 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/ajax/start.json

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc39273b277a40fd0d0b072a8a012470bd10892a9b65d1c3f0692d89936b51b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: application/json
cf-ray: 7d394dffbff718df-FRA
x-xss-protection: 1; mode=block

GET
H2 200 1 Show response
go.rcvlink.com/cs/1/ Frame 6F6C 34 B
236 B 42ms
42ms Script
text/javascript 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/cs/1/1
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: fddebc5c3eb91d51ec2debd1fc83036f016a13b68ce584bbbc171bc9faf16ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
hn: b11
cache-control: private, max-age=315360000
expires: Sat, 04 Jun 2033 16:40:03 +0300

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 147ms
49ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5903420-1&cid=1447050822.1686145203&jid=250826994&gjid=1142515832&_gid=2029213508.1686145203&_u=4CDAAUAAAAAAACgAI~&z=169541762

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Jun 2023 13:40:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 406 KB
126 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 10:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10718
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128351
x-xss-protection: 0
server: cafe
etag: 10410007902637205610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Jun 2024 10:41:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 178 B
138 B 161ms
74ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c537a42c52081d98139e7e32ab51860cbe8aad43883dae6a3cd388cfb1c715e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:40:03 GMT

GET
H2 200 1686145203218.html Show response
www.ukr.net/view/main/97849731,340,1525,352,93,147,24,10,10,43,5,1,2,4,1,8,7,36,10,55,13,6,3,27,10,5,6,16,30,8,5,1,11,9,20,3,7,17,16,4,1,6,3,14,7,26,4,3,8,1,2,9,9,1,7,3,2,2,5,1,3,2,10,5,2,4,2,1,7,1... 0
117 B 50ms
50ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/view/main/97849731,340,1525,352,93,147,24,10,10,43,5,1,2,4,1,8,7,36,10,55,13,6,3,27,10,5,6,16,30,8,5,1,11,9,20,3,7,17,16,4,1,6,3,14,7,26,4,3,8,1,2,9,9,1,7,3,2,2,5,1,3,2,10,5,2,4,2,1,7,1,4,2,3,3,7,9,2,18,9,1,6,5,17,4,1,30,7,5,3,4,16,3,8/1686145203218.html

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/js/4/portal/concat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.ukr.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
etag: "51b860f4-0"
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/plain
accept-ranges: bytes
cf-ray: 7d394e00387a18df-FRA
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 top_links.png
upst.fwdcdn.com/img/1685004627/ 3 KB
3 KB 48ms
48ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/1685004627/top_links.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/1685004627/top_links.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3013a50365c22fe15e0bce332967f9ebe8d86d5062032531f1621a1f558ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/1685004627/top_links.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 08:51:03 GMT
server: cloudflare
age: 535716
etag: "646f2177-b24"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e006b573a8a-FRA
content-length: 2852
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 icons-arrow-left.svg
upst.fwdcdn.com/img/portal/main/ 395 B
334 B 49ms
47ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-left.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 34174
etag: W/"6076e064-18b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7d394e006b5c3a8a-FRA
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 icons-arrow-right.svg
upst.fwdcdn.com/img/portal/main/ 461 B
311 B 50ms
48ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icons-arrow-right.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Apr 2021 12:30:28 GMT
server: cloudflare
age: 34174
etag: W/"6076e064-1cd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
cf-ray: 7d394e006b5f3a8a-FRA
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 dot.svg
upst.fwdcdn.com/img/portal/main/ 650 B
521 B 47ms
46ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/dot.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 519924
etag: "637656b5-18e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e006b603a8a-FRA
content-length: 398
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 arrow.svg
upst.fwdcdn.com/img/portal/main/ 233 B
271 B 47ms
46ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/arrow.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 519940
etag: "637656b5-bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e006b613a8a-FRA
content-length: 188
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 runtime.js Show response
upst.fwdcdn.com/js/ Frame A7C6 408 KB
122 KB 55ms
55ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/runtime.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:47 GMT
server: cloudflare
age: 10922266
etag: "637656b3-1e6e9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d394e00abaf3a8a-FRA
content-length: 124649
expires: Thu, 06 Jun 2024 13:40:03 GMT

GET
H2 200 ico-arrow.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame A7C6 149 B
339 B 42ms
42ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/ico-arrow.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-95"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 149
expires: Fri, 07 Jul 2023 13:40:03 GMT

GET
H2 200 term-t1.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame A7C6 389 B
579 B 43ms
42ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/term-t1.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-185"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 389
expires: Fri, 07 Jul 2023 13:40:03 GMT

GET
H2 200 s-wind2.png
pinformer.sinoptik.ua/img/partners/pinformer/ Frame A7C6 185 B
375 B 42ms
42ms Image
image/png 212.42.76.151
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinformer.sinoptik.ua/img/partners/pinformer/s-wind2.png
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/css/15/swPortal2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.151 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv151.fwdcdn.com
Software: nginx /
Resource Hash: 586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/css/15/swPortal2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Wed, 07 Sep 2016 08:07:52 GMT
server: nginx
etag: "57cfcad8-b9"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 185
expires: Fri, 07 Jul 2023 13:40:03 GMT

POST
H2 200 csp-blocked
accounts.ukr.net/ Frame 0963 2 B
99 B 43ms
42ms Other
text/html 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/csp-blocked
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

x-upstream: 42, 42127.0.0.1:8082
date: Wed, 07 Jun 2023 13:40:03 GMT
server: nginx
content-length: 2
content-type: text/html

GET
H2 200 bundle.css
accounts.ukr.net/widget/login/css/ Frame 0963 11 KB
3 KB 43ms
42ms Stylesheet
text/css 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/css/bundle.css?ea3ffcbf
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 13:08:15 GMT
server: nginx
etag: W/"6474a3bf-2c24"
content-type: text/css
x-upstream: 4210.10.20.48:5080
cache-control: max-age=1209600
expires: Wed, 21 Jun 2023 13:40:03 GMT

GET
H2 200 bundle.js Show response
accounts.ukr.net/widget/login/js/ Frame 0963 161 KB
45 KB 50ms
49ms Script
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/bundle.js?4f74d5c8
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: ba5aa9b5cb2fd3a95aed40039389eecc45879320520088ad8c69b8a592bb28da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 13:08:15 GMT
server: nginx
etag: W/"6474a3bf-28498"
content-type: application/javascript
x-upstream: 4210.10.20.49:5080
cache-control: max-age=1209600
expires: Wed, 21 Jun 2023 13:40:03 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 157ms
69ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5903420-1&cid=1447050822.1686145203&jid=250826994&_u=4CDAAUAAAAAAACgAI~&z=2063182697

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
66ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5903420-1&cid=1447050822.1686145203&jid=250826994&_u=4CDAAUAAAAAAACgAI~&z=2063182697

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
go.rcvlink.com/bdto/5ysrIfrF92/ Frame 6F6C 3 KB
2 KB 45ms
45ms XHR
application/json 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://go.rcvlink.com/bdto/5ysrIfrF92/?cache=tp7a7dLbvG3z2B4&ver=230117-2113&w=200&h=0&vw=200&ms=215.1&me=0&ref=&
Requested by: Host: go.rcvlink.com
URL: https://go.rcvlink.com/ifr/5ysrIfrF92
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: fdb89393b46dd852a40e83389bee2d060d13069896150676094fed047f095844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 13:40:03 GMT
server: nginx
p3p: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type: application/json
hn: b12
cache-control: no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin: *
expires: Wed, 07 Jun 2023 16:40:03 +0300

GET
H/1.1 200
OK cnt.php Show response
counter.ukr.net/advert/adv/portal/ 1 B
415 B 127ms
41ms Script
text/plain 212.42.73.60
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.ukr.net/advert/adv/portal/cnt.php?rand=0.20806350578974975&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Requested by: Host: counter.ukr.net
URL: https://counter.ukr.net/aid/portal/cnt.php?rand=0.20806350578974975&r=&p=https%3A//www.ukr.net/&c=y&fr=n&tz=0&j=n&s=1600*1200&d=24&js=y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 212.42.73.60 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:03 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Expires: Wed, 07 Jun 2023 13:40:02 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame 8779 102 B
450 B 220ms
70ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: d4d22fabb135c703a66acec3b976c27dfe2e161bc28de40eb9a873f2baaf52ad

Request headers

Content-Type: text/plain;charset=UTF-8
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 a5ef91dac1da1dd25303a9c37657a961
st11.rcvlink.com/2/200/ Frame 6F6C 12 KB
13 KB 47ms
38ms Image
image/webp 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st11.rcvlink.com/2/200/a5ef91dac1da1dd25303a9c37657a961
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8c34a40bef599306f990d8c4f8b53b6bc9975ff4f65a5d1610d421a41ae8ee19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Thu, 05 Jan 2023 09:10:52 GMT
server: nginx
etag: "63b6941c-1970b"
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=7776000
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12532
expires: Tue, 05 Sep 2023 13:40:03 GMT

GET
H2 200 logo160.png
go.rcvlink.com/img/ Frame 6F6C 6 KB
6 KB 39ms
39ms Image
image/png 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.rcvlink.com/img/logo160.png
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.rcvlink.com/ifr/5ysrIfrF92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
last-modified: Mon, 21 Jan 2019 15:07:51 GMT
server: nginx
etag: "5c45e047-1869"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6249
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 html5objects.js Show response
upst.fwdcdn.com/js/ Frame A7C6 555 KB
136 KB 54ms
54ms Script
application/x-javascript 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://upst.fwdcdn.com/js/html5objects.js
Requested by: Host: pinformer.sinoptik.ua
URL: https://pinformer.sinoptik.ua/js/15/swPortal4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pinformer.sinoptik.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:48 GMT
server: cloudflare
age: 3541859
etag: "637656b4-21ee1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d394e01bcec3a8a-FRA
content-length: 138977
expires: Thu, 06 Jun 2024 13:40:03 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/742150/ 2 KB
1 KB 125ms
41ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/742150/config.json?cb=https%3A%2F%2Fwww.ukr.net%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_742228_17438.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8d3e815aec018dd3728343fe2db3f97d2ed7e9993e1dd6fb6e5b8ba8d3feee73

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

expires: Fri, 09 Jun 2023 13:40:03 GMT
date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 12:02:49 GMT
server: nginx
etag: W/"647f2069-8ac"
content-type: application/json
access-control-allow-origin: https://www.ukr.net
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 182ms
59ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Jun 2023 13:40:03 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 153 B
420 B 173ms
46ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/WPK1V/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: acfefabc3311713d820354accd9d0909e22b5b6274581a9088d73e5c4cdb641a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:02 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 153

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 175ms
48ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=742228&site_id=17438&pbjsv=v7.37.1&full_page_url=https%3A%2F%2Fwww.ukr.net%2F&adid=lrbhnk.9m&features=81952&vpbv=B148&lifecycle_tte=1274
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/WPK1V/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:02 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 172ms
51ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 156ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ukr.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 154 KB
41 KB 731ms
731ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4124555631438128&correlator=628669089883174&eid=31075092&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_brend_resize%2Cukr.net_300x145&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C120x600%7C160x600%2C300x145%7C300x175&ifi=1&adks=3371586687%2C216364347&sfv=1-0-40&fsfs=0%2C1&fsbs=1%2C1&prev_scp=excl_cat%3DPREPOST%7Cexcl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1686145203575&lmt=1686145203&dlt=1686145202641&idt=759&adxs=130%2C995&adys=89%2C446&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=1600x4934%7C300x145&msz=160x-1%7C300x145&fws=512%2C512&ohw=0%2C0&ga_vid=1447050822.1686145203&ga_sid=1686145204&ga_hid=851915598&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMD617CJMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1710bcfd8a1e6ad5830b6b18beea423f3404753be5024fcedd1d2858fdb877c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41980
x-xss-protection: 0
google-lineitem-id: 6234283324,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423973983,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B6D 6 KB
3 KB 185ms
49ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Thu, 06 Jun 2024 13:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 get Show response
accounts.ukr.net/api/v1/cai/browser/ Frame 0963 107 B
423 B 44ms
42ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/cai/browser/get
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?4f74d5c8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 99a0905d8db0f41589c44e5655a6c3ab529e31bd90dee9d73513224aad8a99de

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

expires: Wed, 07 Jun 2023 13:40:02 GMT
date: Wed, 07 Jun 2023 13:40:03 GMT
server: nginx
content-type: application/json
x-upstream: 4210.10.20.49:5080
cache-control: no-cache
content-length: 107
x-served-by: 127.0.0.1:10000

GET
DATA 200
OK truncated
/ Frame A7C6 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 workerWASM.js
accounts.ukr.net/widget/login/js/worker/ Frame 0963 58 KB
17 KB 55ms
54ms Other
application/javascript 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/widget/login/js/worker/workerWASM.js?bf1bf351823ed81051c6
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 597daab5972873ee5a8c46171115b4ee3404e525d6fae13d6bbf31d38328012d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
last-modified: Mon, 29 May 2023 13:08:15 GMT
server: nginx
etag: W/"6474a3bf-e602"
content-type: application/javascript
x-upstream: 4210.10.20.49:5080
cache-control: max-age=1209600
expires: Wed, 21 Jun 2023 13:40:03 GMT

GET
H2 200 icon-top.svg
upst.fwdcdn.com/img/portal/main/ 525 B
418 B 47ms
46ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/icon-top.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 33511
etag: "637656b5-13e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e02de753a8a-FRA
content-length: 318
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 bg-main-static.png
upst.fwdcdn.com/img/ 10 KB
10 KB 49ms
48ms Image
image/png 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/bg-main-static.png
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Apr 2020 10:54:06 GMT
server: cloudflare
age: 34079
etag: "5ea80b4e-2962"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e02de783a8a-FRA
content-length: 10594
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 favorites.svg
upst.fwdcdn.com/img/portal/main/ 673 B
486 B 49ms
48ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/favorites.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 519628
etag: "637656b5-16d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e02de7a3a8a-FRA
content-length: 365
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 regions-star.svg
upst.fwdcdn.com/img/portal/main/ 830 B
573 B 47ms
46ms Image
image/svg+xml 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/main/regions-star.svg
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 470686
etag: "637656b5-1d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e02de843a8a-FRA
content-length: 470
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 currency-bg.gif
upst.fwdcdn.com/img/portal/commercial/ 3 KB
3 KB 51ms
50ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/portal/commercial/currency-bg.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
age: 34066
etag: "637656b5-be5"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e02ee8c3a8a-FRA
content-length: 3045
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 arrow.svg
www.ukr.net/img/portal/main/ 233 B
307 B 51ms
51ms Image
image/svg+xml 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ukr.net/img/portal/main/arrow.svg

Requested by

Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 28109
content-length: 188
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Nov 2022 15:43:49 GMT
server: cloudflare
etag: "637656b5-bc"
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e02ebaf18df-FRA
expires: Wed, 14 Jun 2023 13:40:03 GMT

GET
H2 200 orakul-sprite.gif
upst.fwdcdn.com/img/ 7 KB
7 KB 47ms
47ms Image
image/gif 2606:4700::6812:509
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upst.fwdcdn.com/img/orakul-sprite.gif
Requested by: Host: upst.fwdcdn.com
URL: https://upst.fwdcdn.com/css/4/portal/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:509 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://upst.fwdcdn.com/css/4/portal/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:03 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2013 11:52:20 GMT
server: cloudflare
age: 33327
etag: "51b860f4-1ad2"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: https://www.ukr.net
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7d394e02ee903a8a-FRA
content-length: 6866
expires: Wed, 14 Jun 2023 13:40:03 GMT

POST
H2 599 acquire Show response
accounts.ukr.net/api/v1/token/verification/ Frame 0963 27 B
121 B 43ms
41ms XHR
application/json 212.42.75.253
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.ukr.net/api/v1/token/verification/acquire
Requested by: Host: accounts.ukr.net
URL: https://accounts.ukr.net/widget/login/js/bundle.js?4f74d5c8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.42.75.253 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: frvdc-253.fwdcdn.com
Software: nginx /
Resource Hash: 5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323

Request headers

Referer: https://accounts.ukr.net/widget/login?client_id=xQCeAoX3vV8zg41Md3qG
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

x-upstream: 4210.10.20.48:5080
date: Wed, 07 Jun 2023 13:40:03 GMT
server: nginx
content-length: 27
content-type: application/json

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 269 KB
68 KB 1003ms
1003ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4124555631438128&correlator=2614880917764012&eid=31075092&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fifs&iu_parts=22875277274%2Cukr.net_300x250%2Cukr.net_300x250_ad_unit2_bottom%2Cukr.net_300x250_ad_unit3_bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x250%7C300x500%7C300x400%7C300x107%7C300x600%2C300x145%7C300x250%7C300x400%2C300x600%7C300x250%7C300x400&ifi=3&adks=2774844501%2C3317177319%2C3449700283&sfv=1-0-40&fsfs=1%2C1%2C1&fsbs=1%2C1%2C1&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=page%3Dbrandundefined&sc=1&cookie_enabled=1&abxe=1&dt=1686145203725&lmt=1686145203&dlt=1686145202641&idt=759&adxs=995%2C995%2C995&adys=196%2C1108%2C2104&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ukr.net%2F&frm=20&vis=1&psz=300x250%7C300x250%7C300x0&msz=300x107%7C300x145%7C300x0&fws=512%2C512%2C0&ohw=0%2C0%2C0&ga_vid=1447050822.1686145203&ga_sid=1686145204&ga_hid=851915598&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMD617CJMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ee8b9b20d2e1cfe53063b2142c4cdad0ee1808374906fa2c5f7fe26e6f2d261

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNLhpa-ksf8CFUfK3godFpwMkg&gqi=&layout=/sadbundle/%24csp%253Der3%24/4579856229784144327/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNLhpa-ksf8CFUfK3godFpwMkg&gqi=&layout=/sadbundle/%24csp%253Der3%24/4579856229784144327/index.html
date: Wed, 07 Jun 2023 13:40:04 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69188
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ukr.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 705 B
687 B 47ms
47ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=463288
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/WPK1V/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 07991868a4cb6968052828c9278562e7a0b6ea7f38e4634bf6c5b6052f0ca259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:02 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.ukr.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 381

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F6A1 15 KB
6 KB 162ms
58ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ukr.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 340766
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fc08d6ab-786b-4493-ba23-521f9b05759d

43 B
473 B

227ms
120ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fc08d6ab-786b-4493-ba23-521f9b05759d
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 185.239.172.77 Newham, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:03 GMT
Server: Adtelligent
Etag: 4339079a6c83a9ca
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fc08d6ab-786b-4493-ba23-521f9b05759d
date: Wed, 07 Jun 2023 13:40:03 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 157ms
53ms Image
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 07 Jun 2023 13:40:03 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=4339079a6c83a9ca

35 B
351 B

185ms
40ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=4339079a6c83a9ca
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 07 Jun 2023 13:40:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=4339079a6c83a9ca
Date: Wed, 07 Jun 2023 13:40:03 GMT
Server: Adtelligent
Etag: 4339079a6c83a9ca
Content-Length: 0

GET
H2 200 sync
cookies.nextmillmedia.com/ 0
0 486ms
117ms Image
text/html 3.217.213.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookies.nextmillmedia.com/sync?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D722242%26extuid%3D%5BNMUID%5D
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.213.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-213-80.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame F6A1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ukr.net&sn=ChromeSyncframe&so=0&topUrl=www.ukr.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=UFl2pHx5Ky9wQ1cyOXBoWjBoTkFtcXRody85REZ6U2dZczdJS2l4MU5sVHJ4VGhJYTlkRkFHaEpRZ1ZZQUZwNU9yNk1iWTJnZmUySHJGYjVBbGQyd2JrMm9DaHhrOTFXOXQxWDNvVTJTK2ZkTTZ5QjBFWHY4U1IrMFNmaX...

428 B
660 B

192ms
43ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=UFl2pHx5Ky9wQ1cyOXBoWjBoTkFtcXRody85REZ6U2dZczdJS2l4MU5sVHJ4VGhJYTlkRkFHaEpRZ1ZZQUZwNU9yNk1iWTJnZmUySHJGYjVBbGQyd2JrMm9DaHhrOTFXOXQxWDNvVTJTK2ZkTTZ5QjBFWHY4U1IrMFNmaXlpTnpxbmtnMTY3QUFIaG4vRTRRUElZTTZLZUV5TmNhdUZzU2FQdzVzWDcwcFZhSjBZRVZWMnF0YkxaODJRTldLZVhnOUNhamZzeG05NTFBQ1lNVEwvaG00RUt5SjJlbkhtOHNiZ1dqTVhzTkh1MnFJUGppTWpCdDF5bnBEM2RUSW5wd1FNcmlXZXpTYUdYNUkwcWptZDhteXNqRUYrUT09fA&cppv=2

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c9e3ff736aefca1fe03aa1646e0bd5d4fff4512f5d372584e81fca45d41c53b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2733193
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=UFl2pHx5Ky9wQ1cyOXBoWjBoTkFtcXRody85REZ6U2dZczdJS2l4MU5sVHJ4VGhJYTlkRkFHaEpRZ1ZZQUZwNU9yNk1iWTJnZmUySHJGYjVBbGQyd2JrMm9DaHhrOTFXOXQxWDNvVTJTK2ZkTTZ5QjBFWHY4U1IrMFNmaXlpTnpxbmtnMTY3QUFIaG4vRTRRUElZTTZLZUV5TmNhdUZzU2FQdzVzWDcwcFZhSjBZRVZWMnF0YkxaODJRTldLZVhnOUNhamZzeG05NTFBQ1lNVEwvaG00RUt5SjJlbkhtOHNiZ1dqTVhzTkh1MnFJUGppTWpCdDF5bnBEM2RUSW5wd1FNcmlXZXpTYUdYNUkwcWptZDhteXNqRUYrUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 334998
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 194ms
105ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbf83a186dd1552b01606e787c4fda48171617d948e077b662976ae883ec5f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11395
x-xss-protection: 0

POST
H2 204 rum Show response
www.ukr.net/cdn-cgi/ 0
163 B 80ms
80ms XHR
text/plain 104.18.8.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ukr.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: application/json

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.ukr.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7d394e07391d18df-FRA

GET
H2 200 container.html Show response
f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F95D 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Thu, 06 Jun 2024 13:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49EA 6 KB
3 KB 44ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Thu, 06 Jun 2024 13:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F95D 24 KB
6 KB 53ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:18:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 105696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 05 Jun 2024 08:18:28 GMT

GET
H2 200 bannercode-b20b641a.js Show response
bb.givemelink.cc/ Frame F95D 12 KB
4 KB 139ms
45ms Script
text/javascript 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://bb.givemelink.cc/bannercode-b20b641a.js?rmtm=2

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

e33dd82458cb73e1abd1b1acbd4b1c1faf6318bdbdc5cf294377712a6e8a971e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8;
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
cache-control: no-cache
content-length: 3492

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F95D 173 KB
55 KB 158ms
65ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:40:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 49EA 15 KB
2 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 12:58:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 13:40:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 49EA 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 05:05:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 49EA 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1ME0s4iAZJChJ5Ko-wbjwJKgBq7nj4JxrvHl1McOZBABIIjZs5gBYJWygoKYB6ABsrqz3APIAQmpAkyVMrDn67E-4AIAqAMByAPLBKoEiAJP0In9AIN1pFfD4vzlkgrLxlWKXcaEbiPSNY2hZ6ztZekdRrTEMEU72O9ztisI_c0kBQb9gwukVMk1X9hFzLtImqM7UCwpHamBT9OzHOAxnF-7Dr94c_6wvPrBX45O477mwlTOcp9abXTnDyBT4SoNJgT6SnzK4IpefSxCx7gBqLopEIFtiQt7IwkDx2v2eNv9cthnWcRcy5X2sqzp-rgHIMGHqLi2SRqcc63sS_DFeC_XnV0DNVKTqiAOh_fKMTL4XYwnKYm-aCcVr4cYOtpuZVMPnOKOcq19Lgpr1P62aHcu69MnN0JgjXPqbobiHm8_hKulP7v_6XVOXjDpOoKObdphbPnq8RLABNvRqffmA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe2xcwjqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJOfBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgHICwHYEwuIFAjQFQGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=pFWOUUank-4&uach_m=[UACH]&cid=CAQSSwBygQiDK5bndY-7HYHZQ8nTdUKIMCRq9XyLVW8-PbwQMF13j3u9oaChQV2ns9RyKBra_VrMUeSSYOHxABYSbZLBLBqxCSI7c8CWtBgB&template_id=494
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame 49EA 22 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8791
x-xss-protection: 0
server: cafe
etag: 14754480374493709716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:57:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 49EA 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 11:53:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame 49EA 19 KB
8 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49EA 173 KB
54 KB 188ms
125ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:40:04 GMT

GET
H2 200 a0f85236eb26cc0778ab5a91ae2d3422.js Show response
www.gstatic.com/mysidia/ Frame 49EA 32 KB
14 KB 139ms
41ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0f85236eb26cc0778ab5a91ae2d3422.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 12:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13674
x-xss-protection: 0
last-modified: Wed, 31 May 2023 20:13:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 12:05:32 GMT

GET
H2 200 10270250907628855381
tpc.googlesyndication.com/gpa_images/simgad/ Frame 49EA 35 KB
36 KB 51ms
50ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10270250907628855381

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b299bb6f363418ea416a65c36ba106049cd29b13195a23d78794289e7795de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:10:17 GMT
x-content-type-options: nosniff
age: 314987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36042
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 20:18:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 22:10:17 GMT

GET
H2 200 3141387051421092383
tpc.googlesyndication.com/gpa_images/simgad/ Frame 49EA 32 KB
32 KB 88ms
88ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/3141387051421092383

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9221672759e12efdafdaada82c42d373989f8fc251134194be6325b70c1cf7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 08:47:22 GMT
x-content-type-options: nosniff
age: 103962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32295
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 01:40:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Jun 2024 08:47:22 GMT

GET
H2 200 9491270214813696426
tpc.googlesyndication.com/gpa_images/simgad/ Frame 49EA 34 KB
34 KB 100ms
100ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/9491270214813696426

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cf39e1b0bf3f22b4fe7c26e52115d1350a4061a11a701956d73ba78019978c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:13:00 GMT
x-content-type-options: nosniff
age: 314824
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34678
x-xss-protection: 0
last-modified: Fri, 05 May 2023 12:14:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 22:13:00 GMT

GET
H3

200

3256441917561582141
tpc.googlesyndication.com/simgad/ Frame 49EA
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_guHKSRCwCRiwCTII8X2Ur5dTIYs
https://tpc.googlesyndication.com/simgad/3256441917561582141

35 KB
35 KB

51ms
44ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3256441917561582141

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fd84e4d00d7d5d9e9c24aa430f47f9cadfd01b9a15e4dd03764a267dd93244d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 22:10:17 GMT
x-content-type-options: nosniff
age: 314987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36083
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 14:11:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 22:10:17 GMT

Redirect headers

date: Tue, 06 Jun 2023 22:10:44 GMT
x-content-type-options: nosniff
server: cafe
age: 55760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3256441917561582141
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 22:10:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F95D 0
0 82ms
81ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrmZI4jYYTgA1eR6o0uzlVPl8CJNPtleS9uiz5bouIRXvz3PTPV0-g31RHOkZ3bsUNsSqTcAFa_y8-jhtTuu9gH5PxYnjN9-GEz0uPwiPI3XkG0O8aAia24mv1TfRqb2PJQ1agCV2ROKjkFp_0M3BmZKlxCLTAtEFepR_1yyzd0R01quCRLJqjGTzf-NrOY2kG-wT3SEGnMRI4msIKn6qD9GKcfB3LnHE07E6dUjI_KDRqu6OU5GkS4Zj0maJqeSdYFKDzcosJ8IFTDV_HtX9mqVvFgS6gnK3thu3sPSOb0uG5heDT7qmXgBguWUmUrOyEJdMnAK_e3ExPSk5XkQ&sai=AMfl-YR5O0AlhdVHo1UibMdqDy_63FWHj86IZcSaMXnydlww0jWNhenA7a9VyneO-FjK2FxQYOxdODyT9fAjjLxnrPp8oqjybA_VcyXiYTbMAPbxQlx3AaxT0Rx9EDfaz7O1ONu1yb-DBRj7JS-m9JQ&sig=Cg0ArKJSzKl2MKuCInwREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:40:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 13:40:04 GMT

GET
DATA 200
OK truncated
/ Frame 49EA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f6288321f74c893bd77644616bffcd15ed0e1a50dcbcf9e1f26f4bde8fd3060

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A3A 13 KB
5 KB 45ms
42ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:07:43 GMT
expires: Thu, 06 Jun 2024 13:07:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D416 783 B
966 B 51ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4693fd4edc75c2ba517e5fbb75e5686732e37864bd7e7b9550f2afafb19253dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ffn8yyei1q4wlIhtgTcvyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-ffn8yyei1q4wlIhtgTcvyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:04 GMT
expires: Wed, 07 Jun 2023 13:40:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK style.css
s2.givemelink.cc/banners/rozetka120x600gdnv4/ Frame F95D 3 KB
4 KB 162ms
41ms Stylesheet
text/css 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.givemelink.cc/banners/rozetka120x600gdnv4/style.css?rnd=778
Requested by: Host: bb.givemelink.cc
URL: https://bb.givemelink.cc/bannercode-b20b641a.js?rmtm=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: support.giveme.network
Software: nginx /
Resource Hash: 91e82c2d1e6fb02606414d658a8485709ab91f7b5ffc2e97452b29dba491ee9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
Last-Modified: Tue, 23 Feb 2021 12:36:01 GMT
Server: nginx
ETag: "6034f6b1-db7"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Length: 3511
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK main.js Show response
s2.givemelink.cc/banners/rozetka120x600gdnv4/ Frame F95D 8 KB
8 KB 163ms
42ms Script
application/javascript 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.givemelink.cc/banners/rozetka120x600gdnv4/main.js?rnd=778
Requested by: Host: bb.givemelink.cc
URL: https://bb.givemelink.cc/bannercode-b20b641a.js?rmtm=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: support.giveme.network
Software: nginx /
Resource Hash: 46360087784a5e34f985d1d5edb413167fd65de377b386135a0246014b765bc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
Last-Modified: Tue, 23 Feb 2021 12:36:01 GMT
Server: nginx
ETag: "6034f6b1-1eae"
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Length: 7854
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK afcnt Show response
afl.rozetka.com.ua/ Frame F95D 0
407 B 187ms
42ms Script
application/javascript 193.200.64.15
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.rozetka.com.ua/afcnt?rnd=0.4174321494792057

Requested by

Host: bb.givemelink.cc
URL: https://bb.givemelink.cc/bannercode-b20b641a.js?rmtm=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.64.15 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

affiliates.rozetka.com.ua

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline' rozet.cc; script-src 'self' 'unsafe-inline' 'unsafe-eval' rozet.cc;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline' rozet.cc; script-src 'self' 'unsafe-inline' 'unsafe-eval' rozet.cc;
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
P3P: CP="NON DSP COR CURa TIA"
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK logo.png
s2.givemelink.cc/banners/rozetka120x600gdnv4/ Frame F95D 3 KB
3 KB 279ms
38ms Image
image/png 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.givemelink.cc/banners/rozetka120x600gdnv4/logo.png?rnd=1
Requested by: Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: support.giveme.network
Software: nginx /
Resource Hash: baf70c6f2691067cf9ba7540c089e2b1d2facc20557ee4038db6bd7406fc326f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
Last-Modified: Mon, 22 Jun 2020 07:49:01 GMT
Server: nginx
ETag: "5ef0626d-c05"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Length: 3077
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK cd78d22f4a48f43e677773b9617b5d7f.jpg
s2.givemelink.cc/images/posters/ Frame F95D 4 KB
4 KB 281ms
38ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/cd78d22f4a48f43e677773b9617b5d7f.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

244c3f2d94763fb808c492339cda6afb4eccf199e6bd877b80367840feb1112a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 176659540D03E936
Connection: close
Content-Length: 3853
x-xss-protection: 1; mode=block
last-modified: Fri, 19 May 2023 21:37:12 GMT
Server: nginx
etag: "113e39b9979e051b4f28cf4bbc84039f"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK 19001446085073b38086bc93886fb756.jpg
s2.givemelink.cc/images/posters/ Frame F95D 3 KB
4 KB 281ms
38ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/19001446085073b38086bc93886fb756.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

aa34690d0793c283f07db02b30a901012cc78036349bc2273ced50940dbf795d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1761CA5D41C426B4
Connection: close
Content-Length: 3200
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Oct 2022 21:51:19 GMT
Server: nginx
etag: "81b2b6feff1ef7910cd161647d1cf181"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK f6f1130265184cc6cc7ef187829b770a.jpg
s2.givemelink.cc/images/posters/ Frame F95D 20 KB
21 KB 352ms
77ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/f6f1130265184cc6cc7ef187829b770a.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

3fbd941f2c1e5f35eef02b0e3baf1966b2d06393293b1917310d61fa942755fb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 175B6F8E2529B8B9
Connection: close
Content-Length: 20773
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 04:49:55 GMT
Server: nginx
etag: "81a0bcfeca1d4e7f13c0ce45a2dfff96"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK f40d36df8dac1406c9c2c194384ddd1b.jpg
s2.givemelink.cc/images/posters/ Frame F95D 6 KB
7 KB 150ms
42ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/f40d36df8dac1406c9c2c194384ddd1b.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

c6306370e29da940758f1bed7bcac9ac0d4406f44a684241a35166601e55e994

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 17652A389F22E223
Connection: close
Content-Length: 6531
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 14:53:53 GMT
Server: nginx
etag: "832946f7239ce972243308bd6af30a40"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK cdd621837053e22c379c1287cdfda867.jpg
s2.givemelink.cc/images/posters/ Frame F95D 11 KB
11 KB 151ms
42ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/cdd621837053e22c379c1287cdfda867.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

ec632fa4000ae8cfb18bb418607700499c412bafb035c73471797ceb709cbda0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 175997F4BD2F9538
Connection: close
Content-Length: 11033
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 01:25:53 GMT
Server: nginx
etag: "abdd6fb8f8cbcf75204f43b1ebb353e6"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK c1c1345b0cded96284199181c50fd95f.jpg
s2.givemelink.cc/images/posters/ Frame F95D 13 KB
14 KB 188ms
80ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/c1c1345b0cded96284199181c50fd95f.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

bb8ef0ce883ff241cd7fe8f88de11b8f53a8472e104757c6a4b5524f3e51a56d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 175B7083D197D0D4
Connection: close
Content-Length: 13704
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 01:29:26 GMT
Server: nginx
etag: "6d8f8050a14564721c313cf969fbab3e"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK c11367d2df429542b1ffc258c9c2c084.jpg
s2.givemelink.cc/images/posters/ Frame F95D 14 KB
14 KB 188ms
79ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/c11367d2df429542b1ffc258c9c2c084.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

2438dba1b36f2daee71839ebefff6ce89e3dce9a850ef61fd61af4ba13b583f6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 175AD34CEB191986
Connection: close
Content-Length: 13883
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 01:55:57 GMT
Server: nginx
etag: "ea4d87a6ccba0154d2e7a47d46df6c95"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK 6b3a99fc29ff2f8df514327d6d5d6b6f.jpg
s2.givemelink.cc/images/posters/ Frame F95D 9 KB
9 KB 114ms
38ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/6b3a99fc29ff2f8df514327d6d5d6b6f.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

8612bf71ab29f11d4987f2a55fdd9b167f6b4e081ad6078fd9581bc6c9433811

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 176232224E6ED111
Connection: close
Content-Length: 9091
x-xss-protection: 1; mode=block
last-modified: Wed, 24 May 2023 13:37:13 GMT
Server: nginx
etag: "cb81501a468755c50188315f98f7f6fe"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H/1.1 200
OK 685a5cf960ad668e1821df43b534a110.jpg
s2.givemelink.cc/images/posters/ Frame F95D 7 KB
8 KB 114ms
38ms Image
image/jpeg 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.givemelink.cc/images/posters/685a5cf960ad668e1821df43b534a110.jpg

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

support.giveme.network

Software

nginx /

Resource Hash

c44db9882b2e0ba3258175d12b1184aa22ffd3819b47e00b23ef8772b5063941

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1765929A031E591C
Connection: close
Content-Length: 7629
x-xss-protection: 1; mode=block
last-modified: Thu, 11 May 2023 21:37:13 GMT
Server: nginx
etag: "0a6d4be7f9ed3feb609581c772f36952"
vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
no-gzip-compression: true
Cache-Control: max-age=604800
Accept-Ranges: bytes
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H2 200 bstd26bc0c7672851a1445127a45db89bf2.gif
bb.givemelink.cc/ Frame F95D 43 B
205 B 48ms
39ms Image
image/gif 193.200.65.2
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bb.givemelink.cc/bstd26bc0c7672851a1445127a45db89bf2.gif?site_id=1672&informer_id=0&rnd=1686145204544384220

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.200.65.2 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

trafmag.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

p3p: CP="NON DSP COR CURa TIA"
date: Wed, 07 Jun 2023 13:40:04 GMT
cache-control: must-revalidate
content-type: image/gif
server: nginx
x-frame-options: SAMEORIGIN
expires: Wed, 01 Sep 2012 11:11:11 GMT

GET
H/1.1 200
OK link_dot.png
s2.givemelink.cc/banners/rozetka120x600gdnv4/ Frame F95D 95 B
390 B 102ms
37ms Image
image/png 193.200.65.22
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.givemelink.cc/banners/rozetka120x600gdnv4/link_dot.png
Requested by: Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 193.200.65.22 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: support.giveme.network
Software: nginx /
Resource Hash: c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:04 GMT
Last-Modified: Tue, 18 Jun 2019 12:26:08 GMT
Server: nginx
ETag: "5d08d860-5f"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: close
Accept-Ranges: bytes
Content-Length: 95
Expires: Wed, 14 Jun 2023 13:40:04 GMT

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A3A 38 KB
15 KB 125ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 11:30:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D416 0
0 161ms
77ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306010101&jk=4124555631438128&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame F95D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7e647a30782b55e3bb2f98a7fcc8010dd4451e92510baad84a4e4cc4ac009d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
222 B 47ms
47ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/WPK1V/hbw_master_742228_17438.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ukr.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.ukr.net
Date: Wed, 07 Jun 2023 13:40:03 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 49EA 33 KB
33 KB 166ms
78ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 66647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 19:09:17 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 49EA 20 KB
21 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 334762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 16:40:42 GMT

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3146 38 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 11:30:10 GMT

GET
H3 200 container.html Show response
f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D129 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Thu, 06 Jun 2024 13:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D00E 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Thu, 06 Jun 2024 13:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B817 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js?cb=31075092

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ukr.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:03 GMT
expires: Thu, 06 Jun 2024 13:40:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame D129 22 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8791
x-xss-protection: 0
server: cafe
etag: 14754480374493709716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:57:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D129 8 KB
846 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 11:46:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 13:40:05 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame D129 15 KB
3 KB 138ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 05:06:06 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame D129 371 KB
127 KB 139ms
46ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 16:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 16:50:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame D129 19 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305221508000/ Frame D00E 222 KB
61 KB 145ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 11:57:54 GMT
age: 351731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61790
x-xss-protection: 0
server: sffe
etag: "dc39a5ea8e84372b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 11:57:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame D00E 15 KB
5 KB 214ms
109ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 05:03:11 GMT
age: 376614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "68ea093d80ab2def"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 05:03:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame D00E 94 KB
28 KB 218ms
115ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 10:13:15 GMT
age: 358010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "52a0fa5b1f73dc96"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 10:13:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame D00E 5 KB
2 KB 231ms
129ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 06:17:42 GMT
age: 372143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "64a18d292337e38c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 06:17:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305221508000/v0/ Frame D00E 40 KB
13 KB 234ms
132ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 03 Jun 2023 00:34:48 GMT
age: 392717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "4886bdcdd7fc48e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 02 Jun 2024 00:34:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D00E 4 KB
728 B 51ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:00:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 13:40:05 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D00E 3 KB
3 KB 41ms
40ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:05:19 GMT
x-content-type-options: nosniff
server: cafe
age: 70486
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3073
x-xss-protection: 0
expires: Wed, 07 Jun 2023 18:05:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D00E 344 B
368 B 42ms
41ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 66976
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 07 Jun 2023 19:03:49 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D00E 0
0 89ms
88ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9WOns4iAZNG6MMeU-waWuLKQCbbUvZ5wqeKK_7kPmoPXtsYBEAEgiNmzmAFglbKCgpgHoAH524yJA8gBCakCTJUysOfrsT7gAgCoAwHIAwqqBIgCT9ARecSFGqrs15aifjbUSKjZA1jr5j742B4vLIrikjGd1N7UKPbZQ8EjK325X2GwK06ycQfib9R7fHXxPcwE3M0IYp5bzBs1b5zuOB2wfq6nmfYuILGDO6TWf1Otadolua8Agw7a0-XumR6ceRd6jM4atr7psolfiVIU9e8hYRyj8njuLisGiwYCnm_M-NaV_BGMubOjWXdBg3Vj-aiysbAIs1D04uAPH6ukThnv5ek0fAaYdHOqesjb1V-q1L2RlPk0J-mJFMNkzc6zYmLNaKrJr1HynrYaHTMa1ZqmQPtuCJTAoqdNgfqfj6wKG8Ma3IvkYfH-xJuqXKeYx9ZHXEHs-dsMrnonwAS8-LHMgwTgBAGSBQQIBBgBkgUECAUYBKAGLoAH76PzdqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPKqBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgHICwHYEw2IFAHQFQGYFgGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=Yj7zhdVjMHU&uach_m=[UACH]&cid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg-JMBIIJXpW6E-VE8gdrowR1b_oz8xgB&template_id=5000
Requested by: Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/ Frame A6DB 14 KB
4 KB 42ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html

Requested by

Host: www.ukr.net
URL: https://www.ukr.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32f061a752b770dfd7de8090a4752c6d810ba68bff50ab6a645a5a259eddf4cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 370694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3834
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 06:41:51 GMT
expires: Sun, 02 Jun 2024 06:41:51 GMT
last-modified: Mon, 15 Aug 2022 15:23:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B817 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnLpEs4iAZJK8MMeU-waWuLKQCc7Gs9Ztj-qHm_cQve_av80BEAEg55_DmQFglbKCgpgHoAHi68HbA8gBCakCTJUysOfrsT7gAgCoAwHIA0iqBI4CT9DPjXQMXf3846uYhQLK_zE5F9FU83ZPG7m0fRhXbdUib9zGkJ-DKvb8Tzx6YrvwqNJHXXQf-2SfOYNeyCNB9p_cAYMcZy6X8xm98SHvgQ6V1voPPDmaRbGXpnjqAyWZTZS8iGYUOnBDZNkHP8izsokODRvnweSwV30wfoiTGlMAr0F71wDmCLgEOTGLdP5Z8DO0wK-XkZTnoHodhnOU-QaFDJ7BxJLpg_Ixkw-2co4xnR5XRy3wb49QRQquvgG_QhDHRsrNS3t-BveQYYX950tNt9NeQP5gkq8zuXiNVxMbNLQz-psadYEs7NssQqO2FHJF_UFYTX8cc6j_XTnTOR4FUkP0MVS2myBTCgivwATo6uyxowTgBAGSBQQIBBgBkgUECAUYBKAGLoAHhpS-JKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELCbBdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGYFgGAFwGyFx8KHQgAEhRwdWItNzAwNTgxMzQxMTg3OTAwNhjftpAB&sigh=ySVUgDj_H2U&uach_m=[UACH]&cid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg-JMBIIJXpW6E-VE8gdrowR1b_oz8xgB&template_id=419
Requested by: Host: www.ukr.net
URL: https://www.ukr.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/ Frame B817 22 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/abg_lite_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8791
x-xss-protection: 0
server: cafe
etag: 14754480374493709716
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:57:47 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F638 143 B
383 B 132ms
42ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:16:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame B817 3 KB
1 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/window_focus_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 11:53:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/ Frame B817 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230601/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 04:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7969
x-xss-protection: 0
server: cafe
etag: 12322974680428514663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 04:58:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F95D 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvQfftMNzg5QzzjCSHWJRdxIHTydglWrf7tzqQQ83S80ZENBh2wgbSWEepxf04bsefv75ZF8cyLUB4sInlFli5cAvIYfwHAOa6MCg-IL9wbrD78P2I0ys-e3J2M0SrGANrfUf7iRWXVcuTYCbGp7dMhCckEXrPrU_kBX4pV6K1hNqkwbWHSAgybotWrZtI-I41WTIdvuq1dGxvC5LB55C9epI5XGA6L4NfZjLZotgXW-SCrEfI809UPd2cYyydnUuc13uqCIeRRfGN03F93lp9MxsBk5fP4OMZdkx93xa1E0EAGQQCl4d-n7apQjCVuCjrTU3BsqHPXZUvKTEJ9jdM&sai=AMfl-YQvsEWdli5sO-4frW3YqIvWCLj4g_DXhuJWGlu4NM2TdNVmSaHse3jhdCegIvr5Fouy9-lCfBCyfYVQWQySVCo-3sVx7-rijXrvbVc7L7AKjK86hPW3ftW99uzlpXNetL9k832M5KAb2OJgOJo&sig=Cg0ArKJSzBFt8ubJ8bCnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Jun 2023 13:40:05 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A6DB 6 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 16:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 07 Jun 2023 16:38:02 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A6DB 34 KB
13 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 08 Jun 2023 01:47:45 GMT

GET
H3 200 f1cf82b3e1d2c43b615bcb7c050803c2.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/ Frame A6DB 78 KB
20 KB 48ms
47ms Script
application/x-javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/f1cf82b3e1d2c43b615bcb7c050803c2.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f84d507040c51a23f01b1ca715a70cba443c6e0ad0321df9c69292b4bc0f50

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 08:24:08 GMT
age: 191757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20029
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:23:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jun 2024 08:24:08 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/165021091441255774/ Frame D00E 16 KB
16 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/165021091441255774/14763004658117789537?w=400&h=209

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d760e3d302e29797056a5b5a5b83fdbc08b544862ce3032d4904ceefcb76103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 05:03:53 GMT
x-content-type-options: nosniff
age: 462972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16356
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 14:21:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Jun 2024 05:03:53 GMT

GET
DATA 200
OK truncated
/ Frame D00E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D00E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf822a6a03e9731bee8c82ec3da1c37ae4145744d1ce27143e2991657d79f54e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D00E 16 KB
16 KB 50ms
50ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 19:08:02 GMT
x-content-type-options: nosniff
age: 325923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 19:08:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D00E 15 KB
15 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 382178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B817 173 KB
54 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55245
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685965250302189"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 13:40:05 GMT

GET
DATA 200
OK truncated
/ Frame B817 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 152a3beefcf16ff85d9c61e938504dd7dff89f73dda8def61e8f5dc749e37378

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame A6DB 4 KB
701 B 56ms
55ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Raleway:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/f1cf82b3e1d2c43b615bcb7c050803c2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80f0ada1c01db5dcdbb212526b722465dd6982a2852b47612ad53d1da03b333b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Jun 2023 13:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 13:39:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Jun 2023 13:40:05 GMT

GET
H3 200 559e593dd6676836019ca4def06b4e15.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/media/ Frame A6DB 10 KB
10 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/media/559e593dd6676836019ca4def06b4e15.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4579856229784144327/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9ff1264e1843b27efa9e6466f13e73009e0bd9bdc38fabd7041b16c71ed10b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 31 May 2023 22:04:16 GMT
x-content-type-options: nosniff
age: 574549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10013
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 15:23:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 May 2024 22:04:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6A3A 0
12 B 41ms
40ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AJfXYA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F638
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
298 B

50ms
50ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:05 GMT
expires: Wed, 07 Jun 2023 13:40:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 13:40:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame A6DB 15 KB
15 KB 64ms
64ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Raleway:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 17:47:46 GMT
x-content-type-options: nosniff
age: 330739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 17:47:46 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame A6DB 21 KB
21 KB 57ms
56ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Raleway:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3bf5c7f14111380b95d877ae25c01388693756986fdf6f8231deae0c209d7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:19:10 GMT
x-content-type-options: nosniff
age: 336055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21528
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 16:19:10 GMT

GET
DATA 200
OK truncated
/ Frame A6DB 300 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

POST
H2 204 csi
csi.gstatic.com/ Frame D129 0
54 B 1080ms
329ms Ping
image/gif 2404:6800:4007:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lilrbj6h&c=4760779298807&slotId=2380389649403.5&qqid=CLLepa-ksf8CFUfK3godFpwMkg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D129 9 KB
9 KB 54ms
53ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 18:37:03 GMT
x-content-type-options: nosniff
age: 68582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 18:37:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D129 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 382178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D129 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ce9_9s4iAZPK4MMeU-waWuLKQCe2Zje9wuJid9eoRr-qivcABEAEg55_DmQFglbKCgpgHyAEFqQJMlTKw5-uxPqgDAcgDmwSqBJgCT9Axotd2hd2AUSGfcXuZY6pFWzxxCvRSXnER9VvuPGZS7ywJbgUNga0tyo6dgCqE5pn-WBTtgBVZk2drxoREuEF1KhQXU9JLfXO-K9JHkd051ZZ5zcKR9RKIvKbJM2Yjjt6IaqKey15oHqL3TfNrnpRw87RF3T8GWoiPHB_6LWaWB-kEBm5orkxBo58dLq367kV7DibxApFm_gOc9nYjjhnpSfLT15cIjhZN5Cj__TkMttCTsdqDQtNjKjP3_8V0x3dehmD1Q9KOG_VyiRQlVrE2GusKmS0CNVndG2rK1A3-vn0v3SrefMRRfAgyeZhAgWDLXH_LGN4_a9mUlGkU--2-zfKsBl_QGCr6CDcpk4Q8JO8gvBHhsMAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8rMzxPIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1686145205485&ai=Ce9_9s4iAZPK4MMeU-waWuLKQCe2Zje9wuJid9eoRr-qivcABEAEg55_DmQFglbKCgpgHyAEFqQJMlTKw5-uxPqgDAcgDmwSqBJgCT9Axotd2hd2AUSGfcXuZY6pFWzxxCvRSXnER9VvuPGZS7ywJbgUNga0tyo6dgCqE5pn-WBTtgBVZk2drxoREuEF1KhQXU9JLfXO-K9JHkd051ZZ5zcKR9RKIvKbJM2Yjjt6IaqKey15oHqL3TfNrnpRw87RF3T8GWoiPHB_6LWaWB-kEBm5orkxBo58dLq367kV7DibxApFm_gOc9nYjjhnpSfLT15cIjhZN5Cj__TkMttCTsdqDQtNjKjP3_8V0x3dehmD1Q9KOG_VyiRQlVrE2GusKmS0CNVndG2rK1A3-vn0v3SrefMRRfAgyeZhAgWDLXH_LGN4_a9mUlGkU--2-zfKsBl_QGCr6CDcpk4Q8JO8gvBHhsMAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8rMzxPIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF

Requested by

Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D129 0
234 B 1066ms
327ms Ping
image/gif 2404:6800:4007:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lilrbj73&c=4760779298807&slotId=2380389649403.5&qqid=CLLepa-ksf8CFUfK3godFpwMkg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1d7&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D129 26 KB
17 KB 200ms
87ms XHR
text/xml 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B3FpYayo94rEzKprHO47vjDtBg3C8HzR5YLnjX69_k_OGq3wsqbnh4pNfLD9ZQxZpr5-0F-B4ZMpv5_Pc0ssUtPQ_JDg&dbm_d=AKAmf-AlEhK7EhZbrqqdZZQvS69IKa4ytkfkqE0PYhhmGJvbJu97xycYJ7qkjCpqextPQ1vBPCfxKT5u2_amdFPvEf88UYqCjPnJI8hAHFve7DrBfO11ux73JmNBQJgNL9lAeCyOixDecUQ0XG2kJOCgrjzMWRfp0DNSSMf70tDnKzaqruaKvc9yCrFOs9NmfQn1qfRb0hCwBRCGOjmgPKkNyQas58_H6nyxkcU3iB9ri8VVxTHCewoT2IhFZ52Lu9z4mWsT82C-UVd1biF-4Ebd3C5XRo6Oh1W78qica7-i_QVEUzkeT2xkhHzt_b3a0MFBf4kpc6ft38XfDC3whrO_AkJOnau03yCUsfM6myICiJqFEMDZEvQ8TCawEb__8WYWWLSFxvEwPUzxjiz7Abkyngh5JZM7FIc5l-cacxPLcHZI7dEhwoKlpdXOegev-DCRToBCLCW9nsKsEyP2aUMGZYFTsMo86OOgPBJFqc2R0nRztgaLpTaMkBETDCF0XBw4r-rdGCiqCvf-rFXn-dxtaPqK75-W8-VF2UH1VJLZ2v9GMPAkiT62xunKq2eQQ34RjXRmx7guW6pRc3V3dEK3x0LmLvEA9QdEMkQZm2tebwxZb-HURVFi2H44mw3iUHMmShjy5_mbCC4GiRbixHFeJ8MT_8SvHVJPsLPW5OOcI03kEWv5t2x5BD3wjs878XyzDMV7ZrK22jD23BzGfXqpBEcZrgv8UBM8FMbHfz9A71j3RO9psNYk3-ICkiqAqZWX4CnbS1aoJSVIQhERPuynBD1H1fdkoREY2YcVV7dxszoh0tOk-AeEKQNc-SkWDiCJY1dt3aVuJmHdQZmNIw_BJgrP6qjXtq00lRk6lzQtHIwmrViQNmdAe-2M43iyXlOOYhLLbtYYzLvzZPrioEpR5naYFinvR63m_qKyHU87J1QGW_awKVq8DpH6xhYIfD9QdzsrJmPN_qQyGwfk_3r75etby5El8RegqK8GmWByl8vpevEd78JL1burcofV20I52E7jzZd7dWu3cm5INpXdLIZX7vADfKEPamKDY_Q0vCeQtSnkYbOG8apQ40c_SsPTaWGaMgTIVNFKENSKM6rUUlZgiwxjr8vf5zwJW6hYxQsCT-T5Dk7fqK2IhlIstZ8PTpU_YpGZDJipHk3OHc80MRox-McMExMdNh1y-5EbLuvANUwL8UuBOxrUxw4gcGBAbvjAis1mZFiWWITmLSzm1pj8a2w0_0ZIelR3ZTg_wwywEI7wH4HPRx7kgGy1hgSkKTtkTmsZBPp5Ke09epPJg3cWbWMVfp-tFu5W0Zube7R0svmgx1ZtGyYIt6G5a_acGRyZQ25GC1dArShNclPIlSyYPVAkloYdaISOIGo2b44o-WreNNCFn9MXUUAeZEGGGioXcbVSymJoFwUrKg42qT03DSFMCVmykW8VMq9cqThTWyUXFbj2UyNXp8dsj5tYzF-qyhgzAC-zawf7bMGT_Gr7pMgU379t23L98NnNPrCK62a_pg0oAeUiO_IyoXl_yYTjZajQCK4vQPKCOr2g6G0Pyuu3CrnRqR96fA3R0vAmGIR1JDbpTR2aS3LdBipLTGFGyJR-VSazTD5OSADfK6eS_srWAQchiudLDUpc0UkSXqfURKUDDTokV8pqFsYGpq3-DLTf47r8n7dMJIBZTE9AWc_uqajY1sFrDPcBl4yEiXemRbEABAS_5qxlIAE1RBUTYpVZt06jWj5ZCV-bDczPdKhAoJ-gmNWCIMtJJEmhIZjySpF-EAGaiAwFYIWvgTTVsdFWjNQb0auHq4WUfHiCbniP67qjnfbXc02H8jit5xMVbHreNn2-5xZ82PPXgd7xTwcQ9tArO8gbCJEO_JeSGc-c17vkQGumvRE86AKH_Gouf02wpxHFVIolAZtrAbz-eEZKrFKhUwzHJlSpgXyWbRUtPIMvUZGfV0w8hJCDffsQ5oxffMr_KOxQcSkl_hhMjxen-g5bZGrYb_D3zaTRI7i7Vxosccltgpz-023iXcrFcXJIvKCX-_cTefuTxeS3VzHpXn_kUdzyEXP7jCvJg7sMkHuGviE1ZLlgG0le6DpTaDywyE9Jr6Nc09CQ6cW27pqP31XyeBAoqGtvZE5rlWRda6Mj4tyivee8aVu3WyvDwt5tWQ_fDT7HYNx5BoJ32Xwmk__p1ikiQwWhz0c5S3QFpl6yE7Z8YxuJ28yYgRy0caJMzKctzFnwTHnBudbS0ty0Rryx8HM2DzLp5rUrKQpKP32Ze0sZ5Xtn2Pn3hFTBGBvahmm8343Gv8HZx1SiUmYu7jalOlc96FOkNhRzxRr6svHvzGJCekuzsCcUp5l6E9ZScOvMxzCC1pIaOAZG-VNJew9_reimJHvLlWlyCS_flfp5F7Ct6P67ABVUzsfBLOSi2fzwPvPZodnel4vZHLCJVtZf6tHjPQK005U7l86Hf3tlqaiIP7lMJy0ka4GNDSnD9hxKBa39ngNlB-_bkZesi6HXnIv5rIBOOJlD9BKWW4Smu2Vv06G5W5pFs1PNduB-WBUQUs1Rp3kXgT_B67FrDJ51QxqiBEYfShoJB0qBZCF9W4j3Bo223hvW7zTzgwHRsk-pnh5AqRKB_7VEtEKJAQ5coi6nfr98eBEqX2dT_IxachpcF5BnBHA93cS2HDvhAlIDTGL5l78KdhugKWUxByHKxFE9tAvGZ4mV2ElyaskPsvNw9CizF8a2LQKKiXaHxH-4XVeaDJkjYmPEzDCC3KkUhzienXOOozPnqh1OQOhr0ydq81aKV5pNbloGDpbnkdvt5AL_JQ665cE_OnSTdvUFO7S8px-NtdTAocmFSiNCV7citBW9_Z1anLfYjiM6ICDeZMSosHwECUVKV752XrWaueFKnK5X2j6pT_Ipyg6mPM4TyfRvE5XowzCIEalwSnP4VwW6AIfQCB0casy-0bTgafbJyXEIyXHhapEkoK8sSbwr_mWKzRQRaGS1D5oNR90hOAGBmaz4ag--Qc1lwcrdhwwsY3TcN5_H6fkTM4ll-mpoVaIAsoyB1LHcgQw9GpJgCjE8UqOeOWKPNVCJATMZaSrfJTOV9ykiVxg0iFNiDxIYmBufAtKOu78KdGJKFiyfQMw-SoDKlIBnG1gJIGnOWS1WStJfeSng9oJf2FJXjSTapVhqLewYjcG-6jTvy7Yt-aqO4-10AGKBCOlm77XLNVMOE_KQpSXZOXXY0-VP22qIQA67AGInzW4NV4fxaec1XIzKSRDUIJku0El73QW9T6yqd27tZ3s2j1-e0ABxnJ_KxtI1ivDQN7xghQD2_wyrBwRBmbckaSMWYgRvgsNSPKhhqmQPxsSHz41NpM5TTvWfhE1hvsyucmwD_yP6259OrCbNAIL4TKbIiQgVc9asEVrHIpsSLoLgc6dKpEiMSDIf71ILo7jkErR-H2e8pLi0FIokzMN02sSanJpERaPkbk7skjeCe7LVDH9PL9NZ9iaw724CoXS_ZOg6p4l-gaC4_IB2MjAnJ16touzekzgkfX5x7AjzMS0bCMo77HZCUTxAzY3lyOyBj07DYuQRk7LlQslQl0Yk6IJNObawhuSl8NDvfO-XRppXFFtCIiKMfA5jyxOdusMSew9R43gOVcS40Mg4dV7nE_9Oi_md3UzuimH51ofIWA9PJzjTcJmQbQGHEmJjpYx70dOJYdyNLS3yfKfHZFIVaJ4FU80UbspUasr8NaThdAl6WYBLy6ekBi4PJS8yMXrQZ1YZ44Jolzzm-NLn7NY67gy5NoAXpNFQZL9pCPFhMpbcU6P4UaHOk3V_1ltBn4CSvgsGc2Eq5rNwuF5r1sUeLmUNSZn_ubydh9EDkAZPwfRueQ1T4stlYdCkuzshTdxU50Q_U8I&cid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg-JMBIIJXpW6E-VE8gdrowR1b_oz8xgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

dc11c6f0566fd256a81420202b9b661693d8a33788f34dd010c1839f8efa95a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:40:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16643
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D129 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cuo3Ts4iAZPK4MMeU-waWuLKQCe2Zje9wuJid9eoRr-qivcABEAEg55_DmQFglbKCgpgHyAEFqQJMlTKw5-uxPqgDAaoElQJP0DGi13aF3YBRIZ9xe5ljqkVbPHEK9FJecRH1W-48ZlLvLAluBQ2BrS3Kjp2AKoTmmf5YFO2AFVmTZ2vGhES4QXUqFBdT0kt9c74r0keR3TnVlnnNwpH1Eoi8pskzZiOO3ohqop7LXmgeovdN82uelHDztEXdPwZaiI8cH_otZpYH6QQGbmiuTEGjnx0urfruRXsOJvECkWb-A5z2diOOGelJ8tPXlwiOFk3kKP_9OQy20JOx2oNC02MqM_f_xXTHd16GYPVD0o4b9XKJFCVWsTYa6wrBLJjAyk9d-Cgvk5hl4z9y_Z7jE0KZvw2cBz6jak9VVtPdG5BUPAFuQjrjewYCsjPzifs0MhrGsU9I76UkjnGUwASr9_bAsATgBAOIBZXZ86tLkgUGCBsQAxgDkgULCCIQAxgDSOLc-wGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB8-_wWeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHDBCCgG4Yg_HU5gEgBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGwE8rMzxPIE-75jOMD0BMA2BMKiBQG2BQB0BUBgBcBshcfCh0IABIUcHViLTcwMDU4MTM0MTE4NzkwMDYY37aQAegXBQ&sigh=LUD4DV4LAyQ&uach_m=[UACH]&cid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg-JMBIIJXpW6E-VE8gdrowR1b_oz8xgB&vt=10
Requested by: Host: f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
URL: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D129 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548745a7862267ca26611237d859e3051618b6f4b3f73a27c85b426b166a1d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js Show response
pagead2.googlesyndication.com/bg/ Frame A6DB 38 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EHMIEcXmxjhpa6ysVw94xheqxns9jQBWcUzwmgw4Ck0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 11:30:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D129 0
54 B 853ms
327ms Ping
image/gif 2404:6800:4007:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lilrbj7f&c=4760779298807&slotId=2380389649403.5&qqid=CLLepa-ksf8CFUfK3godFpwMkg&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 70774489 Show response
unified.adsafeprotected.com/v2/1434172/ Frame D129 23 KB
7 KB 289ms
83ms XHR
text/xml 52.19.186.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1434172/70774489?mon=70774493&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xappb=&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstQz84P4zDiArArpLNHIpFEKmRKNAuk6_c3Wf1E-g2qzxuxkclwUljaycdpuOrwPPp-PPtDzF4uY9BWaOwkC3HosBcfEVYYgoXRVg6d_OzGiMcJ975qaC13-4ZR5dfQDxt6oSKgNEIgx-6RW5y40a3zztZ0RO_kBnLqm_3jgh5ihkiHGcYFhLGUsz1t6jdFyoe9DqsKbnlannT85Ag%26sai%3DAMfl-YR_Bz90UYaZA6hPsMp6hkIA5KYgSh2mMYJOvtYDG4J-hkQgbVASmPYapM1d2-_IHeQCe7n6zDoDe9MATCfbXEdEYJdRuf6PI1pjlYXz03Y7cftM4fH5LiMQHjRrdClOUBJy4mIzNenWZ8VN6ta-yGRW%26sig%3DCg0ArKJSzOQV53rvCe4iEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=3&ias_campId=1013136622&ias_pubId=pub-2923577365468476&ias_chanId=1&ias_placementId=20224732309&bidurl=https://www.ukr.net/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hJOVJn0kK7yoYlwzW3bnGu&originalVast=https://ad.doubleclick.net/ddm/pfadx/N6024.328593VIVAKI.COM/B29808231.364634258%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D1013136622%3Bdsp_publisherid_0_%3Dpub-2923577365468476%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D20224732309%3Bdsp_bidurl_0_%3Dhttps://www.ukr.net/%3Bdsp_dealid_0_%3D549644393847793680%3Bdsp_impid_0_%3Dv4~~ABAjH0hJOVJn0kK7yoYlwzW3bnGu%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.ukr.net/%3Fves%3DdGltZXN0YW1wOiAxNjg2MTQ1MjA1NjYyCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdlpvaGN4dUE5RnAxUjcyMS1LMW9lUWRfUEJrMlU0Mk9rYTVhUHNTZzFZV3R0SnJJclVpdEV3MDd4WGZiWDVqam5mOFp6X2dxdFRZZHF5VVdRbWZtYzViMk5UVGVqZFplUzdVZEh3UWRPa044ZVZiN0xWdVdqZDZBWFFyaEpMRHA4MURrbHZXa1Y3dVlXWGpScDhzbnN1OUN1d1NBb3I2NXJJYXQ2NkVid3BMV3ZmZG9NczlIXy16WUs3d3pQdGZpbjZBVVoxM09xSGljN01JbHVwQnB4MU1zakg5eEFGWkg1WVhTeEF5MkVjYllKT3hYRkVxZ2FsVFdTZFZmSG14ajI4ZXlxYVVoRFhKQ0RPYUgyUF9RLWxpVElzc2w0NmFGc0p5WW93MFpWTGF4WDRTYi1Rb0ZDdnJ4bjRwSExSVWxPb2JZaWVIbHczczRka1gyVkVscUxCYmluVDV4NFIyTEo1bklyczRNdHA0T2toRHUtdWZhVzZjYnVqbWkwOVpPUjU5cm1QQml6dDhVR3hwZHhqYjlyR3V1VUtqWHNyWWZnT2xocDNiQ3EtbDlFU1drZ3pTX01sLS14WnVRTFRVOWlHRjBvekhYZ01PYVFBbUd5c1M3NUdUNjFKZmk2Wk1sT0J0clA4ZGEwT3pCS0xRdmFjc3k3WW5zS2Q0NlRlclZWc1IyOElMVmxaakRCV2NWbzhzeUZwYkpibmhobHp5OFFteXZHX2Fkbl9nbzlfQVBKTTNDb1lGOGFURk5lcjVrLXJKampkd1NXQkVTU0ZVbTM0WFVrZVZhNk5IUWQ0S1M5X3hoRGk5YnlvZW1GNDRwUjNGaUwwZFRBRTZicW16d0ZDU1ZwcWFKblVQWHFxSXVGWFFKaEs0Nnp6QUdQOHhzX3ZjcHB4M09NTGxnQXBPR1dxUFdGOXk2TFllTWlPMUdUazZmaVp1M21IWHRUT2FnaUtzTkFWcnFxVklLOWdPYV9zZ2VqcGxkSDZYQm91LWpuVEVlZEg0RlZqRXFRNWNNNDRjYkt0WnFIVjJDLXFhejVKbGRlLXRRYWJEY01RNDRpZVh1V29iSzF2QUpkZktOQWI5ejU2Qzh5RjlGVF94Sm9jY216VmxndGxvdlh3MmlzTXdEb2lLaThaLUNFY2FEbzgxX2NiQ3Z0X0MtWlROV0F1bnRNc2tzdjh2R1BMRHNTd3V4ZTNRR3hqNnlpcVpMWkx4SWstUDR0UXJRY1NtSkNlbU53M0xjVDZSaUxtV053Zl92cnBueUhQX3JFV3Z4VDVvS3ozQ2F0eEd0WFFKNGhvUU5MZ2dYR1J6QW85NW12MTVhSzhWSC16NHJUd3RTWFczWWUwdjhDUWplekc5dkNEd0MxUU80bUtkSEJ1aGZOb29QQkR1YWp4MmhQdlh6RjFWTnZSb09SbVFWNXJUZTdORFd6ZUEzZW12Yk5Yb3ljMkZZc3dwTjk3NlNDeE1EaE40MU9uWXFaYUUyWENra0hJa25FT1BWUmRYakhZT2xWa0p6YnA1VXZPY0tvOFBIYW1zZU9BZ1FxMVlOMDJLblE5ODNmQkF0TkFoRWVsWTgtRG5KX19YYTJlUWlQT2xDdlpER3hZRUNPdk1uRXlJRGE3YmQ0Q1VFTEJMTkRoeFdXSGZzb3F5RHZuRGpoQXZpMXIzbVlBQXdFeTFHZnQ3LU5pYTZTZEM2QWRKY3hlRlZIYzdCd2l4bWh1clNKZmFnSmludUZ2S2syWENvd2YtTmVScGhLYnFjdXRiNFdjRzJIVHllSVpiU2dYbEp1cms4NUoyTmpuUWZRcVFuN0xRLUs5cHhvVFdocyZzYWk9QU1mbC1ZUW1KRGkwODlEd0RQQkp0SnFaYXdUUnVOaFp6MDJvZ3cwT2w1RnBqaFNlQlh2NU9lNXdSTmdmMlFMM2pQTG9GWEhBWHlPNENiVlpwbFBfcEx6enQxaUplaERpbWNqOVhYWXB0cHRaN2lkQVA1SE5jVnpPaU9JdndTSHhZYlpoVWlLdmpmLXRxcW5aZGR5NVg3R2ZaM2FZLTNpeXpIbDZ0bGRoVzBVSktNNDU4ZGgxQ21WN3FfbHBhZ2lyd0o1TjR4RllXejlNV3htR211ZVNlbGlPa1F2cFVFNUxTTm5DRGJpMjVZUnZPNXIyMEFKeUt0bm0zSjJGTzJGc2pXNWFXWkF4cEkxZzRGdk9PUTZXODFQSzdOTUppVTZzSEh3VGI5TktwcWdyTE0wM0lDWnFZVG1wdGliT3NkT0lsY3hfVmZrJnNpZz1DZzBBcktKU3pEemFzeXJsUFdOU0VBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cudmlzYS5kZS9kZWJpdC5odG1sJTNGdXRtX21lZGl1bSUzRGRpc3BsYXklMjZ1dG1fY2FtcGFpZ24lM0R2aXNhX2RlX2Z5MjNxM192aXNhX2RlX2Z5MjNfcHJlZmVyZW5jZSUyNnV0bV9zb3VyY2UlM0QyNzgyMzIzJTI2dXRtX2NvbnRlbnQlM0QxOTAyOTU1MDRfNTU1NzgwOTMxJTI2dXRtX3Rlcm0lM0QzNjQ2MzQyNTglMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%26dc_cid%3D190295504%26dc_adid%3D555780931
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.186.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-186-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a96f5854f3420804a8d40ffa0d2a5b1b89930919b75a72abbe2639cad4c09a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:05 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Id: ci08hd8jgl3erlpusoag
Content-Length: 6469

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49EA 42 B
174 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTcAfWpNUJ9sP2C4hVOFSIopuD_JWJw3mV3AYb8bVMngbJl34ldBkwRvF7A06l5NeH57_3RKBbyrB23pO8ywXirEMh1E_rwnF65vhBb0rrJz3WM_8Izm4GGUVnWJs-_EW4zbDk-HzXINS0&sai=AMfl-YQvY5Bx-e-6IK8mnbTLVwgXpfFP7xaP6HgDrCoZLzRWmg4RG-WK8ZvWp4TdwWmVdkioRZxM_LAmsQAW81RRcmnqRICSymKI9O7AGPazk30DGF9biP82LDJ9VU1XV3J6Y5MIF5ulvDlKHO2O&sig=Cg0ArKJSzG4cBuPbDlDlEAE&cid=CAQSSwBygQiDK5bndY-7HYHZQ8nTdUKIMCRq9XyLVW8-PbwQMF13j3u9oaChQV2ns9RyKBra_VrMUeSSYOHxABYSbZLBLBqxCSI7c8CWtBgB&id=lidar2&mcvt=1000&p=446,995,591,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=216364347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686145204387&rpt=350&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
79ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306010101&jk=4124555631438128&bg=!TU6lThrNAAY9J7QfHSc7ADkAdvg8WsL_WMQJu0Q-j5i7g-RMa1WOOfqAbauFc6gUQL69r1kLQTRLGVuKI8VIN9srQkkiLgflIMsCAAACBVIAAAAEaAEHmQMCDMsHT-jCDRfra5E2QxOCBPHu7vYbvOHCCdC7n9KyRZlDUM1Swk7mIww0YhjmAL--5O3-snmhX0etRhmZYLdIW7vfnVuQ94nHPDQ4V1hOxgINzwnXHwmzNPwDh6S_HmU57zUzzg7xY4Vq8-pZOZFvu977MzGrU6kcQTdFOrz4cg3Tv8bv8Kge_3rPajR1DlFIjMmjfLb4Jv9qmE1B0Z4yKMn_8nSjNxm69N56O8VcN0k3xRXeQ6eSu33y8WaOsnsxeg8SWM5hSpZvGS-d7VuXYFyVsSPh5xDSa-Uf6usLg2RPXC3frAzImtiLIsu_GZNCZK84kMTRIeZElk5r-vvu23ZvU6s3Hpti-CDP7J1s8ryRZyuOlQZll34paHbE36oUH3kJihvqz0iBO8jHWpPwJt3EKwmtsobZad8rQ1lzDj6HoGV_8h2pgbd8-fcMSLU3-pZqlBNjvS_l9q3wkzOdEgyKmWWpmKkV_yZqlPfe_S-Od_IvtPsMwqERuyeLJ8wrx4oVgMgvkzbr067Cnpu2ZXa3pN5js7mvcIL576GNDPLCJUii52xPFrvJGX4Gq4FXgHKknTVAGVSxmsophJ3nM95hm4U-1ltN-jpB0JVtGsaBn_bm9g68YJZE8DKJY9Izq2Akf8pDPpjlJJJnw8nGTIq218fLv1iAVyUCm2qRPQ-5B89kSaLCIfxitrYtsbsu3puYxRsiPqwwiJG7TjfW3lN0k5SpDbzlQNIwzC-4lFYtbjfi2JH4pgCOrTzpCtZJE6xkHWsq21hiu6DShnbJZDqIXBE2K3PjBC0t6a5rQwpyyiP5kD3mZcMmxMQDS5ax8niGekb0tBP7qk8QurMyDNb8FOT1Nu6JMqL48HdstJ5Ckd8gL0vtgH43nOSTryFAQzzKh4mYq-f6lxG_2cn9fHLMchY-7NFuypEjhSFWkurLXaXWNU0y3rmToWO08RuOCrQkK1BtR4PHqnlasH33g-I0KzykrghkDWCA1rhi6PrsVJT7EAVWrP75EaVleBe2t_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame D129 0
54 B 560ms
328ms Ping
image/gif 2404:6800:4007:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lilrbjdd&c=4760779298807&slotId=2380389649403.5&qqid=CLLepa-ksf8CFUfK3godFpwMkg&fb=outstream-lima&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D129 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 17:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 17:15:18 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame D129
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

168ms
41ms

Fetch
video/mp4

2a00:1450:4001:e::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/469550A8B836088C31AFFB8C46F1BE77C525CFE6.336C7DA44895DCB1559106DCB24E1B54BDACD11C/key/cms1/cms_redirect/yes/mh/Vx/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1686144771/mv/m/mvi/3/pl/36/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:e::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:06 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1774722
Last-Modified: Fri, 14 Apr 2023 09:33:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 07 Jun 2023 13:40:06 GMT

Redirect headers

date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
location: https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/469550A8B836088C31AFFB8C46F1BE77C525CFE6.336C7DA44895DCB1559106DCB24E1B54BDACD11C/key/cms1/cms_redirect/yes/mh/Vx/mip/2a01:4a0:1338:92::7/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1686144771/mv/m/mvi/3/pl/36/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D129 0
54 B 547ms
329ms Ping
image/gif 2404:6800:4007:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lilrbjlj&c=4760779298807&slotId=2380389649403.5&qqid=CLLepa-ksf8CFUfK3godFpwMkg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=749&mt=video%2Fmp4&vs=854x480&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1rg~videopreviewvisible.1rr&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 00C7 23 KB
9 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 419013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 17:16:33 GMT
expires: Sat, 01 Jun 2024 17:16:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F95D 42 B
64 B 78ms
76ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVn5x6x-Cl4DWrl9ELwaZMDgQAv4Uz5Z2RlcDdQi32H0HkSTiTK4if-DW2n39nbO7gGoS1X35cWrgWhwPvh0JECIUoBPV7i-vS7qDBxjUpxo25xYqy&sig=Cg0ArKJSzCY0os-Wh7wyEAE&id=lidar2&mcvt=1000&p=89,170,689,290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230605&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3371586687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686145204367&rpt=836&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 00C7 37 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 13:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 13:07:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00C7 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BdiJDtYiAZK2wJ-3HxgKTz5OgBQAAAAA4AeAEAg&bg=!9Pel96PNAAY9J7QfHSc7ADkAdvg8WnMu-LFmocWlrs830NuTzS9ojQfn1wDXTjAFCsF99LkSyxULKcsig4ymEDWvSH9JjskUc_oCAAAAZFIAAAADaAEHmQMbd9_wuYD_yhba2--LiTVfvEcxGSm7vJde9OVMNC1I_9I9ZVp20VzW0Xn5yR-8quCidGlbi6wNQN932ZSXAZmRaiKbJtcE-whFBTrHsxiL7QV-FTzbx03t7Vx_tyDPu-i6sY3LCew0duZkxHFtc08O-pT9cu-hqCZg5L42APw4zbLp53A1GkFwbu_45O9jV1VUtZ25YK1BewjHmk-B-dTUX3oiNjRVY-JSWslySUzXrZ-i1YanijfrgMU15qs9R32Y3CMlH6YOWYv1a09IDy7SyGtA8_wLyBPzG5KE8t7yXSyUicfxr38xrhUqyWd56jcfmyI9nko-6Ijnfz2prM26TrDN4pWl7tckuaygIPnJIxPvbC_TWMtc3tj6pCUPzed5xS9QbgL0pwFrbbg9AhTa1oGxPuaFW9iWz_PXhs8acJEdWelJt37g0xI5tDRolzprbLLvLiE7ldcuIPULJXVr4RmiERQ3JoC__v7MQhG6yiu21w-AzFFhNqN7_aRMkMAp3wQCyVkN2H7JOmdeJLFB8zhlXUamzxmn_LYdjT0IgN4n3dEobzYsvo3Memy15JunuwMu4XZ5yoiG1-yV9hn-dcWSKJrv2_kg-wQwn7TrLlu9vfq-fMoVvQKUKkcky1d5B0xO4eW5VY1XYk97iYQGU8sA8ks2GR__bIQgB0nz0DQmxSpY0RL3cLUfM_FqDwutO07CfqLpy3B4uqI9cNelx6hDMeY4uYpvbSvvwEk02FzI05Y15pUgx_1nHdQDFOBaBpvX1XQo8fiSbI46BMnk7F4eXyD_GCIvgeHRlny5g6ie1IxAyxrOfxNSDxVpbKxsaf79O4qgMSaVO4Z9oHCgn0ZTMtRvKo62BfSmj-EvH5xWC06XbWkMiXGvIahWFDiYgkIRgJzaM3ShhqrR7lNNVTj7VrSqdxRcxOmaW6KhdbjhfL6q1Cs24Il4Ay7_SJiMRszdKyvzgcbfrZASXAFsLDwnCqnEF3wFVe_RHnbmgFz71sB1XsA8qv8a7WFfFIRPbp9r41k9aDgYLiMQGlMFtgQjGHptZBEJH57i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/6967f19e4f122d9f/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3825912847/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame D129 2 MB
2 MB 82ms
40ms Media
video/mp4 2a00:1450:4001:e::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

500c4e68f14c286487627cec4c9533b486c8a7a941e9c3e243f234ad19f7a034

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 07 Jun 2023 13:40:06 GMT
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1774721/1774722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1774722
last-modified: Fri, 14 Apr 2023 09:33:19 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame D129 0
54 B 403ms
403ms Ping
image/gif 2404:6800:4007:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lilrbjlw&c=4760779298807&slotId=2380389649403.5&qqid=CLLepa-ksf8CFUfK3godFpwMkg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=749&mt=video%2Fmp4&vs=854x480&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1434172%252F70774489%253Fmon%253D70774493%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526blockedAdTracking%253Dhttps%253A%252F%252Fgoogleads4.g.doubleclick.net%252Fpcs%252Fview%25253Fxai%25253DAKAOjstQz84P4zDiArArpLNHIpFEKmRKNAuk6_c3Wf1E-g2qzxuxkclwUljaycdpuOrwPPp-PPtDzF4uY9BWaOwkC3HosBcfEVYYgoXRVg6d_OzGiMcJ975qaC13-4ZR5dfQDxt6oSKgNEIgx-6RW5y40a3zztZ0RO_kBnLqm_3jgh5ihkiHGcYFhLGUsz1t6jdFyoe9DqsKbnlannT85Ag%252526sai%25253DAMfl-YR_Bz90UYaZA6hPsMp6hkIA5KYgSh2mMYJOvtYDG4J-hkQgbVASmPYapM1d2-_IHeQCe7n6zDoDe9MATCfbXEdEYJdRuf6PI1pjlYXz03Y7cftM4fH5LiMQHjRrdClOUBJy4mIzNenWZ8VN6ta-yGRW%252526sig%25253DCg0ArKJSzOQV53rvCe4iEAE%252526uach_m%25253D%25255BUACH%25255D%252526urlfix%25253D1%252526vt%25253D13%252526adurl%25253D%2526redirectedRetries%253D0%2526ias_dspID%253D3%2526ias_campId%253D1013136622%2526ias_pubId%253Dpub-2923577365468476%2526ias_chanId%253D1%2526ias_placementId%253D20224732309%2526bidurl%253Dhttps%253A%252F%252Fwww.ukr.net%252F%2526ias_dealId%253D549644393847793680%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0hJOVJn0kK7yoYlwzW3bnGu%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN6024.328593VIVAKI.COM%252FB29808231.364634258%25253Bsz%25253D0x0%25253Bdsp_id_0_%25253D3%25253Bdsp_campaignid_0_%25253D1013136622%25253Bdsp_publisherid_0_%25253Dpub-2923577365468476%25253Bdsp_chanid_0_%25253D1%25253Bdsp_placementid_0_%25253D20224732309%25253Bdsp_bidurl_0_%25253Dhttps%253A%252F%252Fwww.ukr.net%252F%25253Bdsp_dealid_0_%25253D549644393847793680%25253Bdsp_impid_0_%25253Dv4~~ABAjH0hJOVJn0kK7yoYlwzW3bnGu%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fwww.ukr.net%252F%25253Fves%25253DdGltZXN0YW1wOiAxNjg2MTQ1MjA1NjYyCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdlpvaGN4dUE5RnAxUjcyMS1LMW9lUWRfUEJrMlU0Mk9rYTVhUHNTZzFZV3R0SnJJclVpdEV3MDd4WGZiWDVqam5mOFp6X2dxdFRZZHF5VVdRbWZtYzViMk5UVGVqZFplUzdVZEh3UWRPa044ZVZiN0xWdVdqZDZBWFFyaEpMRHA4MURrbHZXa1Y3dVlXWGpScDhzbnN1OUN1d1NBb3I2NXJJYXQ2NkVid3BMV3ZmZG9NczlIXy16WUs3d3pQdGZpbjZBVVoxM09xSGljN01JbHVwQnB4MU1zakg5eEFGWkg1WVhTeEF5MkVjYllKT3hYRkVxZ2FsVFdTZFZmSG14ajI4ZXlxYVVoRFhKQ0RPYUgyUF9RLWxpVElzc2w0NmFGc0p5WW93MFpWTGF4WDRTYi1Rb0ZDdnJ4bjRwSExSVWxPb2JZaWVIbHczczRka1gyVkVscUxCYmluVDV4NFIyTEo1bklyczRNdHA0T2toRHUtdWZhVzZjYnVqbWkwOVpPUjU5cm1QQml6dDhVR3hwZHhqYjlyR3V1VUtqWHNyWWZnT2xocDNiQ3EtbDlFU1drZ3pTX01sLS14WnVRTFRVOWlHRjBvekhYZ01PYVFBbUd5c1M3NUdUNjFKZmk2Wk1sT0J0clA4ZGEwT3pCS0xRdmFjc3k3WW5zS2Q0NlRlclZWc1IyOElMVmxaakRCV2NWbzhzeUZwYkpibmhobHp5OFFteXZHX2Fkbl9nbzlfQVBKTTNDb1lGOGFURk5lcjVrLXJKampkd1NXQkVTU0ZVbTM0WFVrZVZhNk5IUWQ0S1M5X3hoRGk5YnlvZW1GNDRwUjNGaUwwZFRBRTZicW16d0ZDU1ZwcWFKblVQWHFxSXVGWFFKaEs0Nnp6QUdQOHhzX3ZjcHB4M09NTGxnQXBPR1dxUFdGOXk2TFllTWlPMUdUazZmaVp1M21IWHRUT2FnaUtzTkFWcnFxVklLOWdPYV9zZ2VqcGxkSDZYQm91LWpuVEVlZEg0RlZqRXFRNWNNNDRjYkt0WnFIVjJDLXFhejVKbGRlLXRRYWJEY01RNDRpZVh1V29iSzF2QUpkZktOQWI5ejU2Qzh5RjlGVF94Sm9jY216VmxndGxvdlh3MmlzTXdEb2lLaThaLUNFY2FEbzgxX2NiQ3Z0X0MtWlROV0F1bnRNc2tzdjh2R1BMRHNTd3V4ZTNRR3hqNnlpcVpMWkx4SWstUDR0UXJRY1NtSkNlbU53M0xjVDZSaUxtV053Zl92cnBueUhQX3JFV3Z4VDVvS3ozQ2F0eEd0WFFKNGhvUU5MZ2dYR1J6QW85NW12MTVhSzhWSC16NHJUd3RTWFczWWUwdjhDUWplekc5dkNEd0MxUU80bUtkSEJ1aGZOb29QQkR1YWp4MmhQdlh6RjFWTnZSb09SbVFWNXJUZTdORFd6ZUEzZW12Yk5Yb3ljMkZZc3dwTjk3NlNDeE1EaE40MU9uWXFaYUUyWENra0hJa25FT1BWUmRYakhZT2xWa0p6YnA1VXZPY0tvOFBIYW1zZU9BZ1FxMVlOMDJLblE5ODNmQkF0TkFoRWVsWTgtRG5KX19YYTJlUWlQT2xDdlpER3hZRUNPdk1uRXlJRGE3YmQ0Q1VFTEJMTkRoeFdXSGZzb3F5RHZuRGpoQXZpMXIzbVlBQXdFeTFHZnQ3LU5pYTZTZEM2QWRKY3hlRlZIYzdCd2l4bWh1clNKZmFnSmludUZ2S2syWENvd2YtTmVScGhLYnFjdXRiNFdjRzJIVHllSVpiU2dYbEp1cms4NUoyTmpuUWZRcVFuN0xRLUs5cHhvVFdocyZzYWk9QU1mbC1ZUW1KRGkwODlEd0RQQkp0SnFaYXdUUnVOaFp6MDJvZ3cwT2w1RnBqaFNlQlh2NU9lNXdSTmdmMlFMM2pQTG9GWEhBWHlPNENiVlpwbFBfcEx6enQxaUplaERpbWNqOVhYWXB0cHRaN2lkQVA1SE5jVnpPaU9JdndTSHhZYlpoVWlLdmpmLXRxcW5aZGR5NVg3R2ZaM2FZLTNpeXpIbDZ0bGRoVzBVSktNNDU4ZGgxQ21WN3FfbHBhZ2lyd0o1TjR4RllXejlNV3htR211ZVNlbGlPa1F2cFVFNUxTTm5DRGJpMjVZUnZPNXIyMEFKeUt0bm0zSjJGTzJGc2pXNWFXWkF4cEkxZzRGdk9PUTZXODFQSzdOTUppVTZzSEh3VGI5TktwcWdyTE0wM0lDWnFZVG1wdGliT3NkT0lsY3hfVmZrJnNpZz1DZzBBcktKU3pEemFzeXJsUFdOU0VBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cudmlzYS5kZS9kZWJpdC5odG1sJTNGdXRtX21lZGl1bSUzRGRpc3BsYXklMjZ1dG1fY2FtcGFpZ24lM0R2aXNhX2RlX2Z5MjNxM192aXNhX2RlX2Z5MjNfcHJlZmVyZW5jZSUyNnV0bV9zb3VyY2UlM0QyNzgyMzIzJTI2dXRtX2NvbnRlbnQlM0QxOTAyOTU1MDRfNTU1NzgwOTMxJTI2dXRtX3Rlcm0lM0QzNjQ2MzQyNTglMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%252526dc_cid%25253D190295504%252526dc_adid%25253D555780931&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dt
dt.adsafeprotected.com/ Frame D129
Redirect Chain

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
https://dt.adsafeprotected.com/dt?anId=10173&asId=6b5779d4-f72c-4c23-8d46-96cca8df0142&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...

43 B
216 B

622ms
191ms

Image
image/gif

2600:1f13:800:7780:6c14:31e2:b563:7653
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10173&asId=6b5779d4-f72c-4c23-8d46-96cca8df0142&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol: H2
Server: 2600:1f13:800:7780:6c14:31e2:b563:7653 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:07 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Redirect headers

Location: https://dt.adsafeprotected.com/dt?anId=10173&asId=6b5779d4-f72c-4c23-8d46-96cca8df0142&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date: Wed, 07 Jun 2023 13:40:06 GMT
Connection: keep-alive
Content-Length: 0
Vary: Origin
Content-Type: image/png

GET
H2 200 dc_oe=ChMI7d6WsKSx_wIV7aNRCh2T5wRUEAAYACDQ295aOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIst6lr6Sx_wIVR8reCh0WnAyS;dc_rmcid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg...
ade.googlesyndication.com/ddm/activity/ Frame D129 42 B
401 B 201ms
80ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7d6WsKSx_wIV7aNRCh2T5wRUEAAYACDQ295aOhkIkfXfZxCr9_bAsAQY7vmM4wMguJid9eoRQhMIst6lr6Sx_wIVR8reCh0WnAyS;dc_rmcid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg-JMBIIJXpW6E-VE8gdrowR1b_oz8xgB;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D398474677%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1686145206667;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D129 42 B
64 B 90ms
86ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ce9_9s4iAZPK4MMeU-waWuLKQCe2Zje9wuJid9eoRr-qivcABEAEg55_DmQFglbKCgpgHyAEFqQJMlTKw5-uxPqgDAcgDmwSqBJgCT9Axotd2hd2AUSGfcXuZY6pFWzxxCvRSXnER9VvuPGZS7ywJbgUNga0tyo6dgCqE5pn-WBTtgBVZk2drxoREuEF1KhQXU9JLfXO-K9JHkd051ZZ5zcKR9RKIvKbJM2Yjjt6IaqKey15oHqL3TfNrnpRw87RF3T8GWoiPHB_6LWaWB-kEBm5orkxBo58dLq367kV7DibxApFm_gOc9nYjjhnpSfLT15cIjhZN5Cj__TkMttCTsdqDQtNjKjP3_8V0x3dehmD1Q9KOG_VyiRQlVrE2GusKmS0CNVndG2rK1A3-vn0v3SrefMRRfAgyeZhAgWDLXH_LGN4_a9mUlGkU--2-zfKsBl_QGCr6CDcpk4Q8JO8gvBHhsMAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8rMzxPIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=GNsj7cYSBIQ&label=part2viewed&ad_mt=5&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D398474677%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1686145206667

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame D129 43 B
490 B 203ms
38ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 09:22:32 GMT
x-content-type-options: nosniff
age: 15454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 09:22:32 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame D129 35 B
174 B 150ms
62ms Image
image/gif 52.19.186.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZjU2YTJhZmJiMjU2MDgzZjY5YzgzMjRhOWI4YjQ4Yjkuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQzNDE3MiIsImN1c3RvbTgiOiI3MDc3NDQ4OSIsInhzaWQiOiI2YjU3NzlkNC1mNzJjLTRjMjMtOGQ0Ni05NmNjYThkZjAxNDIifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAyMjQ3MzIzMDkiLCJoZWFkZXIxMSI6IkRDTSIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjcmVhdGl2ZUlkIjoiMTkwMjk1NTA0IiwiY2IiOiIxNjg2MTQ1MjA1OTcyMjcwMzI2IiwiYWREdXJhdGlvbiI6LTEsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1434172&pubEntityId=70774489
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.186.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-186-154.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 13:40:06 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame D129
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1434172/70774493/skeleton.gif?xmtp=v&xmapp=0&xsId=6b5779d4-f72c-4c23-8d46-96cca8df0142&bidurl=https://www.ukr.net/&ias_campId=1013136622&ias_pubId=pub-29235...
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=6b5779d4-f72c-4c23-8d46-96cca8df0142

43 B
483 B

225ms
42ms

Image
image/gif

2600:9000:223f:3000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=6b5779d4-f72c-4c23-8d46-96cca8df0142
Protocol: H2
Server: 2600:9000:223f:3000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 29976429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: JW-s7CJ9TabMVP_jjdD6RU9W0Mmwe5S8k5LPz8L003jg1U3G_RwsKQ==

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=6b5779d4-f72c-4c23-8d46-96cca8df0142
cache-control: no-cache
content-length: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D129 0
557 B 252ms
87ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstv_2WaTlWSIB2JdsxXr_VRRQ7Pw3BA49BJu5D9reWvAWCSwob5_pTO2XzZijq7pQ_vsJeCCej6Il2h0NdPpXvx6dUFOzvsiffTVCfUZdHUHQZRt7OLoLX9oqS-C2lw1bzjzDqgTq0rRtcWrVVw_VkMnNnEjLNu-bwUCt8enA4qtX0215VaU6JvZawRTnEtWxZqx8gnUyM2y2pdBLyWuB1sLY6jNHpufZZ7M5ArgrJFJTlZFsXxBySTedCMpYlKmqkxSGPDfB0NDiASKTlrQ4SjBLb5m94tcTWe3l14_44UJAl3k2jUYcqpWf0tDTLi3BmzrAQbRjSrvKvuqHXSFjpA66eQJA_XuojiS9TB6SBMNJEe9cJUD1yDXEsQl7zMLYuGFl-nXrT7C-FR9-0rmYVlIfqOtpb_3cMGMC8XvnwrBcglymHMTL-_re-n7mZlUJtHxf9LaGDqUZPR8JhmHyxEFOFBUZY19lK-n3OiyHY8HyFNBaqD8i-C6kz9s0Pk9qjNAuL2cFv_1AbxtdXzOsLL1wTf35E7Bn4RIxrFbCqJ2S5DisiX9braGEq6lZ4Y9qQpR55GO5V3ZjSxDom3ANUhhJ78fBUN857OlwVQ5C6fXNBXaz-rxxRbBWVUI2WEeYWa7r0zy9ZNLpemQd6IYjj79EtI8wi2gB6SLn1p0SxRrzYhM57peGoY0CNrPa17x_2G-wnhF0I_wCuiZ0hajRJ5CMUUwep9P5ODdlqIG-0JvR-Q5cD_fvRJp2hvo9olq1zTo4OVxi76h_tw6LZly2MC0kAf6NBe0LqE7tbz11wyMceVCuGIeQTdnYboz9o0ZpXzuT_0noDVZerRAJSx38yWKklyEWJ-gM3h4vKLrojeFL3953Smik2u_wnOpFBNdkcxUXN9ZGvJj69u3WHb-w8WaN5PB5pKonM-Hi83ldx8y3So2hxQOg8h2EodN-uVwfXWd-KXxbKxkjj1gr_mC-sSFMINbCCg5DUSIfWRIXL5I8LPI_zxvQyAeIVrowjE_GnD0rq8vIN1HpoTm5YycE1CfPsC2bNpM7tN-5Wec8bMV39LYvZ_tH3tXveiMHT1-q2_sfx5iU440odRzFwyIQFEIuURxo6VMRZJOuxW5r56ubY_q_eukHokiKiRwGbo0qXko5Xy0JZlZMIr1o654Fv6GnGyjiu57RDfokPLObmgxeqlp4kdwA1U3oZuGj7kwMDb3Dc0d6DnDL55zNWGrxFjOMPh_qOEpqylAYtDFbSM4RTKx4Efr0CPBBrfQ1hcsDoumRxJEAHFAjRqN_Yypz30baymMNBtzQoMmGDTeP7UaRZhx7FqkyxZlow&sai=AMfl-YTshJDP0EdvTF3i9nqEFRfov0_C87dH57yEODIyYpZYsRLeWabRlSijUQ0k-POPv8ijst4UdfnXA0xwksO6uAsiBMU5WQzqcEm3b-t3UGmbFoCNh5kJCRmfvVbGAoyIYk-4wZd5vPx0gY41WosYv9L6MSN_SOcDOb4BwzmloKVjA7EGEr0rqY-JnYhHTnHzS8jIL-rK-KsmdH6QgMk36vZh28nA6QzwZbfaz7wFInhQqiDU5qMB3vSyXMhY7of2bquI_zhdWUiyglZi7w_3_rF9HY7uiYlpECIA51BUcgG-S_ZBo6gkMe8q&sig=Cg0ArKJSzIEigOoPEnIeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D129
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIYg_HU5gEgATAB&v=APEucNXH5vhW7YPBF12VX-To6weZoo8RCTt7D_RQSPwWVuTzlpJRuASWx2AQzkd_bpJNdUo9ooBV8pDLw-As7k07S7Uu1Fxe8w
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZICIt1WbbRpjcztC9INaWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKL2cw71C5haLSMz-3X9VMQ&google_cver=1

43 B
766 B

54ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKL2cw71C5haLSMz-3X9VMQ&google_cver=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Jun 2023 13:40:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKL2cw71C5haLSMz-3X9VMQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D129 0
20 B 82ms
78ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D129 42 B
64 B 87ms
84ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBQsdLFGjjDgd4PdNShnN_rvMdfgV3OKJQj9z-SfvmrMr0UDYXly9PfryFNf2vbt1cxx-vtgeb9VXXI3DczyRb9y1thHxfT1_ZWkX2y5EOMW3-7wsFZiRPeTzEkiWjn38&sai=AMfl-YTii6cEiuL2PRNvDvFRm_t5HogmINyvhML7SjeLQPySadMF-ai29I7wVrVuTtfIVF8WvS_7L6TcA_p5uNNNOeg3os3dsNS_zx0P-_fntZWnJnLXm1GOLv-5cQgUfsNWNb4-wqEXJIcXRr17&sig=Cg0ArKJSzFA_5DBKpdA9EAE&cid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg-JMBIIJXpW6E-VE8gdrowR1b_oz8xgB&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D398474677%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1686145206667&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame D129 42 B
64 B 90ms
87ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ce9_9s4iAZPK4MMeU-waWuLKQCe2Zje9wuJid9eoRr-qivcABEAEg55_DmQFglbKCgpgHyAEFqQJMlTKw5-uxPqgDAcgDmwSqBJgCT9Axotd2hd2AUSGfcXuZY6pFWzxxCvRSXnER9VvuPGZS7ywJbgUNga0tyo6dgCqE5pn-WBTtgBVZk2drxoREuEF1KhQXU9JLfXO-K9JHkd051ZZ5zcKR9RKIvKbJM2Yjjt6IaqKey15oHqL3TfNrnpRw87RF3T8GWoiPHB_6LWaWB-kEBm5orkxBo58dLq367kV7DibxApFm_gOc9nYjjhnpSfLT15cIjhZN5Cj__TkMttCTsdqDQtNjKjP3_8V0x3dehmD1Q9KOG_VyiRQlVrE2GusKmS0CNVndG2rK1A3-vn0v3SrefMRRfAgyeZhAgWDLXH_LGN4_a9mUlGkU--2-zfKsBl_QGCr6CDcpk4Q8JO8gvBHhsMAEq_f2wLAE4AQDkAYBoAZOgAfPv8FnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGwE8rMzxPIE-75jOMD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&sigh=GNsj7cYSBIQ&label=vast_creativeview&ad_mt=5&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D398474677%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1686145206667

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D129 0
54 B 332ms
329ms Ping
image/gif 2404:6800:4007:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lilrbjy4&c=4760779298807&slotId=2380389649403.5&qqid=CLLepa-ksf8CFUfK3godFpwMkg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=749&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_play&asset_bytes=194172&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.2aa~videopreviewstarted.2ad
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-75WQ2FHNW7&gtm=45je3650&_p=851915598&cid=1447050822.1686145203&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1686145203&sct=1&seg=1&dl=https%3A%2F%2Fwww.ukr.net%2F&dt=UKR.NET%3A%20%D0%92%D1%81%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%2C%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%96&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75WQ2FHNW7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ukr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ukr.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D129 42 B
64 B 79ms
78ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBQsdLFGjjDgd4PdNShnN_rvMdfgV3OKJQj9z-SfvmrMr0UDYXly9PfryFNf2vbt1cxx-vtgeb9VXXI3DczyRb9y1thHxfT1_ZWkX2y5EOMW3-7wsFZiRPeTzEkiWjn38&sai=AMfl-YTii6cEiuL2PRNvDvFRm_t5HogmINyvhML7SjeLQPySadMF-ai29I7wVrVuTtfIVF8WvS_7L6TcA_p5uNNNOeg3os3dsNS_zx0P-_fntZWnJnLXm1GOLv-5cQgUfsNWNb4-wqEXJIcXRr17&sig=Cg0ArKJSzFA_5DBKpdA9EAE&cid=CAQSSwBygQiDloXB1KxBb8PbomMqr5wz5b9ZnAuop6frsrv_SJKX87i5s3ZroEPYiZhsIBqtRoGpg-JMBIIJXpW6E-VE8gdrowR1b_oz8xgB&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,168,299%26tos%3D2014,0,0,0,0%26mtos%3D2014,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2186%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D211%26dur%3D15018%26vmtime%3D2192%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D2014%26dvpt%3D2186%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D398474677%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1686145206667

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Jun 2023 13:40:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukr.net/	1970-01-20 12:22:27	Name: __cf_bm Value: nZDHVqggFdDP38u6qlCJvBKrVM0hppGS5MXftx.9pPc-1686145202-0-AdjTkafAIvVreRPdjhS74MH7Xq4FxjB5S695IR3J3PBbUP+mFhrBqb3EsHqZrnOzRlLpv38vs2c5ZvZD8d+Lti4=
.ukr.net/	1970-01-20 21:08:01	Name: news_lang Value: ua
.ukr.net/	1970-01-20 21:08:01	Name: un_news_region Value: 9
.ukr.net/	1970-01-20 21:08:01	Name: snr Value: 9
.ukr.net/	1970-01-20 21:08:01	Name: scr Value: 9
.ukr.net/	1970-01-20 21:08:01	Name: sfr Value: 9
.ukr.net/	1970-01-20 21:08:01	Name: uid Value: Cj1tBGSAiLKZdzMEBcrhAg==
.fwdcdn.com/	1970-01-20 12:22:27	Name: __cf_bm Value: tgzKxLOwpfyR9urH2dWcaJOsFJdErzaAz7bg.0wlLdI-1686145202-0-ARwWYvnEgSqTPiiuBHQruAFO+Q3LKJJ8YGP9WqBQI9P+MEJNJN7UkVbrKnwoDLARRrmUUr40OUwLNmuWpkppXO4=
www.ukr.net/	1970-01-20 19:07:25	Name: cbtYmKname Value: c05beaaf8fcfcf7b
.ukr.net/	1970-01-20 21:58:25	Name: _ga_75WQ2FHNW7 Value: GS1.1.1686145203.1.1.1686145203.60.0.0
.ukr.net/	1970-01-20 21:58:25	Name: _ga Value: GA1.2.1447050822.1686145203
.ukr.net/	1970-01-20 12:23:51	Name: _gid Value: GA1.2.2029213508.1686145203
.ukr.net/	1970-01-20 12:22:25	Name: _gat_gtag_UA_5903420_1 Value: 1
.mgid.com/	1970-01-20 12:22:27	Name: __cf_bm Value: BXRtasSSKELVXmr_jAYl2mJeBfoL7hUz8k_DxYFOzkg-1686145203-0-ASPjueVixxqyuUefWahWsQpuCwWcqdh7gocCZxiEuDdRRz3N0NSZTG7PlORbFrxwrYWzOLeu/fMF0dM02zYBz3o=
.ukr.net/	1970-01-20 21:08:01	Name: pcity Value: 102950159
.ukr.net/	1970-01-20 21:08:01	Name: tracknew Value: 1686145203269258.1686145203.1
.ukr.net/	1970-01-20 21:08:01	Name: fuelId Value: 4
loadercdn.net/	1970-01-20 21:58:25	Name: vui Value: f4d13795ee5f47b589414b2b230d225c
m.mixadvert.com/	1970-01-20 12:22:25	Name: e120c09d311033fa0009a894072b4971 Value: 444317
m.mixadvert.com/	1970-01-20 12:23:51	Name: 1f4f0b2e646d9d1c8f6f6d0d7da59205 Value: 1
.go.rcvlink.com/	1970-01-20 21:58:25	Name: cache Value: tp7a7dLbvG3z2B4
www.ukr.net/	1970-01-20 13:05:37	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ukr.net/	1970-01-20 21:08:01	Name: _pubcid Value: 3e7a483a-bb52-415b-9efb-419145d1e97d
accounts.ukr.net/	1970-01-20 21:58:25	Name: clapid Value: ZMS6gQAAAAAtveetP7BquFYTZxhUySi_flr49I0JxOfceaqB8xHF2w:Rpl1dQDlviPhyrEUxQQEXL80fm4XLm1IodQC4TDm5ic
a4p.adpartner.pro/	1970-01-20 13:48:49	Name: apuid Value: fc08d6ab-786b-4493-ba23-521f9b05759d
.criteo.com/	1970-01-20 21:44:01	Name: uid Value: 82ac181c-b741-4a6e-ba6d-fcf15283d476
.adtelligent.com/	1970-01-20 13:51:42	Name: vmuid Value: 4339079a6c83a9ca
.adtelligent.com/	1970-01-20 13:51:42	Name: a307558 Value: fc08d6ab-786b-4493-ba23-521f9b05759d
.ukr.net/	1970-01-20 21:44:01	Name: cto_bundle Value: irxj919TWmZRZlF6UUZSUGV2dWNWZFo2djhRVHgzZ1Vqc2F5V2JXMkVicXVGaHVKTzBYcXV4YnpnZ2hwQkdBdEklMkJDd0hwNXp2TjRISDROUjJPam11M2xiWnpWJTJCSk1VU00lMkZIWlhoT3dqMCUyRjQxR1had2huUTUxdjVZMEsyVmViV1FxYXlWSGFiclhZcHI0OTVOODRUS0lPdGs1QSUzRCUzRA
cookies.nextmillmedia.com/	1970-01-20 12:32:30	Name: NMUID Value: csuid_e5507472-515e-44e5-b2f9-67b3798ffddd
.givemelink.cc/	1970-01-20 21:58:25	Name: vid Value: 7103360232469421
.givemelink.cc/	1970-01-20 12:22:25	Name: viewposter Value: 544
.doubleclick.net/	1970-01-20 21:44:01	Name: IDE Value: AHWqTUnQobA5ekgehdSAwx5FfOhPTT9qOSBGysRtD5boWcEO4eCwiVG37OJpf2rlm7A
.ukr.net/	1970-01-20 21:44:01	Name: __gads Value: ID=34fde9757a58cb5a:T=1686145203:RT=1686145203:S=ALNI_MaTfmuVO91aqMz3PHv23d9KY47UGA
.ukr.net/	1970-01-20 21:44:01	Name: __gpi Value: UID=00000c3f8a6fb8a3:T=1686145203:RT=1686145203:S=ALNI_Mb-YIJtSgJbaqU7z7WKPzKWsQ0FWA
.doubleclick.net/	1970-01-20 12:22:28	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 21:08:01	Name: CMID Value: ZICIt1WbbRpjcztC9INaWAAA
.casalemedia.com/	1970-01-20 14:32:01	Name: CMPS Value: 1164
.casalemedia.com/	1970-01-20 14:32:01	Name: CMPRO Value: 1164

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: https://accounts.ukr.net/api/v1/token/verification/acquire Message: Failed to load resource: the server responded with a status of 599 ()
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://upst.fwdcdn.com/js/runtime.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
accounts.ukr.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
afl.rozetka.com.ua
ap.lijit.com
api.phoenix-widget.com
bb.givemelink.cc
bid.g.doubleclick.net
cdn.ampproject.org
cm.g.doubleclick.net
cookies.nextmillmedia.com
counter.ukr.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f56a2afbb256083f69c8324a9b8b48b9.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
ghb.adtelligent.com
go.rcvlink.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
imasdk.googleapis.com
kinoafisha.ua
loadercdn.net
m.mixadvert.com
mail.ukr.net
mug.criteo.com
pagead2.googlesyndication.com
pinformer.sinoptik.ua
pixel.adsafeprotected.com
player.adtcdn.com
player.adtelligent.com
r3---sn-4g5edn6r.c.2mdn.net
region1.analytics.google.com
s.znctrack.net
s0.2mdn.net
s2.givemelink.cc
securepubads.g.doubleclick.net
servicer.mgid.com
st11.rcvlink.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
trafmag.com
ukr.net
unified.adsafeprotected.com
upst.fwdcdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.ukr.net
zakladki.ukr.net
104.18.8.128
108.177.15.155
136.243.84.74
142.250.185.130
142.250.185.98
142.250.186.34
143.244.196.143
147.135.189.55
178.250.1.11
185.187.81.40
185.239.172.77
185.80.39.216
193.200.64.15
193.200.65.2
193.200.65.22
193.200.65.5
2001:4860:4802:34::36
212.42.73.60
212.42.75.249
212.42.75.253
212.42.76.151
212.42.83.135
216.52.2.16
2404:6800:4007:81e::2003
2600:1f13:800:7780:6c14:31e2:b563:7653
2600:9000:223f:3000:8:48e:53c0:93a1
2606:4700:1::6813:874e
2606:4700::6810:3965
2606:4700::6812:509
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2001
2a00:1450:4001:e::8
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:d::d
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.217.213.80
45.133.44.3
51.83.220.94
52.19.186.154
52.51.214.95
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06f54e609c3f48167e8890f44e5992e2692615bb8079494126000e020f950ddb
07991868a4cb6968052828c9278562e7a0b6ea7f38e4634bf6c5b6052f0ca259
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08bd8f890366e3fe0e41ab2472ef31644d656ebe3600aff93f641ff2fcd477a8
0f7c9dd864d72d258d50918e941413675eb7db0e7b6418e8a3b072e2c386885a
10730811c5e6c638696bacac570f78c617aac67b3d8d0056714cf09a0c380a4d
11092d3004c100fcc3ed67a31f910bdb9e81b649dbc4c602b09c39d0edcb4701
1310c2941392644f8bf126f67d39cb6d97e88e7d2bf19cc129d1855d81ac8083
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
152a3beefcf16ff85d9c61e938504dd7dff89f73dda8def61e8f5dc749e37378
1710bcfd8a1e6ad5830b6b18beea423f3404753be5024fcedd1d2858fdb877c4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
1b299bb6f363418ea416a65c36ba106049cd29b13195a23d78794289e7795de7
1d760e3d302e29797056a5b5a5b83fdbc08b544862ce3032d4904ceefcb76103
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fd84e4d00d7d5d9e9c24aa430f47f9cadfd01b9a15e4dd03764a267dd93244d
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
2133a161a9c5e3e32a36c078364323859b2a1d4235e38548c66e6096d0e30bc0
2438dba1b36f2daee71839ebefff6ce89e3dce9a850ef61fd61af4ba13b583f6
244c3f2d94763fb808c492339cda6afb4eccf199e6bd877b80367840feb1112a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a952681ead50673e8834af532b4297346e075c837af78b551849167b0831772
2bd1d7d12e2943aaa101027641b9e6ac83fc7b03519eb74f89058418a79bf983
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f68160a9f7c52785cf045c3eb35c25bd1324a92c1294c9b5c59b75cbb073511
2f723cee3a3c0a92cdd66281c85f841b8743a6b6317e376360b55300425017fd
30b5c7e3df996697ddd0a7fd62858e6071d64c22fe0f33bf3a025a688ca550bc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f061a752b770dfd7de8090a4752c6d810ba68bff50ab6a645a5a259eddf4cd
3781036262c122e1a5c69ce22ade5efed89dd693f30ef89bff924f59904d4a62
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ee8b9b20d2e1cfe53063b2142c4cdad0ee1808374906fa2c5f7fe26e6f2d261
3f757044fa067960c89b77d10fecb4ff4f02552180cf3d0d94b4b98ee28df863
3fbd941f2c1e5f35eef02b0e3baf1966b2d06393293b1917310d61fa942755fb
414ceefac37797a764d25cea199c2d9c5b2e9d8b4051866bd9d9725bf3991f6d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
46360087784a5e34f985d1d5edb413167fd65de377b386135a0246014b765bc5
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4693fd4edc75c2ba517e5fbb75e5686732e37864bd7e7b9550f2afafb19253dd
4db4b0625c98a8e616acabeb5b02bc53037c652e41db77afeae95de242ae5eec
4f4246f9ebb924f7b062ac271c33c00349e658b1b7c2784cae64a6dfcfc489c1
500c4e68f14c286487627cec4c9533b486c8a7a941e9c3e243f234ad19f7a034
5065b65c7cc17d8605ab0379141167be378f306d3bbf1baea7b6c7a4857a6948
51182235147cecb5d00caa5034b5625101584aa813607ca338d227474f36505b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548745a7862267ca26611237d859e3051618b6f4b3f73a27c85b426b166a1d3f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
572c66a3e75ab9601171033ac65bdfc5e1eacb869aa1d22b342b73cd1338bbd9
57daff1b87a9231f58bffbc7e42a774f89f9817c4f0c3d67ea2bc4a185ede22a
5808ecefbc203de953554b4499ed9f098ad6deb36dc7146b6607864c2c070323
586a0f8ff5c734ec8fe47a219e53a0aecbedfa661cc8894bf53561dbc8d2f964
58c4a76629f3c9aec44b855aa46e97e2eb363e052279a5b456041c3d23af69bc
597daab5972873ee5a8c46171115b4ee3404e525d6fae13d6bbf31d38328012d
59f3e525859913b9620fcdca96ad9638a11db70bdbce24d41e15468e41190d1c
5d9d63f3c8c6c971a269d1b577bae3a425e21b25fa17eec593e1a302e8568a4b
5f6288321f74c893bd77644616bffcd15ed0e1a50dcbcf9e1f26f4bde8fd3060
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64f84d507040c51a23f01b1ca715a70cba443c6e0ad0321df9c69292b4bc0f50
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6803cee2f4dc388c4b4b7919a46731c73ac178a7f1f1e8c561bc7b10419edfc4
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6a7e647a30782b55e3bb2f98a7fcc8010dd4451e92510baad84a4e4cc4ac009d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae9dcebe244b06c0819f0d25bf207c6315ae56d360072b8b74b2b2ea9313d1d
6c2d917c1d2c627d10b96fd21dcf38dcce63f3d79266b8fc83894b9e1f75ca14
6dc07bbe0da53b9a063e9ac39a22235cd314769befd1f3a333929f19185dd0e2
6e9952ba3efda63fa47a8cd80291e12df4fd92f08139f16a42b5516147121b37
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
706a3009c0143f7a8578fcf8ca77647b9fca126ba21d40029130f23d4754e090
712328bc23cb5a55cddc119b5845996118b03e60bc77d5f4c95991ed7ca3b2eb
756be8b477b918cb4878a275d6f540218f9eb9247e953ecd4aec42b8a34d8d3b
75995025eb3ef4f49eb21cbcb17bc44f2a52e7f8910c41cc250a9d3e46b6074c
76f8dda4104fd01462a5ba962e545110bb103cad8a120ec7903dfffd1274bc2e
78ddeb39a928825cfb11fbd72a2c5a5fabf18add9b6208e4bee826e7bcfd9c2c
78f4e1dfb587902abc2c96088d34540db0677a88dab0cce05a88753b9c99e034
7d1d9d255fa64b514cac2b3040dacc62bc52f897fcf1eeb6ac2aa8e1017ae4ff
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
80f0ada1c01db5dcdbb212526b722465dd6982a2852b47612ad53d1da03b333b
80f5aafdf09fcc496bce2ddfc27045b273ac9c0027d3be9c35e5f47214202ffe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
84388bf6f694149cd7beb103b12645145c4bf69a23e826086124e2a72c22f2e7
844d2d971c416310f4abad69675bf32cd41d7cbb2dc45e4d29e49331e9564df0
84cc7bae45aec5f197d0d656af6f8eca7043d4b2a24a0a242de99ec2fdf0e85e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8577c46566106b16463adbf14b0861e8d247ba1ce9d9575330d62221e79e9daa
8612bf71ab29f11d4987f2a55fdd9b167f6b4e081ad6078fd9581bc6c9433811
8b7839f6096292f8d7f387188ba10cb0fb977538bae9a951986f75c55ffb83df
8c34a40bef599306f990d8c4f8b53b6bc9975ff4f65a5d1610d421a41ae8ee19
8d3e815aec018dd3728343fe2db3f97d2ed7e9993e1dd6fb6e5b8ba8d3feee73
91e82c2d1e6fb02606414d658a8485709ab91f7b5ffc2e97452b29dba491ee9b
9221672759e12efdafdaada82c42d373989f8fc251134194be6325b70c1cf7bd
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9934cf27a9d1d9fb3b63a78f21829c47deb3b9709e7faafba3658710d7c7af66
994b9cc4b54c28b800dddbdc3d84ae143b63ebddac2fc97f402f4a6703d3404c
99a0905d8db0f41589c44e5655a6c3ab529e31bd90dee9d73513224aad8a99de
9a029b81ee46c25e95bc439b2ee8bf11d9aa62f2501c1eaa7ffe0120d1222c24
9b460ab313b1fcdf9f989b2436666cdea3a09d7a3123e0039f421e5fbce713b1
9e593cf1f6de80dd11150e67654158c586bffaeb7207dbddc75ca47aa3d6516d
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
a2af799b642bf2874c60a83411aae8de4768d46d9c150499040a7e93ac8007f2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a723fe199ffe57280df072a9c044f004bc0f321df42f8c7663bbee8743935297
a75f3f08436bb159718ff1b0b97811e7f9f5016fa9d8f7ff6e7dd9bfddb6d3b4
a96f5854f3420804a8d40ffa0d2a5b1b89930919b75a72abbe2639cad4c09a61
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa34690d0793c283f07db02b30a901012cc78036349bc2273ced50940dbf795d
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acfefabc3311713d820354accd9d0909e22b5b6274581a9088d73e5c4cdb641a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0cf39e1b0bf3f22b4fe7c26e52115d1350a4061a11a701956d73ba78019978c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6cf17d31a5567f14b2e686122655d6e86b1eb8b2ba2f588c641815241038dc0
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
ba5aa9b5cb2fd3a95aed40039389eecc45879320520088ad8c69b8a592bb28da
baac222d73dfbcc8981bd41d22bf8177c070849e243299617d1c8c6effecdc48
baf70c6f2691067cf9ba7540c089e2b1d2facc20557ee4038db6bd7406fc326f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8ef0ce883ff241cd7fe8f88de11b8f53a8472e104757c6a4b5524f3e51a56d
bbf83a186dd1552b01606e787c4fda48171617d948e077b662976ae883ec5f88
bf822a6a03e9731bee8c82ec3da1c37ae4145744d1ce27143e2991657d79f54e
c44db9882b2e0ba3258175d12b1184aa22ffd3819b47e00b23ef8772b5063941
c537a42c52081d98139e7e32ab51860cbe8aad43883dae6a3cd388cfb1c715e3
c581cfab3bce30352233131a4cbc18385b63982e86a0d9c97172ea12b188b282
c61b54fb4bbf7083918be7066e50126d1a95e56ccc9be9fafd69deb50ac7424b
c6306370e29da940758f1bed7bcac9ac0d4406f44a684241a35166601e55e994
c9e3ff736aefca1fe03aa1646e0bd5d4fff4512f5d372584e81fca45d41c53b0
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
ca2187b2d14b827d7c877df5802ec38d7263eafacd5b80450fec8754972dbbcd
ca3013a50365c22fe15e0bce332967f9ebe8d86d5062032531f1621a1f558ce3
ca9b9f086dbc02b393266651bf83c5a30f6b1fca2815d5a9b53bd5068c4dc73d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3bf5c7f14111380b95d877ae25c01388693756986fdf6f8231deae0c209d7bc
d4d22fabb135c703a66acec3b976c27dfe2e161bc28de40eb9a873f2baaf52ad
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fe12b11c228136b9b586fb3bc9557186f725c917dde8250f19bee4373f678e
dc11c6f0566fd256a81420202b9b661693d8a33788f34dd010c1839f8efa95a8
dc39273b277a40fd0d0b072a8a012470bd10892a9b65d1c3f0692d89936b51b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e054225478a20d2f3bb519a1f4e104231e72e2a900c7fbfc5075a2eb0ee6f99f
e131b4937b9fbc7e1f100c8fd175f0d95b89a742bd9396f0d09c548c4a170ba0
e33dd82458cb73e1abd1b1acbd4b1c1faf6318bdbdc5cf294377712a6e8a971e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151a53dd83b785ad540fc6f27a610f5ea6b966cab13e2eb0c4c1280da9d6c1
e6ff146bf36075f5a6748d00b9fbde590fd58e21fa6a07dbb73df3cb4faadf69
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9174c22bc7a6a470ce7aa1effe97c14c59e4629de8b2d0c6dd006e66c8bf5b7
ec632fa4000ae8cfb18bb418607700499c412bafb035c73471797ceb709cbda0
ec9ff1264e1843b27efa9e6466f13e73009e0bd9bdc38fabd7041b16c71ed10b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d
f5c78df152dbd106a57a8582589d90c1f624ad6d7b742d64c74bdbc7b31cd7dd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fdb89393b46dd852a40e83389bee2d060d13069896150676094fed047f095844
fddebc5c3eb91d51ec2debd1fc83036f016a13b68ce584bbbc171bc9faf16ab9
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.ukr.net Open in urlscan Pro 104.18.8.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

96 %HTTPS

53 %IPv6

34 Domains

64 Subdomains

55 IPs

11 Countries

4267 kBTransfer

8833 kBSize

39 Cookies

291 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ukr.net Open in urlscan Pro
104.18.8.128 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

96 %
HTTPS

53 %
IPv6

34
Domains

64
Subdomains

55
IPs

11
Countries

4267 kB
Transfer

8833 kB
Size

39
Cookies

226 HTTP transactions
9 data transactions