risu.ua Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://risu.org.ua/
Effective URL:
https://risu.ua/
Submission: On April 15 via manual (April 15th 2022, 7:23:12 pm UTC) from US — Scanned from DE

Summary HTTP 194 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 35 domains to perform 194 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 2nd 2022. Valid for: a year.

This is the only time risu.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.44.175.95 194.44.175.95	3255 (UARNET-AS...) (UARNET-AS UARNet)
41	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
16	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
7	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
35	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	52.174.47.89 52.174.47.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5 14	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	69.192.160.245 69.192.160.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
4	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
12	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1 4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	18.184.26.149 18.184.26.149	16509 (AMAZON-02) (AMAZON-02)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
4	2606:4700::68... 2606:4700::6813:b979	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 1	18.202.199.206 18.202.199.206	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:cc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
194	35

1 194.44.175.95 (Kyiv, Ukraine) 1 redirects

ASN3255 (UARNET-AS UARNet, UA)

risu.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

risu.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.174.47.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.192.160.245 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.164 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal900013.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.26.149 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-26-149.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Leipzig, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)

www.parship.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.199.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-199-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	714 KB
41	risu.ua risu.ua	6 MB
32	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	235 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	108 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 31596 hal900013.redintelligence.net — Cisco Umbrella Rank: 250737	36 KB
8	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
7	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 26961	59 KB
4	parship.de www.parship.de — Cisco Umbrella Rank: 518197	15 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 411 rtb.openx.net — Cisco Umbrella Rank: 1537	781 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	145 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 46083 medialead.de — Cisco Umbrella Rank: 45444	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 601	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1696	1 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15136	1 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 45512	757 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	917 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1031	344 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 50590 api.gravitec.media — Cisco Umbrella Rank: 39867	2 KB
1	instana.io eum.instana.io — Cisco Umbrella Rank: 6555	10 KB
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3287	376 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	921 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 67611	312 B
1	greatviews.de 1 redirects trf.greatviews.de — Cisco Umbrella Rank: 397533	1 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44330	630 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1127	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	642 B
1	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 116504	586 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
1	risu.org.ua 1 redirects risu.org.ua	208 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
194	35

	Domain	Requested by
41	risu.ua	risu.ua
31	pagead2.googlesyndication.com	risu.ua pagead2.googlesyndication.com e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
19	tpc.googlesyndication.com	e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
14	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
12	s0.2mdn.net	risu.ua s0.2mdn.net googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net risu.ua
8	securepubads.g.doubleclick.net	risu.ua securepubads.g.doubleclick.net e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com www.googletagservices.com
7	cdn.gravitec.net	risu.ua cdn.gravitec.net
5	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.parship.de	hal900013.redintelligence.net www.parship.de
4	hal900013.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900013.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900013.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	e.dlx.addthis.com	2 redirects
2	www.awin1.com	1 redirects googleads.g.doubleclick.net
2	pv.medialead.de	2 redirects
2	d.adtriba.com	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	risu.ua
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	eum.instana.io	www.parship.de
1	pixel.everesttech.net	1 redirects
1	fonts.googleapis.com	hal900013.redintelligence.net
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	trf.greatviews.de	1 redirects
1	pb.media01.eu	hal900013.redintelligence.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.gravitec.media	cdn.gravitec.media
1	cdn.gravitec.media	cdn.gravitec.net
1	c.bigmir.net	risu.ua
1	www.googletagmanager.com	risu.ua
1	risu.org.ua	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
194	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
www.bigmir.net
luxnet.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-02` - `2023-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
c.bigmir.net R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
cdn.gravitec.media R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
api.gravitec.media R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
www.parship.de Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-12-10`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://risu.ua/
Frame ID: D6434DE9253B8890F6D060CD2C2C3BD0
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 592760059698D23B35E00AE56D67ED05
Requests: 1 HTTP requests in this frame

Frame: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 250A9F5664D6DB4B92ACD6AC6976313C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=pub-9928410365207988&output=html&adk=1812271804&adf=3025194257&lmt=1650050587&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frisu.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050586906&bpp=2&bdt=434&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2380882616986&frm=20&pv=2&ga_vid=1570595480.1650050587&ga_sid=1650050587&ga_hid=1910040271&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31065545%2C31067130%2C31066185&oid=2&pvsid=1441686392116815&pem=737&tmod=1803147924&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: 456BB997AE561F9A73BE07B86A8D8FBD
Requests: 1 HTTP requests in this frame

Frame: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F245F4AACDC4B34FC83133D4F18EA0A3
Requests: 14 HTTP requests in this frame

Frame: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3C8ABB8732481BA30AF23365A10DBF15
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Frame ID: 7D100FC1E780743187B0B7E1D7854E37
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147
Frame ID: 0B2C981F83E15027566C3CCAE56E3BA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXPu_YWOeTFTWzB7sBiH3aXGiXjIhMx_IsRi6XD3OIyS7dcp5gcSRnNajqNx2EemdsxSmOgFyzCUYpPJFrBAC7SlhuOyRIR3ltx5Sz9jcwiHX0vA5yo-XSu9ZI7o4MoHuURuUIB_Jun3kCFhe2ppH-1BHAd0Usnb-EhkqKahw1UdpZe16o
Frame ID: 91F1381849E357C7BD2612E42ED9D0B3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVOBs2HElO5GOjfl4MelgjhgkAUFR1slv6--TjzSPeQ9xQRI5innyhHVnNa9ldEi0PqsPC0g1b-tiQjK16viOpomWnSByrmvVTD2Uuw9gek3M8RRzTeQFBk5iXlZUP1fjdcoO8HKMgYqvRbyjL1C16z4FUIp7FIjgS-BNZkc8V2opuFR50
Frame ID: 7167904FF0B34ECF809A0D450ABA88F6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKPPT4Ax7mo7SX8t1CMp7JokCRZzlzN-efmyaBFmW7cSuC5T80MtAXkAn9a96PL_5xFM099K5EM-KF6vh-Jj2H_jRx84Yam9htB7sTpQQPS7ixUQl-17g7EXKYXX26FpvnSwsDdXo1QU0jtvUznNZfeiezyw&dbm_d=AKAmf-A0sBndRoiUyDcLrLZYkchqm2KFvKccsMOVPbwg4Anwcdtd1x88YU17IeKlbPTxFa_ophlxWDWAnOwIQ2OISWkUorbEEagFaXwIULwBhPFPDt8kqUEdw3BENl2TFo0wuPDHBfy-QPA4dxBFyU5K06GEN6kO0eK156yiwjgVpsvxAiGvz-9YH3_tbbTmmkUV0YnSAGlW4i3c6cOmbnh2rWQfSm2kNmdl8i_-yyIgvOzL97xM7hgnqUrwEpdCBtbnqBK0VEzMHYzT8hr0cNd9vjVnQbxvxRbIbRTdVq3atdbORuJ8ZecN-klY2u8sEnVRbb_IRonQmillFg4qjSIClugW5Ud-EQ80MOUsU0FiXDoWJJC768qw7w389WuAlNaAUklGijJzjw3VV8jP592MW91JZ4RpSksKRq_gJ6R80532x733QMFHzJPv8QD0CEFQbOV51Q2iMzpIX-TepXV6u5yI0iYWk3LouUGnVn3TuxF8pJ1g5Sz3D_p2H9IapfP-GjB1Cc7Qa2iMQnmeyDxtVLI_R2qih19vJ6YxKPafh7lK-5qvPecaoUaejuKxp6gsnBDWSAa6wTC5GqjIYmzB6w2ebfEBJYj8FboXrt8ciT7AFhzcgwF4DHisO9GvJ14cibRJ1La6oa6GT_hoDIP9-V9LwwxIv2EuiUf3uP9e0yZWcmWoJeCm2W-BCx-tNkpgup_wakFfNaxltp8rwD0Bb973JH1klQ1Rv5wWya_EGzIzP74QS3Qb7QXFOfbHSwmFnzLkBY3oS55sMM71n0l2KEgW-q30Z07sD3VSyV0_xXVCNko0xlkqX5De63HNKaMbs-cvN7J8uhK7_y9fPfHdIb8gcfn-XMZ6yb23TEYcmjpbJzoOxzHN99SuWbjlEzbn9Wnm1p9sGrWP9TJdRiRI_DGzWPuife8iPXAbrozU9AlYc2ZrjHXDi_knvrrzQnzq0y_CAW8d-YSNKfeRwFMucBQg2S1bCU_0Y4_QAiJ3D1gZvoXunzAppj35Vg3Du9oXkiKN9eZ3gScQMy5hiz7nDJC27nfkyDaJqNH8i8AJtln2gRBJopTE4fkDzoZEaVnkYTVfQNSGvM8Yh74COjhn8U5RPvayOHITueUHHECjvE6thL9SToTUFSbvW9kROOyUqo7dNRU4E831ePOvF2kj2NqTqQ4OKNLbvFDccHW5yyI43aIY2p_3KpUdigJln70t6h4Krzo_RBBZaex_heFJsRrcqO9yR0RgdIGo8imHAnw8pVOoA_11vU6hZg-2LVuwdsdFSd2Nk34woxwNpx2b5eNL23p66isyNW7Vu-LDHzgg3vp2kdyAl9cnq5Q4xZI3f_4hY-DlEZxKxkoGPotqewZKoluopu0qauub0oiyVcNz-hWg_n1MgDw0BH2NO8iPTHyTS88CjohzALuTP2KS8WOsYQ6QEPXWBo1AgobU7Cv5ygs0mTMEwH7HT_c_w5yLan1tyS3CU5CE7E2SFjm2gNXLLji5sqjzYEZIdUXCzb7rKZCHyn2mJoKMEOzGRpuO1v31FBW1ZL8B1dnua6v8Q7HtZI7h5yoMybZlhTo9r_4z_aVrO6ST-CqjsnrEZckQEk1CN-zJQXVZ8PCliobAAozPsbF5fQcD32faOXMBOMfdowtFPJS1WLaPAa0Qcli76GOk4JqaT8CjdxArMLrxNxR3VtRWwK8w0qfpyJ8HAJaGxTg3IjNclqJZhhrqwb5QsIRrIYEi3JYXs1N2z5vnEE1Y-Fw7_z4gz5qNGQr8MNVEEkeuSAFlC8n8aqLZORv_1QXf7ehM20JNbDrIhzMRIlPtU3FJXzGBn6kB958ASptpYTk4d_9SxdSvC0KwxKM7Y5BbjsLlJUcvA3Gcorl3eEyIZ44e4ZkY2qQIoahxs9DaFzpXTfPtWdTqaqSoxAFMgjirqRP243hMjwZ-pS3QDDvkuy9xeWOQW54GsnDHuPAxeg_lMBsc6x6G2I6S31xTddmz-4LfSuNxyio9E4N-u8109mWpi2qxMjSuT3Bajvun9sE7I_5s56koAKQZYJt-BRMPhyZNfeqTLDcJm66WPWocWk57-1OeuXuaGIzsQ_i8EE_0FZykfoiUdmmy3JoJ8yLqCt8TE1wrCFv5p3V015XqmGFaaygsCymZ7XHZT02uhXnkwtxnPPP1FE2DGByjdUwInp78272P8A7zNyGuvnVuA0-3TXg4FNZnjuUmpHVXIsempYXaFoc_UWre6hqAdNwYtVJM24RKtx2S3aHk0Uc139wgx5TliWgSh7CRLj_HXpAwOMWUQfkAtf8OT3vx4OlMGp7e6_JtDALLh3aRlxdj_zVn04abfZd23T8VSS1ASx00QqQPJ27-TeA4MWQWNPuItbGfeDQif1c9NaAWhrWtukkvelh6r56lpdxENeLI0CYbjHPg1pdniR6JkOeF1TprLg3-NQSsvF1b_9LCvWZ2-4XDF05ZdZFyiqqWLqK8dnPPXgGwW8WbcidRta0FyvctOXrYydPCQy-BUWAq1iewztUBoZ_6dutMi04ZkxmDff3n8_aaa3I4YWZGt7uTholqj62H4_c7sGJEMa6HRTRUq4XUjRsZK4YxKnVUtS-qde0fUxFdVlG4t6S6w9KsxP1yEKNb9F3LyXZh9RVFv4CHk5kXaGYOO8yTsN1sRaBXiB1g8fttcFXExMKooEksnyn9C5JIi_HgfTWAFpVgaKk78yBJeRZW_do-NKwQGeOXE5bpWm4Sfv35j8cELCGDj5QMql0yJcFVMJN4udoRpVsX6uXGvZnpAM8DiJvXtVeRfAtYcrD2O_StggJANyiPPRCYin55e5Ffe14m_mPJIP00wKx5XeoaJmSvEQFzi7dLivoEMkugXESla-CLBq2gl7yueud3mNya0lwO6P8kaIbhCAKpU0-Yfzz67Lsjzj7lWLBFSl_pPHEueQNbYSK1TnyDfg1pDVorVDTKsMhkPdf9Y3PIHPrWWZckBUZR-TPdH4_tInXUBQCIl1p3oUg8OuavYwB-Xv-j_d1-3XqKdMszZwZRpj6QDK0cWOmtsu9BNc_5XrMkbQ3_VGgSs8kys3U48_bTDoklbOT_BJdePRO_4fUpxfcyYg3biMNQLoCFqvDbxhwqdMjwCIDPmntHSNhEanspxi3BI7uenZ2vxzNDD40b5WJeAOU-3pWRsHj5HALP-mA&cid=CAASEuRomJ1pkQsFZJJwOUzZyloAGQ&rfl=3%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%252F%240
Frame ID: 4AF2FF596EFB26AF20AD9B4835F8CE20
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9A39AAD15C7441A906822D83910AFC5A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3C32BCC3817BE7049DABA83F231F096D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8B58F79879AE282230BEE59E9136F46F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
Frame ID: EA9EEE9B911B74404EF2225653000563
Requests: 11 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56500500188839704444550011930013&actionid=981741&produktid=&dt_url=
Frame ID: DBC1C53A8A14348FDE9A1A7CEEE38E73
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID
Frame ID: 1D63E20AB9B454D8AE295829331F02F2
Requests: 5 HTTP requests in this frame

Frame: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0
Frame ID: 36694DE8493F87F417F749F2F397E4FA
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 657F35745D811B89EDCD792B41464751
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 876B553D8F4FBA513D4CDAC31B8C262B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D51A7D637A2CDA82F1B1C63EF1A76484
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 95627889401EC55AE4578C04F0F548DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B42559E3E8FA2C1CCC9058189C742D2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF04BDCDF0CECE8AFB87D0B37B185097
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 126545AAE025C897E77701FAC65BCCF1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Релігійно-інформаційна служба України - Інтернет-портал про релігію

Page URL History Show full URLs

http://risu.org.ua/ HTTP 301
https://risu.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

194
Requests

90 %
HTTPS

33 %
IPv6

35
Domains

45
Subdomains

35
IPs

6
Countries

7887 kB
Transfer

10972 kB
Size

47
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/risu.ukr/

Search URL Search Domain Scan URL

URL: https://t.me/risu_ukr

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

URL: https://luxnet.io/
Title: Made by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://risu.org.ua/ HTTP 301
https://risu.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlnGHA7RcYJmVA1hjKf-4AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEL6DI4JVuqpWRW2rTrEGZcs&google_cver=1

Request Chain 101

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3NDE3MjU4MzI0MzAyMTM3OQ%3D%3D

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1glhHIvVg-e4IkFIRdfFM&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEGluy2DT9Exl0xyfjp3bXxg&google_cver=1

Request Chain 111

https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbQn2G8ZZYoHxKsyu1fAP-NOmwA6m5b2gaYWVnKfJD_AuEAEg0uOSfWCV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTmAU_Qt9rj3A8tolv-amOv0ckX-AewxBOiQGDa_Z7UdB0mvj61W4F-bzPFF3ulJLQKovfitnOcjJV4q_6KvZ7BhjIsmI3geoEJ5XgUF4DdEG7mVGsxo6AZwraxHQrZhVOhiqhjznAkovOqB1hVKKff36880VLjjoPBG25FrhWypK1PzJyAG-yGpM90gheBnPhxgumuB1khy2V4Hkxqgax0utivOXkoUrm5WQNjdufuRzqAe4hEF9VbwDMuSfHyhecJW47PLLPFncmQEbHqijOjBlFFIorq5cVgu0KOop-lfu_OeJt52xGQwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoWO2S6mYNwriKo5bLrxLv3A%26sig%3DAOD64_2Nyh0zUn8QUStIc1WCNCRk-AvMvQ%26client%3Dca-pub-9928410365207988%26dbm_c%3DAKAmf-DVdvEOfcRs5c53PIVd5Q4xrAGtZRESWT4YbM_ji__IGRajzoHbQlymuSXtQrkXyGrwPddWinyHWmGm-PNTqYwvprWGRCbgSQYy_HzEAsXmC2KAKGP88OYwf1AOF4a78A-XVkCBBBDnLFVXihUNBhZkH8aaIw%26cry%3D1%26dbm_d%3DAKAmf-DhDxcwGAegsLgNh30L73LqrR3xovSlFaBF0Byzf_ftPdf7IhtIHwnA7tzNjsslpQSUBA8MIm0a7hMv631INC9b5uknLlbcQWF3q8fw9OUGDsqj3YpjBtC7SYScOJMG8QGTxWcjswGXUQqHMf7uBLZLXf3I6aRapV1s_qBi9GX-AGH3D_ji3quMNEPG8cHa4t9lQRMqInNd_Hrg8eEby9nXeDn8eWMKpkKlCUuER-Ay0cpNg8Zqy5xk9svUvtybPYqlLuN0xZAVEYVEsXWgRUor5IwzTgYz1KULMe0svr_uVDEcHFKIeM3z5MWJ7Z2jOzKBjgRU7vrVGmmFbm59j7fIxok_V9FYXWBnFLAjZesNVh-gg-IMrNbsg8axHGcgcbDEMQ7kP4vYZ524VYJdbSD9YBLnTu2kOHGfIZE9LuZvD_M43fcTXTLCbUiKGIyg27u03oGN%26adurl%3D&documentReferer=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frisu.ua&random=1860033319262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbQn2G8ZZYoHxKsyu1fAP-NOmwA6m5b2gaYWVnKfJD_AuEAEg0uOSfWCV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTmAU_Qt9rj3A8tolv-amOv0ckX-AewxBOiQGDa_Z7UdB0mvj61W4F-bzPFF3ulJLQKovfitnOcjJV4q_6KvZ7BhjIsmI3geoEJ5XgUF4DdEG7mVGsxo6AZwraxHQrZhVOhiqhjznAkovOqB1hVKKff36880VLjjoPBG25FrhWypK1PzJyAG-yGpM90gheBnPhxgumuB1khy2V4Hkxqgax0utivOXkoUrm5WQNjdufuRzqAe4hEF9VbwDMuSfHyhecJW47PLLPFncmQEbHqijOjBlFFIorq5cVgu0KOop-lfu_OeJt52xGQwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoWO2S6mYNwriKo5bLrxLv3A%26sig%3DAOD64_2Nyh0zUn8QUStIc1WCNCRk-AvMvQ%26client%3Dca-pub-9928410365207988%26dbm_c%3DAKAmf-DVdvEOfcRs5c53PIVd5Q4xrAGtZRESWT4YbM_ji__IGRajzoHbQlymuSXtQrkXyGrwPddWinyHWmGm-PNTqYwvprWGRCbgSQYy_HzEAsXmC2KAKGP88OYwf1AOF4a78A-XVkCBBBDnLFVXihUNBhZkH8aaIw%26cry%3D1%26dbm_d%3DAKAmf-DhDxcwGAegsLgNh30L73LqrR3xovSlFaBF0Byzf_ftPdf7IhtIHwnA7tzNjsslpQSUBA8MIm0a7hMv631INC9b5uknLlbcQWF3q8fw9OUGDsqj3YpjBtC7SYScOJMG8QGTxWcjswGXUQqHMf7uBLZLXf3I6aRapV1s_qBi9GX-AGH3D_ji3quMNEPG8cHa4t9lQRMqInNd_Hrg8eEby9nXeDn8eWMKpkKlCUuER-Ay0cpNg8Zqy5xk9svUvtybPYqlLuN0xZAVEYVEsXWgRUor5IwzTgYz1KULMe0svr_uVDEcHFKIeM3z5MWJ7Z2jOzKBjgRU7vrVGmmFbm59j7fIxok_V9FYXWBnFLAjZesNVh-gg-IMrNbsg8axHGcgcbDEMQ7kP4vYZ524VYJdbSD9YBLnTu2kOHGfIZE9LuZvD_M43fcTXTLCbUiKGIyg27u03oGN%26adurl%3D&documentReferer=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frisu.ua&random=1860033319262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 119

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPITNWBR7UDzfFRS84PHUFWaHVJc9mmOdkRQnVwe9RB2NeqzOrjY-V6NMbc34lt84b25oppYa_Sdwo7MLIdQDsvqTuMEVoDY&google_gid=CAESEFBMDaUTUBXDJAjA5TWj0ZI&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJyM55IGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJVE5XQlI3VUR6ZkZSUzg0UEhVRldhSFZKYzltbU9ka1JRblZ3ZTlSQjJOZXF6T3JqWS1WNk5NYmMzNGx0ODRiMjVvcHBZYV9TZHdvN01MSWRRRHN2cVR1TUVWb0RZ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ29Sc2RTVnJrM2hRZEJkeGJaYmc3YmdyVjNIRHo3T19mbHpBLWFaRl9aNA==&google_push

Request Chain 121

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP8NyKdG6MtrhvwoUVhIU2s&google_cver=1&google_push=AYg5qPKhtAhJS1eag5m6RzWUoiyOVsY-QcJTfIXXyI67LipAlTaVtn7BuWpvCwY69Wv9Asf6Rph5DJxsNsdJ1yfe0mgTd-uPLRBw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP8NyKdG6MtrhvwoUVhIU2s&google_cver=1&google_push=AYg5qPKhtAhJS1eag5m6RzWUoiyOVsY-QcJTfIXXyI67LipAlTaVtn7BuWpvCwY69Wv9Asf6Rph5DJxsNsdJ1yfe0mgTd-uPLRBw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsVqOaOSRDalk-xih4O8tA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKhtAhJS1eag5m6RzWUoiyOVsY-QcJTfIXXyI67LipAlTaVtn7BuWpvCwY69Wv9Asf6Rph5DJxsNsdJ1yfe0mgTd-uPLRBw

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFW4RH1gvNnGMEvDoZCtJd0&google_cver=1&google_push=AYg5qPKW2aybptBt3TQ-93Ih5Esy1orC-hQs3YsdOGjwAhLldnJeaOBfGeywwxGCmS0x3rioNk2QA4SMG-Es9EHmsSlxCU-Zy1YH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNSVMtQy1INzZM&google_push=AYg5qPKW2aybptBt3TQ-93Ih5Esy1orC-hQs3YsdOGjwAhLldnJeaOBfGeywwxGCmS0x3rioNk2QA4SMG-Es9EHmsSlxCU-Zy1YH

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_cver=1&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS

Request Chain 128

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 130

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=56500500188839704444550011930013&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56500500188839704444550011930013&actionid=981741&produktid=&dt_url=

Request Chain 131

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=56500500188839704444550011930013&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID

Request Chain 133

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56500500188839704444550011930013 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56500500188839704444550011930013 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 144

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIFHGITUbSb3jZU4l0i08Q1cwwuClDQdi9yUNO4l5kcZq0n7uss52gF-ouUCak8Uefa27Ij_IbgnFYLyj94rC1YdmK0IA6s&google_gid=CAESEFyo6TpRUUb2A-DvcxPR9a4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxuR0hBQUFCVW8xRTFzbg&google_push=AYg5qPIFHGITUbSb3jZU4l0i08Q1cwwuClDQdi9yUNO4l5kcZq0n7uss52gF-ouUCak8Uefa27Ij_IbgnFYLyj94rC1YdmK0IA6s

Request Chain 146

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLDyKH8JlBeHX_HSkJ43c5fY_ca4tj7fc65-58a60W-DsaCTy48IAy_qpZS2shGAMD6sueA26iHd1UOUvAQ7luInEzwweI&google_gid=CAESENsqv3LM_IQv54dHmnF3GHg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLDyKH8JlBeHX_HSkJ43c5fY_ca4tj7fc65-58a60W-DsaCTy48IAy_qpZS2shGAMD6sueA26iHd1UOUvAQ7luInEzwweI&google_gid=CAESENsqv3LM_IQv54dHmnF3GHg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTUxOTIzMDkwMDAxNTE1MTQ0NTI1Nw%3D%3D&google_push=AYg5qPLDyKH8JlBeHX_HSkJ43c5fY_ca4tj7fc65-58a60W-DsaCTy48IAy_qpZS2shGAMD6sueA26iHd1UOUvAQ7luInEzwweI

Request Chain 148

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFW4RH1gvNnGMEvDoZCtJd0&google_cver=1&google_push=AYg5qPJtoE94omkh9dI4YmNqybMx4FAt0F9r9BsZA1fQxiuefv1KkO9cYtg9Jcz1UqZuBhLq7551ku95mHsWp3zSJ-c2DM8yavs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNT0EtMTktSFdDUA==&google_push=AYg5qPJtoE94omkh9dI4YmNqybMx4FAt0F9r9BsZA1fQxiuefv1KkO9cYtg9Jcz1UqZuBhLq7551ku95mHsWp3zSJ-c2DM8yavs

194 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
risu.ua/
Redirect Chain

http://risu.org.ua/
https://risu.ua/

97 KB
15 KB

912ms
879ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8ad3e830d8544bdc63581734e53e87e549504fea5391db4374042ba76e34c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 6fc70dbfac6c9a0c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Apr 2022 19:23:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 15 Apr 2022 19:23:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56odg7kMz%2BS%2F8tGJb3RWYOPR7ikz6wWcFj8HPj4q15cgGiefV38eVRI%2FbLxgaoieslzV%2FtnrwOPTFnWuo6dM6dqgJDtdkK69%2BhNsDe11%2BpXrEh1FLf0F5wXwHqlwwfQcXu7t4zio"}],"group":"cf-nel","max_age":604800}
rt-proxy-cache: EXPIRED
server: cloudflare
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 15 Apr 2022 19:23:05 GMT
Keep-Alive: timeout=30
Location: https://risu.ua/
Server: nginx

GET
H2 200 styles.min.css
risu.ua/assets/frontend/css/ 454 KB
32 KB 21ms
21ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f3048328ea976c336c13ce30d86374bfc6036a0dc0e6efba2eebefc1040bc1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4877974
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:45 GMT
server: cloudflare
etag: W/"608bf299-71989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEPT4IZC5pvPw7igjlXgR1FDOxph30ZIL8IEfQN4zXThFFWPBMJQTc7ec8AKBzr2sLgL1Ms0zMhm6D3Vh5xCp0CTKXFRMtxqJ6NWxs%2FRjAFmV9vavBGN1B6lmXrPWeaEZ85%2BxU9E"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6fc70dc598fe9a0c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 351ms
130ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11950234-1

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

960354bded7022048cfab4ea407d8a46792bfd7c11eafb5dec82f08099a3c74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38561
x-xss-protection: 0
last-modified: Fri, 15 Apr 2022 18:58:08 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Apr 2022 19:23:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 276ms
96ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ce501a62d0b7206c725595f525fc46c7b2f56b27266803c7dea473d2a5b0eaf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28583
x-xss-protection: 0
server: sffe
etag: "1188 / 657 of 1000 / last-modified: 1650021009"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Apr 2022 19:23:06 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/ 64 KB
18 KB 186ms
8ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bc17bc7bd77c3964e9d71c2df3f1e6a70437059ba2ee261f21d6fd54f964c57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:05:53 GMT
server: nginx
etag: W/"61fa4971-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:41 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 254ms
74ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3238462d9b997dc1adade939293897092b3a259de0b1d3c4ea617d8b297cc4c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54281
x-xss-protection: 0
server: cafe
etag: 10291353063935914954
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 19:23:06 GMT

GET
H3 200 logo_uk.svg
risu.ua/assets/frontend/img/ 79 KB
31 KB 40ms
36ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/logo_uk.svg?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e571a606de4d37373afdb6f9cebc7f0bd2c2f2cee7cf31261d7c32a5e35d121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6255638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-13d0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=489cOaHweuLtsy%2BUGKLy%2ByM%2FDbsmsdIAqsdWs2%2FqtmP1Q6Xt5ar0c6%2FpvztBCh%2F6p25DwTizAUdPFQDe8tEq6PIVwfcHCTYuser0CyAvlhgxsWUhiFkgVY7gS58ncZ4gXA5njLEc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc5e96f5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menu-arrow.svg
risu.ua/assets/frontend/img/ 239 B
757 B 111ms
107ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/menu-arrow.svg?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ac7f1471139dba4812e669add5bb3afed07adc983d26670e807d60abc64594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6255638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFu2CgFGSaddTjZ2JDSlRlhrdvLrSiaYUl%2BGLM1WgeRNZ%2FFMWwCHSZKO7YQmoW9Xl%2FUm9cpL9RnhX5F1QcMdyEc0yByTV2pvgT97LHnTj4Mxbdw5BDRUIffax9nfXg82t2e2%2FIiS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc5e9715c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6257c95c83323165287062.png
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 1 MB
1 MB 111ms
108ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/6257c95c83323165287062.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914ea28f6ee2d1345fa130a7477a87374136664a28e88a2f2a3705bbbcb9b228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117123
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1241496
timing-allow-origin: *
last-modified: Thu, 14 Apr 2022 10:51:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0Ff9kQehufDclWI%2FJKUyCdCuav831136t5mSMnN0H8FLkwai9%2Bhz26wHAjvyN7e0%2F5k%2FdFu9A42ylMlF6EbpB5PJk6QOA3ewX7trWCIiou1wA11SdfyP5UykkdjXQvbr72Spmr5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9755c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62567010e12e8588423150.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 1 MB
1 MB 92ms
88ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/62567010e12e8588423150.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83bb1c1433004062c48e4014f8e4f9eb11790090df84c21df06ba2a7d5634360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218126
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1259018
timing-allow-origin: *
last-modified: Wed, 13 Apr 2022 06:47:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VNzj6HWiqbx1U52rDYh1CMNBnUBzP%2BWYmyR5xYQvnmCdgyRm0M5patO8cLZMFrEpDq3%2B%2BcKd01ZVGk%2B26W9zTcZ2U5pe5uxYv14ZTOJ9cCEmizDC4Ci7kOCoZC6eHonvVoWr%2Bew"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9765c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6253c9d70ab91489561026.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 46 KB
47 KB 201ms
197ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/6253c9d70ab91489561026.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695551a844068546447a6df1581e2b220e4317b44e318e535c730dfddb8c3f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136923
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47375
timing-allow-origin: *
last-modified: Thu, 14 Apr 2022 05:21:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWRVY1013Te%2FAh%2B6zZdUASCmzqiM9wAA4PFwxaoECEK8EVg01MiUdqVaSk%2FDedfY5B7EF%2Fnb6lOpydIOrjSf1xYAiudVwLoya74LITrgvOl4LoSTgZkOJViHFMk2IffSyrnFF1qp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9775c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6252b1cdd363f725497702.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 49 KB
50 KB 201ms
198ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/6252b1cdd363f725497702.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05dd10259e050908c5800c80aea9e234205f84ad5a287c95ac2538c5b447c950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136923
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50367
timing-allow-origin: *
last-modified: Thu, 14 Apr 2022 05:21:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F13pBiwvuF0hwbmDAG%2F91IuX5txeiuCtG4OSRlXxdRUq00Bn3Hvnxwdj%2FNnLqWpbdr4S4UeXaaeyg7LJAHg3c5tPPfX6soA6geVuifjUXSYW5HqCRTVT9kIwqSvFgjNjhsqwNaoc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9795c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62518a98b56c1019454902.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 86 KB
86 KB 202ms
199ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/62518a98b56c1019454902.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb18b5207e493a33aaa0270696766051851f6b170250d157e9e139fc70928265

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 458520
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87879
timing-allow-origin: *
last-modified: Sun, 10 Apr 2022 12:01:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoOPFmcQRh%2BPjeJS8UdcAUC3cQ6HwExBwQOmzxKlXAL8ho9rZg83%2BhKRuUFliFOUOR4pmvfViwYKOQNFQnCkLMY7iGQQ0rB73Ow2d9C4%2FCEjHOZr6m5pPq%2Bkfq7TnWszZ1yi02gP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e97b5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 624bf67e2e9c8285832965.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 127 KB
128 KB 210ms
206ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/624bf67e2e9c8285832965.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d02cf659048aef8e7da80b39e42f21c8aa169d586d951a2e2d4af555ccdacb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904904
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 129985
timing-allow-origin: *
last-modified: Tue, 05 Apr 2022 08:01:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xyp8m4fz9g0%2B3jtrpuCVs7Sgx3VN83tcLnzVbpqzv0cjo6keH4Rd9T54v%2BnZxFXo40t9y5p6OfixqhtCes8Wlpabgebe9MQ5qpA55YIOIPLY01pahee%2FIlggVFyATQDnRzO17iUJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e97c5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 625297742e304228033872.png
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 459 KB
459 KB 72ms
69ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/625297742e304228033872.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025c20fb10b4e6e9e50a29fa5b98dd467363247bdde0ac5783a4f7aaa089d86a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468832
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 469519
timing-allow-origin: *
last-modified: Sun, 10 Apr 2022 09:09:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNqbIxvYn%2BtxkrJjPv0zUpvW1nFvvwEj3cK9yw%2FekaD%2By1zfkgBArQWNZB%2FVNeuwPbVNU1WncQ6Xg%2FkkhlB9j6bFMt2KRv2sNpJeq5toR2WOZGDlYz1pmdBgFc4LSaAcq4oBT7PT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e97f5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62507b618a5a0761224424.png
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 1 MB
1 MB 219ms
216ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/62507b618a5a0761224424.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5ba4bf4fc24aa6dc552010b947918e296908c1947684333657a6188b67164d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 608520
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1073492
timing-allow-origin: *
last-modified: Fri, 08 Apr 2022 18:21:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33OdrZ3gxK1OckDCrHSDd8z9ukV3fL472S3xvwtH9Qs2yON2tD8VjwO1XzduU%2BEU3E6S8aKsNbuoSuih4y3xi%2F2nxeT44w%2BBs4KGNcriMJSuHtB1gwjy3UnavuhFMwkBWCnUHZQW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9865c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62489a989c6f0587412346.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 61 KB
61 KB 260ms
256ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/62489a989c6f0587412346.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 582968901979b2af9066448b8cc8bfeb6c0fb983041317324d1dd43c396a0848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1080703
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62309
timing-allow-origin: *
last-modified: Sun, 03 Apr 2022 07:11:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftvFmop4Rbe208NBIAk75LOdZGWnEkpPxIoDCflwNJVPKrLDZyqbEO2uiAAEcDwI%2BMVRVrE4SIlb6hRwR2dRdeSeQHCmsPBvfCw36yGB6ZUigSg9M9RTibDzKgDA%2F1RXPeM8EYyP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9875c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6245824fbe0d3287459828.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/03/ 52 KB
53 KB 58ms
54ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/03/6245824fbe0d3287459828.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acdce42d98fae766eaab50437adf696ac3db02d8961510879a597ec4dcf3fceb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1327302
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53328
timing-allow-origin: *
last-modified: Thu, 31 Mar 2022 10:41:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn6HXts%2Feop%2Bm4B5m7YU0q4am1K0tBCTBOL9KsU2CmTlEkd2CTZj9QODBfYS2vpZEUspinvZ4N4IC6sfRIXKM1VRjJpwcrF8Tpj7pnxZ%2Fki71MdRppP8oGn7PK0v05XV4GH9mtmE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9895c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 624d6a6f8a083901186936.png
risu.ua/uploads/110x110_DIR/tags_images/2022/04/ 20 KB
21 KB 278ms
274ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2022/04/624d6a6f8a083901186936.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ae2de0adfdf883af557744dad1f9c2bb15c0234d4fe2804627bf48787d1c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 443459
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20400
timing-allow-origin: *
last-modified: Sun, 10 Apr 2022 16:12:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvBGDgvUTTL8evCZWJ2IoBi4rbmd53vGeOdBU%2FuinzCayv%2BrtSFmtenrrfUNSYAFdh1ljpdFjYPL3tAd3DBtF35G9uvMV6JXslZd1UJ%2FoejmeNxXbkkTY9sBflrbYN18RBCw0tqE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e98a5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61c1c9d326ba6597689310.jpg
risu.ua/uploads/110x110_DIR/tags_images/2021/12/ 6 KB
7 KB 279ms
276ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2021/12/61c1c9d326ba6597689310.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad22f7b4b8296952e81ba21f79f6fade48de7de9386321cf8305a75ed6ab43c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184967
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6378
timing-allow-origin: *
last-modified: Wed, 13 Apr 2022 16:00:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV96PtMuy0H5McLnonEo9NBGh2vKSdVoRe0F3Bl%2FOEnn4J%2BXFi80FXJPnnuEuS3XEGuro87v2W3u84gMBi%2FBbsdMip%2BuFrV9cuuMj%2FPgmENgwxaXU60ug8nd7eInoV3JqfXsuyFM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e98f5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5ed677cc4fb0c256601566.jpg
risu.ua/uploads/110x110_DIR/tags_images/2020/06/ 4 KB
4 KB 280ms
276ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2020/06/5ed677cc4fb0c256601566.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21957c013694a56bc982e2139c09a521fd3ce659a9c5e539d992bf7d2215a019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 286548
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3884
timing-allow-origin: *
last-modified: Tue, 12 Apr 2022 11:47:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=609bf33ADSU%2BNKbgoaokvYadc%2B%2B8j7j05OP%2Bt0XRbIR7IeImnKSBsvnQbi9qywdkaEdWhK%2BjOuEny%2FcSLnsb2wxn7xwWfKQwYWqfQGn93TIvaYAtDIdLyNDBI6LIo2iAkDxrERa9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9915c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62591c4bb98f4293554329.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 75 KB
76 KB 280ms
276ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/62591c4bb98f4293554329.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cbffe2136b79d63e01902998025b4f492151ee3c7d084dc5ec2d3a96145a8f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43154
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77032
timing-allow-origin: *
last-modified: Fri, 15 Apr 2022 07:23:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzdccpzT9w0jAM7lkhuBED%2By%2Fhti44B%2FY%2FhH0Xr5ZX9NKOhL61BZyozkAVOcPFYZ64hKULlaCKybtl9c46k7v2tMoV46inbGBru5o6wlp1aodYsqQHomFagAdFSmufIskc1i010o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9945c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 625835d557028584078333.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 71 KB
71 KB 282ms
279ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/625835d557028584078333.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b16a8494caaebe8f8113d4319897715bc664b1708bde9ffbfd85e7bfede0cd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101044
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72519
timing-allow-origin: *
last-modified: Thu, 14 Apr 2022 15:19:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPl2oXDUqdadIicM2ztFd27yyR7g8JwUfF3dwYF%2FWP%2Buyq2Urv3B2yRZJnmpmWgfl6sRhe2TLXLnv70rjBYYXB7PTo1%2Be%2FXmCldwT8B71dNW%2B7aa9j%2FjMERMYdKKwPj93XAqT6Ei"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9965c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62580f24a3fcf789099144.png
risu.ua/uploads/740x555_DIR/media_news/2022/04/ 916 KB
917 KB 284ms
280ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/04/62580f24a3fcf789099144.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 734e02e4d64bce8c4125595d235b57467b4277c1f62172ec9b9ed14fde3311a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111899
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938204
timing-allow-origin: *
last-modified: Thu, 14 Apr 2022 12:18:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5VJlcL8qM0s1LyEX2ydHWqrszJGjGBWIC26KBIDeW2WBWhp4X9t1%2BYqY9PsodBfIt3qKmDPcj1AUn6Ar1wSScgtWmpfrvvXlyl6izHTUkvAheNvMQY7U%2F2h4d0ALBax71VAEq5t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9975c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61a741495c4c5997061457.png
risu.ua/uploads/580x328_DIR/tags_images/2021/12/ 53 KB
54 KB 310ms
306ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2021/12/61a741495c4c5997061457.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151a7259f7b7ba9f238f2597a72cce7d2671faf4b4660313ba5c0856eeca1bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4512370
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54467
timing-allow-origin: *
last-modified: Tue, 22 Feb 2022 13:56:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duzdG92o8HFpeFM3QhuycLeu8loIlVYjkkQ00hAinGoiPjOGPJFKMo38ssuFpcZVVjKBcksXdtYTGloygIAiA1K5bVUvCi9UCS46hpuH3wZtNZgEDHxPYMh%2Fe46DJfdGIqxokZda"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e99b5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61ce308dd9c9b697521209.JPG
risu.ua/uploads/580x328_DIR/tags_images/2021/12/ 21 KB
21 KB 312ms
308ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2021/12/61ce308dd9c9b697521209.JPG
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a9a3ec0c9652abf8ddc1ff43f16475fbeb02cd510e9cf9d0a3a729200dc8312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1945525
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21297
timing-allow-origin: *
last-modified: Thu, 24 Mar 2022 06:57:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71wpUO5no5QY9i%2BLb5QkRSHNcZ2mGnCeYM3FEdOm7wwxU%2FbDcg1Rdi2SpAXlhMd5MzbUz6UhIhC99EWY6n2Mwx0ugQvNQwTzUzABY3ScDycAecJ619BaYdhzXGkHbRwwk3CYj%2FQK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e99c5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5efd9478bca33401625645.jpg
risu.ua/uploads/580x328_DIR/tags_images/2020/07/ 28 KB
29 KB 312ms
308ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2020/07/5efd9478bca33401625645.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98ef43ec22752ae124b3e46f4a45fff226f4203a2e100aa89cbce250d953247

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3147843
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28634
timing-allow-origin: *
last-modified: Thu, 10 Mar 2022 08:59:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvzC1Ba5BHvzVm1qnir9jydWIqNl4dC23EmzkRsqleoATMf0LtK7WVa8xae5YSe%2FRqSlN2kdQhLNoYh%2BDEJrkfp2sWLD9JauFTGKcxKOCLuveq4OS9BDEwfKaMeR62jXUFTkxG4y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e99e5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 no-photo.png
risu.ua/assets/frontend/img/ 7 KB
7 KB 313ms
309ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/no-photo.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0eaa2887a0752b226940babcf52d8041babb181409b1bc233137e625bfd455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 202506
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7059
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-1b93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKPYQjeafwwBppMawupeZh7kh0C2B8CH%2Fz%2FUC4TFLepbUWwql7wAaEajvHm%2FP54qSGvNCmpSRDY97qA7wVYr7%2Fz6XROs7jnGI1nyl8CcoWn65NbdIf7gwXGO1S7Iyu4QQttmzbNo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e99f5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5f55fd7b87854447750778.png
risu.ua/uploads/380x215_DIR/tags_images/2020/09/ 21 KB
22 KB 313ms
309ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/380x215_DIR/tags_images/2020/09/5f55fd7b87854447750778.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06c3c78658ced02c04d2e3c64352e3826410cbabca43309338f6b56f9d935d19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1944196
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21536
timing-allow-origin: *
last-modified: Thu, 24 Mar 2022 07:19:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1cGF6vnhDrxicKCgflYx93tRpkO%2BIdSPR6QYov%2FeOSCa3sDXiHB4YvZRv3RsEr1NvsZ4lDFy8cG%2F9%2Ffxq4vsaMvsHoNGfTHHqEa%2B0fasJ53jZaa2velgrbpx18rY6zFPTGE%2Br7c"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9a25c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
risu.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 40ms
40ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 11:16:45 GMT
server: cloudflare
etag: W/"62555f9d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkIy1wgYPMAbwtM00R20YS0l9m3a3ekSc3Dliih7W3Viz1ZW1p7UIgSFI76rr1o9Dxv7AfRybz%2FmamLw4MLnHZOSGRucEuMB%2BGAI5yZL5j6cMUhC8BraikNknjGAbEXc%2F5ck%2BtGa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fc70dc5b8ff5c2c-FRA
vary: Accept-Encoding
expires: Sun, 17 Apr 2022 19:23:06 GMT

GET
H3 200 app.js Show response
risu.ua/assets/frontend/js/ 281 KB
80 KB 106ms
103ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/js/app.js?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce3158f1fc0138d17fa3fc4d8c43b45b652fd27820cf1680b9fdc7a2246b6e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6255638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:58 GMT
server: cloudflare
etag: W/"608bf2a6-4625b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNd3XD8Rs0cJ1w7Qt9l3VMQvWWNTc4nyFt1j3nIpxcuRCDxBnQJntjmcZXKxp77GDHDOFauj2iaf40uMvtw4YXjd6HhOTU74JPPwJPvJuxm4xWtpCd3ZuYOOWQh2g6%2BPIdyOXNSm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6fc70dc5e96b5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookies.js Show response
risu.ua/assets/frontend/cookiesAcceptModule/ 4 KB
2 KB 40ms
36ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/cookiesAcceptModule/cookies.js?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30c9c218c59a131fa94959c526e27e7335018c04425ac5c02b1ffeb7e55b9962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6255638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:57 GMT
server: cloudflare
etag: W/"608bf2a5-f52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhMSZsIGkSFUrGLywCfI72b1Esd7SVQYxAiSoC6t16XaIsvf8UkGXA9hFQ82U10lx5gq0drwlQ34SG3gOidebA28vER1rQaI3VVTBnnuEsPgSJz5OM9aza4tnOitCKT%2FTBVkHiwZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6fc70dc5e96d5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow-header.svg
risu.ua/assets/frontend/img/ 331 B
779 B 313ms
310ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/arrow-header.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd5dd4ce320f783a40597f79027f2187cbe41497a923f25305b98665bfe9b3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4624043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-14b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVHgOG2I%2Fifx7sEeMdgwMXtKOaxE958OeZQ%2BgaaNth54uSxkuHSaFhdhI3DT40ikqpmXJwAQnzoYjKuZWY1vc4nH4yUxobvsgDFzozB%2FsL3bwYc4AFKpJdys8tedDaLBZJrIZXm6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc5e9a35c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow-language.svg
risu.ua/assets/frontend/img/ 141 B
703 B 311ms
310ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/arrow-language.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f0783d5695f7b6bc2b6db15c813d63525bf53fd48021c818ed4ed220c7074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4925339
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvQCkTZfk9gBFi9LT3%2FfYOL0si27LZLl5NXDJ6V2CLoxPrbLYJF%2FuM%2B%2Bmr38U23Yz8MdI2QeKp%2FoFqtfDulajsBV6mLyu65aBqO%2BelLxXgxfS2FtIsItSs3fLRmzM%2FBYhCi4EN3B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc5e9a85c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 search-icon.svg
risu.ua/assets/frontend/img/ 274 B
766 B 311ms
310ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/search-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb511816e2641b5d54a718b6d2b6e2be81a51cd9a5df9ce627cf915d124a4e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2431636
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-112"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h57YxL%2FzK2olhb9fkrnLMVc7djID40h0zVdKiklHCzdoWX35uYYBEX5mX9%2F%2FJ6zSoeVEze9tXphHu7ItmUtiuQXMSqhKWgzgA9YXeYTBBWjdRoxQW848HNtXqTQ8T5uCRybglMTD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc5e9aa5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-SemiBold.ttf
risu.ua/assets/frontend/fonts/medium/ 238 KB
239 KB 311ms
311ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/medium/Montserrat-SemiBold.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6252868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 243816
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3b868"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMSp%2BzZqd5u2dc%2F7Nr8B0WCXdIPDiBt7OoDyuRpT4bA2s%2F%2F%2Ftv101PDP2ehJzu1jMdSUY135H3Y17jg5MUSCK2si2RDOrzzAIkNTCHctzV5o7j6w8gV3pUZVAHZ1jncYbTLeGaPQ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9ab5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-Bold.ttf
risu.ua/assets/frontend/fonts/bold/ 239 KB
239 KB 318ms
318ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/bold/Montserrat-Bold.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6252868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 244468
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3baf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1DbvYGU5BLotjNAu75hwxGc%2BJbVnStVMNP0%2FCGSg9abCbuWzT0TAEGItwXFykZkjASjE%2FcTlqPa8Q5HLQkdY8tE6mqD%2FFomlhiEZiKFuD58P%2BqIweTL3cUjJsc6jDAJqI88ZDU5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9ad5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-Regular.ttf
risu.ua/assets/frontend/fonts/regular/ 240 KB
241 KB 41ms
41ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/regular/Montserrat-Regular.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6252868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 245708
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3bfcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bESIDEuux%2B4IE7sRXTkIUytPzKt8i5r0ACEwN8X9b2585FOjXK4IRQYLPkoCZJe3pMTgInVbXKfXK6VqYlYLzVpe1DCjeVaTsbwzNVEFR7uK9LZ5JJ1h7YBwSmacBFxGl3vC8nyY"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc5e9af5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 facebook-pink.svg
risu.ua/assets/frontend/img/ 380 B
839 B 318ms
317ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/facebook-pink.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddcdcee860870f3376e2bbd699c7ee6100b0b207a44052354393254c72c37506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4007332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-17c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ulnI1cy3DSRp8Pt%2FJifuPYmSMSqlflpgCRRmv8TQtSfm0UbVnRx7OSV4oNybA4G0Oo9%2F4nS5G3dO8cEc0%2Bs7%2BkWWc13IUxKj3ORwg2FFqCSRqTKekU15VhK4lnw3qMgkWi6ekC3"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc5e9b45c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 twitter-pink.svg
risu.ua/assets/frontend/img/ 652 B
980 B 318ms
316ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/twitter-pink.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4c61d4c30e1d5dfab6fcab843dd3aa7402ae59a8a5a33c265e42bd755a418b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4007332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-28c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdkAmoDRFF%2FXm7IW0zAOCRkywcIUepGO34NClNAyQZ75T5h%2B3PmXsvc%2BbCe9RFNBKVKY1GTOUhefvj2p8KJKYfUkfxHzhvg1phaoFUF3jW6DZeVhxt4Bm4kScR%2B7ER0q%2BBS8%2FysT"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc5e9b55c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 video-icon-white.svg
risu.ua/assets/frontend/img/ 1 KB
1 KB 292ms
292ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/video-icon-white.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c03b4c6717847e16573f7ae823df8bf1df9fcfa158360f79b2f10da31adbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3923327
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-40e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B%2FnWStfd%2FmJp38lg5xiIxtGgkH2scueBFRpbN5drwThaPmuVdvxw13xkG5ZGxwHZlnHWxrBJP0p6ztps0dKUjDxcMmWVriPWArngQI3vu3%2FC9fZLYXj3h8SUxNle89BMg7gFi58"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc62a015c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK /
c.bigmir.net/ 331 B
586 B 444ms
289ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bigmir.net/?v16956114&s16956570&t30&c1&n923540&w0&y0&d24&r1600
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 351180a2e4f5cea27bf98218a88af6888acdd476973ad50710dbfd4ac0d7ed06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:06 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3 200 rss-icon.svg
risu.ua/assets/frontend/img/ 585 B
886 B 272ms
272ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/rss-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33430a4e18aa10ce687b1fa837f8d69cbd82f5f16ae8bea30c44c6546835f77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5567977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: W/"608bf281-249"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBuRKWPYqlc4C4xdeaihdif5DHzuNIXIiKKmfrE%2FDlN0z0kZ5dQtBp%2BuGWNRri%2FZ7QZaXAUmjdhdeu3WQdgW2PPHqXU9b3nef%2FdLvysvbBTfyfyi7aMTs32%2BzWbVwIGVC05QGILR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc64a705c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-luxnet-gray.png
risu.ua/assets/frontend/img/ 702 B
1 KB 269ms
269ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/logo-luxnet-gray.png
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af848f4cfd4ca713e249c26e739c5da98ce59a9b38f5e7811f41ad2605123ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2487271
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-2be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhlJTEAFxrrqc4ZLA0oBIMJzkzvV%2BdEoiuW%2FlLq2Kw5MCRPHnK%2BEEvpOJ21GPTZ58bXY8QV2hDD5PmJw9IjEn%2Brb%2B%2FG%2Bhyxm%2FDz%2BQSkKZ5tifs6YdCoCgio8cseEeRQgi6qsuIPN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6fc70dc64a745c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookies.min.css
risu.ua/assets/frontend/css/ 1 KB
1 KB 166ms
163ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/css/cookies.min.css?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/js/app.js?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16555ef1cffe3379aa4a915ec6a51ebf338a0d51ffa4409a3da31e0bed2c2cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4877972
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:43 GMT
server: cloudflare
etag: W/"608bf297-5ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUEIFOl96SIdh8Ajvbj%2Biv1Vp6blSxcy4PP%2BPACjaSyW4BQUbvYI6k%2B4bPwaHVoRreJgsxXCHqsnRz4QQGAMuPJlI5DLyct7xDs%2FNMPCmhOeQ3uLWpmwOfYc0j4ocZIKtIdW9uJ5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 6fc70dc6fbbf5c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 close-popup-white.svg
risu.ua/assets/frontend/cookiesAcceptModule/images/ 971 B
1 KB 164ms
162ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/cookiesAcceptModule/images/close-popup-white.svg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39a8fca170c2500aa3a659d9628cfe602522d33191ef0a9ba395d315b49452b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5400571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Apr 2021 12:05:57 GMT
server: cloudflare
etag: W/"608bf2a5-3cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BViFZSAIIc86ujvqp2dsIDd6g%2BEgCfc63%2BaLqyw4VjzPOo7D%2F6Kqjp4lOQzTcvkhhK9fX3QpB8ibaW9tHyXETJrO9EiE9dmsWOguAHxRrOaYjETW6B99DR35MXGkf5c3gusRkQVq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 6fc70dc6fbc35c2c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 37ms
22ms Fetch
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=acf6494db584a05259a7b96ad5661584
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f2e744787dcdfb50e0aa6ff2612e5531fb7b13334f5636216fb87fb49986f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
x-correlation-id: 9a707337b0a8330472f39bf7965d2fe9
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 364ms
45ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 14 Jul 2022 19:23:07 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

GET push-worker.js
risu.ua/ Frame 0
0

GET
H3 200 pubads_impl_2022041301.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 84ms
40ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 17:20:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125956
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 08:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Apr 2023 17:20:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
91 B 84ms
41ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6a77560cffb10516a81a0ecd03a1d373fd4d5778d6e6f3a59058d925d91b483d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
x-xss-protection: 0
expires: Fri, 15 Apr 2022 19:23:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 204ms
37ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11950234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3956
date: Fri, 15 Apr 2022 18:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 15 Apr 2022 20:17:11 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/ 303 KB
108 KB 117ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/show_ads_impl_with_ama_fy2019.js?client=pub-9928410365207988&plah=risu.ua&bust=31067130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a92ca1bfb477f8a251e768ab46d7de2698f4515b25827e7cda614f53604ee29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110837
x-xss-protection: 0
server: cafe
etag: 14875433850795506548
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 19:23:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 5927 10 KB
5 KB 38ms
36ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 20:59:15 GMT
etag: 14837630671339829333
expires: Thu, 28 Apr 2022 20:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
53ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 79 KB
12 KB 94ms
94ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1441686392116815&correlator=2436623468860527&eid=31064835%2C31067111%2C44761483%2C31066185&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=22089206648%2CTop_banner_970x90_all_pages%2CBottom_banner_970x90_all_pages%2CMainPage_1_970x90(970x250)%2CRight_Side_1_300x250(300x100)_News_page%2CAfter_NewsLine_300x250(300x100)_NewsPage%2CAfter_NewsText_580x400_NewsPage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x90%2C970x90%7C728x90%2C970x250%7C970x90%2C300x100%7C300x250%2C300x100%7C300x250%2C580x400&ifi=2&adks=2389199358%2C168509343%2C3692737370%2C3703452599%2C974587042%2C2722939886&sfv=1-0-38&ecs=20220415&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650050587140&lmt=1650050587&dlt=1650050586472&idt=638&biw=1600&bih=1200&adxs=240%2C315%2C210%2C-9%2C-9%2C-9&adys=88%2C5515%2C1384%2C-9%2C-9%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frisu.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x6593%7C1600x6593%7C1200x0%7C0x-1%7C0x-1%7C0x-1&msz=970x-1%7C1600x0%7C1180x0%7C0x-1%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1570595480.1650050587&ga_sid=1650050587&ga_hid=1910040271&ga_fc=false&btvi=0%7C1%7C2%7C-1%7C-1%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

79b775326d9c3f18c893826981dcf4eeb26d7b9588e3048d7b2b9498adb41f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12666
x-xss-protection: 0
google-lineitem-id: 5558920724,5549286947,-2,5549285903,-2,5565522436
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333809203,138332280390,-2,138332241179,-2,138359238729
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://risu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 250A 6 KB
4 KB 180ms
49ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:07 GMT
expires: Sat, 15 Apr 2023 19:23:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 74ms
15ms Fetch 52.174.47.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=acf6494db584a05259a7b96ad5661584&user_id=d4040279-1b35-4624-8717-e0734691e6b4&utmb=0844bb96-b351-4461-b5ce-f5b3c3e584e8&path=https%3A%2F%2Frisu.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.174.47.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:07 GMT
x-correlation-id: 6bab570537c151b5ef8144963d16e03e
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 94ms
46ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1910040271&t=pageview&_s=1&dl=https%3A%2F%2Frisu.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BB%D1%96%D0%B3%D1%96%D0%B9%D0%BD%D0%BE-%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%86%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D1%80%D0%B5%D0%BB%D1%96%D0%B3%D1%96%D1%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1182692402&gjid=1275837607&cid=1570595480.1650050587&tid=UA-11950234-1&_gid=1495686004.1650050587&_r=1&gtm=2ou4d0&z=381524534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 146ms
145ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 192ms
192ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
642 B 121ms
40ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=risu.ua&callback=_gfp_s_&client=ca-pub-9928410365207988

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/show_ads_impl_with_ama_fy2019.js?client=pub-9928410365207988&plah=risu.ua&bust=31067130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c48b8380ae487073a7c3353ad9753891fa4a4de4eca80966e9a61d9e03afd8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Frisu.ua%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 456B 603 B
68 B 66ms
65ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=pub-9928410365207988&output=html&adk=1812271804&adf=3025194257&lmt=1650050587&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frisu.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050586906&bpp=2&bdt=434&idt=287&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2380882616986&frm=20&pv=2&ga_vid=1570595480.1650050587&ga_sid=1650050587&ga_hid=1910040271&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31065545%2C31067130%2C31066185&oid=2&pvsid=1441686392116815&pem=737&tmod=1803147924&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:07 GMT
expires: Fri, 15 Apr 2022 19:23:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F245 6 KB
3 KB 71ms
52ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:07 GMT
expires: Sat, 15 Apr 2023 19:23:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C8A 6 KB
3 KB 64ms
50ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:07 GMT
expires: Sat, 15 Apr 2023 19:23:07 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3C8A 22 KB
7 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 16:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Apr 2023 16:38:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3C8A 154 KB
53 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5576063cb1d6eee83799dd58a65a4c81cba09b6e86eebc2e12b43faef0a5f381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53959
x-xss-protection: 0
server: cafe
etag: 511487654108124997
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C8A 119 KB
36 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F245 22 KB
7 KB 132ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 16:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Apr 2023 16:38:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F245 154 KB
53 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e389dd1005db17be5e79f39ed92a2ac14f5e545ccb4ff0bdb32eb573707c292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53971
x-xss-protection: 0
server: cafe
etag: 10545597859053038386
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F245 119 KB
36 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C8A 0
0 69ms
68ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjnFGUMqxyPmk7ysL7HAtIu1_EVm_U0WoJhRiSUqCVtQrohwnQEXrdnCHXbrFaHykT_0oV8_4BaS8r4PMSiLRfulXUnxvmWrY6gbUTJHjUlUoG1F_noMXz_esveD1z24rtcPmmAfSxHw2M0VQ9AzszBJceykdKQlXwBNq3svAQqfwVJgVFKpi5DACU73SLjW9Rxo5DhpX0tpKhlvEQ9r3Zl4nU7ozFWbw4Uh8qWFMNn1F3sk41EcmvRmt-bKFPDPDhzNDf9_uGzEvJrENkbzktjsr12fPBwNUbywaw1uwTLeO0ZYIrDPdtVJTg9kJJ1xBQCFNnwQ&sai=AMfl-YQmakRvjABZOMwiZ5NtSBiQlOOjP8_KXDrXYUYKVloM5Z5Ng2A0JU4GYcnCZD-Dad1A-A60x8m9kmNwmb8X_le0gVKxYaDDm0pSzTdRuKMVEfrGdI3GeQmGz_9d12w&sig=Cg0ArKJSzHVgClsFsqPPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
DATA 200
OK truncated
/ Frame 3C8A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88e1ab7f96c2ac58b57851e24306c1d0bddcd8fc15c2ba85a4cbfd93608cfb5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/ Frame 3C8A 302 KB
108 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9928410365207988&plah=e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea7c468fcc21916cd32aa42ef2b215c362c263bd8464347f2c2db9ba802a265d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110295
x-xss-protection: 0
server: cafe
etag: 7117878218911830197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F245 0
0 68ms
68ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGYjcsHJ-U5xbGovSekrRX0KbNhVjDm1jJMY2xGkcUCAsRn8np7-ZtDcKSB6EvNPHRnk6bkvESgdU-Qj7XXMaCTKrmuwoaj9vF0Kvv6rdEb1zCam1x_OALz_JTt5Ev6LPr53ReborniaZwd8r2vxvSNPVeBHF95Sm29-W_opM98AYUdiWVXmF-MrK5VXK9Rdswt75wdC-ursPI3TeiK6iZtd0i8mPUuRIG7AxI1boGMWcTqet-wlXqUb7Ouc1Ou1J1PeYsFrAr5iyJZQ4CDhU8NLMGJ0-Jupr3WaIa7TjHR08bBsH9DCXbnM7wQWO0WEbmkw&sai=AMfl-YTnyxqp7RL_SOcu4ZhOxyCnjbl0piJ1a15zEO2vp1tkJZtjUdEVPrquwWzXRLPQFu7yJdITsp3MGGUQlp3oZt8s424stJZ1B9K44RzK6NxpdvKxXb7QipBXfQGkpe0&sig=Cg0ArKJSzN6_yjBoOH_bEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
URL: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
DATA 200
OK truncated
/ Frame F245 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daaa25f958faab02cda2e6d8594c4a56d7241518e0301aea58da76ec0d0d5442

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/ Frame F245 302 KB
108 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65e3c2f9a07bc4e2d63a12b985a8470ed7b307ced714b009bff7907f0ad6d783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110295
x-xss-protection: 0
server: cafe
etag: 12902866771877994679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Apr 2022 19:23:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3C8A 107 B
122 B 99ms
51ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9928410365207988&plah=e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3C8A 107 B
122 B 98ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D10 19 KB
10 KB 289ms
288ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

59e8d2cc5c52ca031748b9882882c15a74b168f517381a583d83a1c469b21205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10567
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame F245 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F245 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B2C 21 KB
10 KB 324ms
324ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7089cd256fb80e65626730d83693bdae5f8d5ddd7a1ec9bdc1a0ed930c3bdca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10338
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D10 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_xctVnkIMlINnnlAMob_B9hJIL-qcMZhGypFHuXLO9IyGlXagGpjWwyE-HdcFqI6DTNCYXvU82wRzXKzLbK452E-pUsRlhSY3RxwRrOfHWyRoFuo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7D10 3 KB
1 KB 100ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:15:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D10 119 KB
36 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 19:23:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7D10 15 KB
6 KB 94ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:18:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7D10 0
0 137ms
42ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQC82RPKY4nIK9suKb4z2OqSFEmStAg666L66ccY45Y7tUuFEskwhDyU40gvgQSzfQaNlP0PaPdNT6vI2pwbS40bWEvA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 91F1 624 B
297 B 44ms
44ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXPu_YWOeTFTWzB7sBiH3aXGiXjIhMx_IsRi6XD3OIyS7dcp5gcSRnNajqNx2EemdsxSmOgFyzCUYpPJFrBAC7SlhuOyRIR3ltx5Sz9jcwiHX0vA5yo-XSu9ZI7o4MoHuURuUIB_Jun3kCFhe2ppH-1BHAd0Usnb-EhkqKahw1UdpZe16o

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7D10 14 KB
10 KB 71ms
70ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyxk5LOnE8ipeESz3j8qjgzKmxgKAdFx_1GOH0tZtPS3RsmDyuvrS7vKvc9kiBP48fDkU0FSgaR_cXUxSHKy5x9YRlTSFV-HZlw-l7JCj7i97YydOK5vha6Ne7XBSCqtQ5_ZNdylI3aER38d69IA7CCuOnag&cry=1&dbm_d=AKAmf-AeW-7qvJul5i9-xlqDkRTCuUaLNMLoIhVsZrs6ZDPUaM3CIy0BL-Se0uFE1GQEX-F8dcl5BZbHzKfkjOM2nGziG5jIwVTB2-2bBh5zniI_DHN9uPC_g1Sv2uxYIWUpEsmZkDIFYXuzzbdhaeFKyiXhFLcIM5GwxHlTuIaUKTXqQm05QjBOzD7f4GOLFwBE2l5_1mh7jbjzrg6UrQC1E40zd-nVi9ITZv6eyu9SEgwTZONCpPzDWtXVW0ZCPBp1440BmvRZF7EPvn9FruiJBJQxlXP03dFDIbLrpYFaXMvdgHuh6GDFT1OuW_19XTIzN5bt5LyaxCu9vA51AYpfR6_NtN-NfJ8D8BbJfCMKiY440Eu1Q7WI8-KGfS1nxHBtWTimxmOXC-5doM-1GyjGfQL0OpmAEKq9e5GgV00wiy5Bz8zIxIORexBZR5-Vr2zAJvib3A2DF6EAgAHeK0zcrLb-qhXnDhkvfTx7bvHCDPERvr0lIkc4xrRHRUaGTSpxfS3F_CoIJfJfZDjHXqBTFdFSz_Byz07xK9Y-sJpqheZ3giZJ7ZYxMzH3qyUgcruaizEwAVkX5vxYsD_vROBxL9r2XxibGp17S368CdqaotHffCOBh78Jodoo9M4DiPb9jTZ-kvToE37d3iIH71rR6QZY2JLtmw4crOrr6PMfWcM-orgVOZFdg3-zpjYniBYt3Bw4QPX3vzR1_Uw5jNO4BXm1lhXmpG4OwIvAyiGeswLOFWj9pQbYvnIPu8-gtV1QYZGkWI6BPnl8jb4qyCQAf5e0AhVImbNrlLZWUyQPKdsvhsr1ENtPpoHz11LvpLLDd26wJ5-36G_pd7o7d5uUBA85KuTcwGVH-ggBbIa0ve25Sw9H43xC_S9xknj_k3XkOkwdHgQVnuPHehpNsDnxXmk02oKKZWvOANlhutwax23up5ShF83lz6yWjGn4ybO-Cae3h9JfBFGBDZIv6texwaG5CvJOkb1t8v7OP55LNx3WiWZOvx9NytASRkDRlRM_uv8VYXdOwxnUSZd0dAK7SM02F01dalfXNRz0JJBw3f3GNR5aklnnv09S0oaj0ZFhYV8w4XJ_9amw7XLf16JyipB0OTyO4uPocDBrbkc0VYX5oTE_tU4Sxc6lBbU4lBN_EoPW7Fz0CZBb4TDsxDWbt7rf1UsGN3EmE7CG7xPFuVTy5-j0YNae-ShONTLZwBQTmqA2MrEARP1AmGvL_rMEbLSINgDO91iecwDpqWBBTGMAToOcO1AHApKUHne-Lmq2jOG4UkJn-yXWznt2v2T6iDttd8q-gCSBhDbqJcunx_ZQm_8piP9jUDr0T3VIh8y3pTk3YyvyHozl3f2kT4Te7-Q2JVrXqv2MavX6QoYhkoJoAtY6osJ6I_stFFgBIST2D6tMKjsFR3Z2-95YVwPOcoVewvyeLw3BP0RnKV86kZjB0d4CvJQBhnn4ICwqad5V7tv0UdqmPZj0ah2D2-RG6foetZWTxgwkL1_w4lAdnPg4pi5jR8deAatRxdZodEl5QjXbYmK35huDEmfKq3bIyghD9njBqhXNmmKuS6DzPfTHvTSyk0PIsGApteTMyr0OQ0EUTmMhDsXKrES6oi5dwvxf5qlrDKmGJbPnMnnAEAFpbYd-RS6wgDkG_Pwl0XHkYGkem3qNtFBFgVKqa5jVLqWr40QA0St2B6-076m7NbPynXfHCgOWNDxm7xOIjdlfVtPJEvhibO3bNz19WZ4eYbQPa_zl_2eoCfPCjpSZ42NytRdmwJbZKlGcwsLSdpf2u5e-IVbhz2oBLY5y5R44C5s92zZGndcHOug98Nci6WOeEPqZLSVGtqqsYQzLrAj-2_ReH_9scFUVOm8zUTB8Q8OTgJBdqrX3b1mh3Uxmq9YTfXr1VCe5q5oqdZBPYBbJzuNlSuJm_0UCjN7klahFdca1BfiGYAiAzLQhYRUDo1v9DM_wE2AaGFLX_gehL6q4xycMuukOnWHZxIVn4FVBf6q2rj7l6CWT1uhnbnug1LUa2-Zr6oxfP2XMGbHG9FFoF8k2CDPn0AW21SMjPXK_UXrNIUuzhW38oq8wX66NybErUIvS2a8o2eMDZdwCGRxf8xSHJ22sV5fgmcjZmzy9eOz9PBQyoa63tuc9eT8q2oSK7Gv-sY4brYnZoyLB3OTkbkMcW8JUANsiJmZ9Fz7LgxcCYEtRmXuUSMRD4daeTyVJYMhkqZWgBFUU0LZ_y_Eu00IVPNejZAkUMhY5WXEzXQtI2rjaRKS7cvuEDQVxwvvigdCOEEYhxpOjUD9NIk99po35H6F6rDoDuqCRjo_r21_gFrPh0b7U6i955gkYfnM4DTnxey4keIdSxwv5YphPk9VWTQihtYY8290z2xBSkYzpm2Hbe25j19MdldfAnL7KrDnivknaxhIlZ3rouuhS3CbX6xGkOY-P9_YgzHpMZknNHoy6HfZqiOgQX6he_BoiqoMHSCywZpq5ygUAfnNY3-HQFK6q5yIiPzRGUbnT_Ed5dcMinP8CaQzwzYJj7-78ebGHx84oQDJ316NVgznaUKkoEdUAKiZ5bEY8waczFdZVif9TbwiOWMWwVC4CAJLvBVc2Q-vlFXspvULMKRj7UK2bY1AyLsN-yL2QZsiX-OBkd7GsaXKlq3GdSONUL0ZN8MnGMXherOfvJlcPoAIyVYJhJbQz78fOLPB0MJNul4qc93w9cN4tN2gpiKsLEN_loBOuwOm4uaO7i-9Z8KSjSNigTLkyiw-b6yEPexX4n2vg7BQCpv754wToeNHqyduPB1h1hT-B3c_o2T46DGb6W4TDtb8C6umfQCLpYkLWOG2P7bodDlPwDAd2IN4aNNx0zwDdbPskLrBUQ5foNE5ICtU5_tfQAmXb23X_uxVhFNYDcAKjjfCwAj3wf8NgW8RTEX4CoYJW14ZrGTe5TZYWku9ARjZfhW_a6tXsuLjVU_aPvmomgos4UloA4H3Om66kJPDd-M31cnupaRxMctSxgaIhq2D8taQNhWFSM00xO-T2Rm9ZXrrbs9kzwYs1al96efeVfjfsVzAS9EABRhyqx-5GvfiOIV-omkzU_J8rjZQXzZ_zw19U2UWuU_1PhVamUyxFy1sueBhSWrc-lWMMRuwNOTrFkckyEDCy9s6PbcXkfJ-_wQDfWJt4zc5zvwE-pMOrtPhvt0z0Dw3swj5by3Ch_xAKz6hdrEUFyvwMTmyi9mrSsQuzIlQ-_QE_Sb7WWTvxkF3xjbHiHJMa4wHEGOk0IAmx53tXfmWhI83rLhgOA1Ct-Z7rMBeC9Tdrb9MRPbBs8PZUzjC1DMAUKgdaWRUMTkgxM7qLJwO1bBm_wXGjthab_9adPN7O8z6ob4Aub_VSr5WsRaIRiFhWkvK4AZlIfOGSh193nU505QqZKSL19qOXSP2MKJoK8_L40FwC1aU6nnz6xHcSPhALEQ1HHnL0tLU1RJ4JbI9hWiHbEHGiZQR89EBdIQj3sgwE3EiCYwwmHUu68tLxc9IjFWIfpZ47Vtur&cid=CAASEuRoWO2S6mYNwriKo5bLrxLv3A&rfl=2%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ff01ff6ace5d9aa42c3d0de10e679fb0a576346936536997fa681793db1915a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10692
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7167 640 B
316 B 46ms
45ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVOBs2HElO5GOjfl4MelgjhgkAUFR1slv6--TjzSPeQ9xQRI5innyhHVnNa9ldEi0PqsPC0g1b-tiQjK16viOpomWnSByrmvVTD2Uuw9gek3M8RRzTeQFBk5iXlZUP1fjdcoO8HKMgYqvRbyjL1C16z4FUIp7FIjgS-BNZkc8V2opuFR50

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4AF2 78 KB
32 KB 81ms
80ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKPPT4Ax7mo7SX8t1CMp7JokCRZzlzN-efmyaBFmW7cSuC5T80MtAXkAn9a96PL_5xFM099K5EM-KF6vh-Jj2H_jRx84Yam9htB7sTpQQPS7ixUQl-17g7EXKYXX26FpvnSwsDdXo1QU0jtvUznNZfeiezyw&dbm_d=AKAmf-A0sBndRoiUyDcLrLZYkchqm2KFvKccsMOVPbwg4Anwcdtd1x88YU17IeKlbPTxFa_ophlxWDWAnOwIQ2OISWkUorbEEagFaXwIULwBhPFPDt8kqUEdw3BENl2TFo0wuPDHBfy-QPA4dxBFyU5K06GEN6kO0eK156yiwjgVpsvxAiGvz-9YH3_tbbTmmkUV0YnSAGlW4i3c6cOmbnh2rWQfSm2kNmdl8i_-yyIgvOzL97xM7hgnqUrwEpdCBtbnqBK0VEzMHYzT8hr0cNd9vjVnQbxvxRbIbRTdVq3atdbORuJ8ZecN-klY2u8sEnVRbb_IRonQmillFg4qjSIClugW5Ud-EQ80MOUsU0FiXDoWJJC768qw7w389WuAlNaAUklGijJzjw3VV8jP592MW91JZ4RpSksKRq_gJ6R80532x733QMFHzJPv8QD0CEFQbOV51Q2iMzpIX-TepXV6u5yI0iYWk3LouUGnVn3TuxF8pJ1g5Sz3D_p2H9IapfP-GjB1Cc7Qa2iMQnmeyDxtVLI_R2qih19vJ6YxKPafh7lK-5qvPecaoUaejuKxp6gsnBDWSAa6wTC5GqjIYmzB6w2ebfEBJYj8FboXrt8ciT7AFhzcgwF4DHisO9GvJ14cibRJ1La6oa6GT_hoDIP9-V9LwwxIv2EuiUf3uP9e0yZWcmWoJeCm2W-BCx-tNkpgup_wakFfNaxltp8rwD0Bb973JH1klQ1Rv5wWya_EGzIzP74QS3Qb7QXFOfbHSwmFnzLkBY3oS55sMM71n0l2KEgW-q30Z07sD3VSyV0_xXVCNko0xlkqX5De63HNKaMbs-cvN7J8uhK7_y9fPfHdIb8gcfn-XMZ6yb23TEYcmjpbJzoOxzHN99SuWbjlEzbn9Wnm1p9sGrWP9TJdRiRI_DGzWPuife8iPXAbrozU9AlYc2ZrjHXDi_knvrrzQnzq0y_CAW8d-YSNKfeRwFMucBQg2S1bCU_0Y4_QAiJ3D1gZvoXunzAppj35Vg3Du9oXkiKN9eZ3gScQMy5hiz7nDJC27nfkyDaJqNH8i8AJtln2gRBJopTE4fkDzoZEaVnkYTVfQNSGvM8Yh74COjhn8U5RPvayOHITueUHHECjvE6thL9SToTUFSbvW9kROOyUqo7dNRU4E831ePOvF2kj2NqTqQ4OKNLbvFDccHW5yyI43aIY2p_3KpUdigJln70t6h4Krzo_RBBZaex_heFJsRrcqO9yR0RgdIGo8imHAnw8pVOoA_11vU6hZg-2LVuwdsdFSd2Nk34woxwNpx2b5eNL23p66isyNW7Vu-LDHzgg3vp2kdyAl9cnq5Q4xZI3f_4hY-DlEZxKxkoGPotqewZKoluopu0qauub0oiyVcNz-hWg_n1MgDw0BH2NO8iPTHyTS88CjohzALuTP2KS8WOsYQ6QEPXWBo1AgobU7Cv5ygs0mTMEwH7HT_c_w5yLan1tyS3CU5CE7E2SFjm2gNXLLji5sqjzYEZIdUXCzb7rKZCHyn2mJoKMEOzGRpuO1v31FBW1ZL8B1dnua6v8Q7HtZI7h5yoMybZlhTo9r_4z_aVrO6ST-CqjsnrEZckQEk1CN-zJQXVZ8PCliobAAozPsbF5fQcD32faOXMBOMfdowtFPJS1WLaPAa0Qcli76GOk4JqaT8CjdxArMLrxNxR3VtRWwK8w0qfpyJ8HAJaGxTg3IjNclqJZhhrqwb5QsIRrIYEi3JYXs1N2z5vnEE1Y-Fw7_z4gz5qNGQr8MNVEEkeuSAFlC8n8aqLZORv_1QXf7ehM20JNbDrIhzMRIlPtU3FJXzGBn6kB958ASptpYTk4d_9SxdSvC0KwxKM7Y5BbjsLlJUcvA3Gcorl3eEyIZ44e4ZkY2qQIoahxs9DaFzpXTfPtWdTqaqSoxAFMgjirqRP243hMjwZ-pS3QDDvkuy9xeWOQW54GsnDHuPAxeg_lMBsc6x6G2I6S31xTddmz-4LfSuNxyio9E4N-u8109mWpi2qxMjSuT3Bajvun9sE7I_5s56koAKQZYJt-BRMPhyZNfeqTLDcJm66WPWocWk57-1OeuXuaGIzsQ_i8EE_0FZykfoiUdmmy3JoJ8yLqCt8TE1wrCFv5p3V015XqmGFaaygsCymZ7XHZT02uhXnkwtxnPPP1FE2DGByjdUwInp78272P8A7zNyGuvnVuA0-3TXg4FNZnjuUmpHVXIsempYXaFoc_UWre6hqAdNwYtVJM24RKtx2S3aHk0Uc139wgx5TliWgSh7CRLj_HXpAwOMWUQfkAtf8OT3vx4OlMGp7e6_JtDALLh3aRlxdj_zVn04abfZd23T8VSS1ASx00QqQPJ27-TeA4MWQWNPuItbGfeDQif1c9NaAWhrWtukkvelh6r56lpdxENeLI0CYbjHPg1pdniR6JkOeF1TprLg3-NQSsvF1b_9LCvWZ2-4XDF05ZdZFyiqqWLqK8dnPPXgGwW8WbcidRta0FyvctOXrYydPCQy-BUWAq1iewztUBoZ_6dutMi04ZkxmDff3n8_aaa3I4YWZGt7uTholqj62H4_c7sGJEMa6HRTRUq4XUjRsZK4YxKnVUtS-qde0fUxFdVlG4t6S6w9KsxP1yEKNb9F3LyXZh9RVFv4CHk5kXaGYOO8yTsN1sRaBXiB1g8fttcFXExMKooEksnyn9C5JIi_HgfTWAFpVgaKk78yBJeRZW_do-NKwQGeOXE5bpWm4Sfv35j8cELCGDj5QMql0yJcFVMJN4udoRpVsX6uXGvZnpAM8DiJvXtVeRfAtYcrD2O_StggJANyiPPRCYin55e5Ffe14m_mPJIP00wKx5XeoaJmSvEQFzi7dLivoEMkugXESla-CLBq2gl7yueud3mNya0lwO6P8kaIbhCAKpU0-Yfzz67Lsjzj7lWLBFSl_pPHEueQNbYSK1TnyDfg1pDVorVDTKsMhkPdf9Y3PIHPrWWZckBUZR-TPdH4_tInXUBQCIl1p3oUg8OuavYwB-Xv-j_d1-3XqKdMszZwZRpj6QDK0cWOmtsu9BNc_5XrMkbQ3_VGgSs8kys3U48_bTDoklbOT_BJdePRO_4fUpxfcyYg3biMNQLoCFqvDbxhwqdMjwCIDPmntHSNhEanspxi3BI7uenZ2vxzNDD40b5WJeAOU-3pWRsHj5HALP-mA&cid=CAASEuRomJ1pkQsFZJJwOUzZyloAGQ&rfl=3%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%252F%240

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

976004e3013568dfd055384ead521527c0177e9c1abba672b18dfa9a67f3e157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33172
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4AF2 3 KB
1 KB 79ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:15:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AF2 119 KB
36 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 19:23:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 4AF2 15 KB
6 KB 78ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:18:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4AF2 0
0 126ms
43ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxV9Z1He0XI8alpT8SDNmqW6X9lYmPsi--P6YWwaEjUpNaUQ9lldI0MG136YMgQDOdJ4RHUME_RLZT9SICesnSTo9n7Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AF2 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dg_EXLyOhhsaeQwyWgRbOdY08C98N8f40-7kiWACPazMptNXkrlJWXqMC4aCunvN_YVIicsMmv5jAAAO7dBCje7GSjR8j8AlexktlVs2lmah-VGHU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 91F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1

43 B
894 B

37ms
14ms

Image
image/gif

69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXPu_YWOeTFTWzB7sBiH3aXGiXjIhMx_IsRi6XD3OIyS7dcp5gcSRnNajqNx2EemdsxSmOgFyzCUYpPJFrBAC7SlhuOyRIR3ltx5Sz9jcwiHX0vA5yo-XSu9ZI7o4MoHuURuUIB_Jun3kCFhe2ppH-1BHAd0Usnb-EhkqKahw1UdpZe16o
Protocol: HTTP/1.1
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Apr 2022 19:23:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 91F1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlnGHA7RcYJmVA1hjKf-4AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1

43 B
894 B

18ms
17ms

Image
image/gif

69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXPu_YWOeTFTWzB7sBiH3aXGiXjIhMx_IsRi6XD3OIyS7dcp5gcSRnNajqNx2EemdsxSmOgFyzCUYpPJFrBAC7SlhuOyRIR3ltx5Sz9jcwiHX0vA5yo-XSu9ZI7o4MoHuURuUIB_Jun3kCFhe2ppH-1BHAd0Usnb-EhkqKahw1UdpZe16o
Protocol: HTTP/1.1
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 15 Apr 2022 19:23:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFfJ9GwBGoJUDzbWKxCZZ0g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 91F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL6DI4JVuqpWRW2rTrEGZcs&google_cver=1

43 B
1020 B

18ms
13ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL6DI4JVuqpWRW2rTrEGZcs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXPu_YWOeTFTWzB7sBiH3aXGiXjIhMx_IsRi6XD3OIyS7dcp5gcSRnNajqNx2EemdsxSmOgFyzCUYpPJFrBAC7SlhuOyRIR3ltx5Sz9jcwiHX0vA5yo-XSu9ZI7o4MoHuURuUIB_Jun3kCFhe2ppH-1BHAd0Usnb-EhkqKahw1UdpZe16o

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:08 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7cb92fd8-d446-4427-abf8-f391b91477fd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL6DI4JVuqpWRW2rTrEGZcs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91F1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3NDE3MjU4MzI0MzAyMTM3OQ%3D%3D

170 B
188 B

83ms
43ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3NDE3MjU4MzI0MzAyMTM3OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:08 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54d89525-4787-42cd-aee3-827497f39f62
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3NDE3MjU4MzI0MzAyMTM3OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 7167
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1glhHIvVg-e4IkFIRdfFM&google_cver=1

43 B
61 B

50ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1glhHIvVg-e4IkFIRdfFM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVOBs2HElO5GOjfl4MelgjhgkAUFR1slv6--TjzSPeQ9xQRI5innyhHVnNa9ldEi0PqsPC0g1b-tiQjK16viOpomWnSByrmvVTD2Uuw9gek3M8RRzTeQFBk5iXlZUP1fjdcoO8HKMgYqvRbyjL1C16z4FUIp7FIjgS-BNZkc8V2opuFR50
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF1glhHIvVg-e4IkFIRdfFM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7167 43 B
305 B 64ms
27ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVOBs2HElO5GOjfl4MelgjhgkAUFR1slv6--TjzSPeQ9xQRI5innyhHVnNa9ldEi0PqsPC0g1b-tiQjK16viOpomWnSByrmvVTD2Uuw9gek3M8RRzTeQFBk5iXlZUP1fjdcoO8HKMgYqvRbyjL1C16z4FUIp7FIjgS-BNZkc8V2opuFR50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7167
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEGluy2DT9Exl0xyfjp3bXxg&google_cver=1

23 B
172 B

34ms
32ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEGluy2DT9Exl0xyfjp3bXxg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVOBs2HElO5GOjfl4MelgjhgkAUFR1slv6--TjzSPeQ9xQRI5innyhHVnNa9ldEi0PqsPC0g1b-tiQjK16viOpomWnSByrmvVTD2Uuw9gek3M8RRzTeQFBk5iXlZUP1fjdcoO8HKMgYqvRbyjL1C16z4FUIp7FIjgS-BNZkc8V2opuFR50
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 15 Apr 2022 19:23:08 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEGluy2DT9Exl0xyfjp3bXxg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7167 23 B
172 B 83ms
36ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY2ajFwwEwAQ&v=APEucNVOBs2HElO5GOjfl4MelgjhgkAUFR1slv6--TjzSPeQ9xQRI5innyhHVnNa9ldEi0PqsPC0g1b-tiQjK16viOpomWnSByrmvVTD2Uuw9gek3M8RRzTeQFBk5iXlZUP1fjdcoO8HKMgYqvRbyjL1C16z4FUIp7FIjgS-BNZkc8V2opuFR50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 15 Apr 2022 19:23:08 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D10 41 KB
15 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyxk5LOnE8ipeESz3j8qjgzKmxgKAdFx_1GOH0tZtPS3RsmDyuvrS7vKvc9kiBP48fDkU0FSgaR_cXUxSHKy5x9YRlTSFV-HZlw-l7JCj7i97YydOK5vha6Ne7XBSCqtQ5_ZNdylI3aER38d69IA7CCuOnag&cry=1&dbm_d=AKAmf-AeW-7qvJul5i9-xlqDkRTCuUaLNMLoIhVsZrs6ZDPUaM3CIy0BL-Se0uFE1GQEX-F8dcl5BZbHzKfkjOM2nGziG5jIwVTB2-2bBh5zniI_DHN9uPC_g1Sv2uxYIWUpEsmZkDIFYXuzzbdhaeFKyiXhFLcIM5GwxHlTuIaUKTXqQm05QjBOzD7f4GOLFwBE2l5_1mh7jbjzrg6UrQC1E40zd-nVi9ITZv6eyu9SEgwTZONCpPzDWtXVW0ZCPBp1440BmvRZF7EPvn9FruiJBJQxlXP03dFDIbLrpYFaXMvdgHuh6GDFT1OuW_19XTIzN5bt5LyaxCu9vA51AYpfR6_NtN-NfJ8D8BbJfCMKiY440Eu1Q7WI8-KGfS1nxHBtWTimxmOXC-5doM-1GyjGfQL0OpmAEKq9e5GgV00wiy5Bz8zIxIORexBZR5-Vr2zAJvib3A2DF6EAgAHeK0zcrLb-qhXnDhkvfTx7bvHCDPERvr0lIkc4xrRHRUaGTSpxfS3F_CoIJfJfZDjHXqBTFdFSz_Byz07xK9Y-sJpqheZ3giZJ7ZYxMzH3qyUgcruaizEwAVkX5vxYsD_vROBxL9r2XxibGp17S368CdqaotHffCOBh78Jodoo9M4DiPb9jTZ-kvToE37d3iIH71rR6QZY2JLtmw4crOrr6PMfWcM-orgVOZFdg3-zpjYniBYt3Bw4QPX3vzR1_Uw5jNO4BXm1lhXmpG4OwIvAyiGeswLOFWj9pQbYvnIPu8-gtV1QYZGkWI6BPnl8jb4qyCQAf5e0AhVImbNrlLZWUyQPKdsvhsr1ENtPpoHz11LvpLLDd26wJ5-36G_pd7o7d5uUBA85KuTcwGVH-ggBbIa0ve25Sw9H43xC_S9xknj_k3XkOkwdHgQVnuPHehpNsDnxXmk02oKKZWvOANlhutwax23up5ShF83lz6yWjGn4ybO-Cae3h9JfBFGBDZIv6texwaG5CvJOkb1t8v7OP55LNx3WiWZOvx9NytASRkDRlRM_uv8VYXdOwxnUSZd0dAK7SM02F01dalfXNRz0JJBw3f3GNR5aklnnv09S0oaj0ZFhYV8w4XJ_9amw7XLf16JyipB0OTyO4uPocDBrbkc0VYX5oTE_tU4Sxc6lBbU4lBN_EoPW7Fz0CZBb4TDsxDWbt7rf1UsGN3EmE7CG7xPFuVTy5-j0YNae-ShONTLZwBQTmqA2MrEARP1AmGvL_rMEbLSINgDO91iecwDpqWBBTGMAToOcO1AHApKUHne-Lmq2jOG4UkJn-yXWznt2v2T6iDttd8q-gCSBhDbqJcunx_ZQm_8piP9jUDr0T3VIh8y3pTk3YyvyHozl3f2kT4Te7-Q2JVrXqv2MavX6QoYhkoJoAtY6osJ6I_stFFgBIST2D6tMKjsFR3Z2-95YVwPOcoVewvyeLw3BP0RnKV86kZjB0d4CvJQBhnn4ICwqad5V7tv0UdqmPZj0ah2D2-RG6foetZWTxgwkL1_w4lAdnPg4pi5jR8deAatRxdZodEl5QjXbYmK35huDEmfKq3bIyghD9njBqhXNmmKuS6DzPfTHvTSyk0PIsGApteTMyr0OQ0EUTmMhDsXKrES6oi5dwvxf5qlrDKmGJbPnMnnAEAFpbYd-RS6wgDkG_Pwl0XHkYGkem3qNtFBFgVKqa5jVLqWr40QA0St2B6-076m7NbPynXfHCgOWNDxm7xOIjdlfVtPJEvhibO3bNz19WZ4eYbQPa_zl_2eoCfPCjpSZ42NytRdmwJbZKlGcwsLSdpf2u5e-IVbhz2oBLY5y5R44C5s92zZGndcHOug98Nci6WOeEPqZLSVGtqqsYQzLrAj-2_ReH_9scFUVOm8zUTB8Q8OTgJBdqrX3b1mh3Uxmq9YTfXr1VCe5q5oqdZBPYBbJzuNlSuJm_0UCjN7klahFdca1BfiGYAiAzLQhYRUDo1v9DM_wE2AaGFLX_gehL6q4xycMuukOnWHZxIVn4FVBf6q2rj7l6CWT1uhnbnug1LUa2-Zr6oxfP2XMGbHG9FFoF8k2CDPn0AW21SMjPXK_UXrNIUuzhW38oq8wX66NybErUIvS2a8o2eMDZdwCGRxf8xSHJ22sV5fgmcjZmzy9eOz9PBQyoa63tuc9eT8q2oSK7Gv-sY4brYnZoyLB3OTkbkMcW8JUANsiJmZ9Fz7LgxcCYEtRmXuUSMRD4daeTyVJYMhkqZWgBFUU0LZ_y_Eu00IVPNejZAkUMhY5WXEzXQtI2rjaRKS7cvuEDQVxwvvigdCOEEYhxpOjUD9NIk99po35H6F6rDoDuqCRjo_r21_gFrPh0b7U6i955gkYfnM4DTnxey4keIdSxwv5YphPk9VWTQihtYY8290z2xBSkYzpm2Hbe25j19MdldfAnL7KrDnivknaxhIlZ3rouuhS3CbX6xGkOY-P9_YgzHpMZknNHoy6HfZqiOgQX6he_BoiqoMHSCywZpq5ygUAfnNY3-HQFK6q5yIiPzRGUbnT_Ed5dcMinP8CaQzwzYJj7-78ebGHx84oQDJ316NVgznaUKkoEdUAKiZ5bEY8waczFdZVif9TbwiOWMWwVC4CAJLvBVc2Q-vlFXspvULMKRj7UK2bY1AyLsN-yL2QZsiX-OBkd7GsaXKlq3GdSONUL0ZN8MnGMXherOfvJlcPoAIyVYJhJbQz78fOLPB0MJNul4qc93w9cN4tN2gpiKsLEN_loBOuwOm4uaO7i-9Z8KSjSNigTLkyiw-b6yEPexX4n2vg7BQCpv754wToeNHqyduPB1h1hT-B3c_o2T46DGb6W4TDtb8C6umfQCLpYkLWOG2P7bodDlPwDAd2IN4aNNx0zwDdbPskLrBUQ5foNE5ICtU5_tfQAmXb23X_uxVhFNYDcAKjjfCwAj3wf8NgW8RTEX4CoYJW14ZrGTe5TZYWku9ARjZfhW_a6tXsuLjVU_aPvmomgos4UloA4H3Om66kJPDd-M31cnupaRxMctSxgaIhq2D8taQNhWFSM00xO-T2Rm9ZXrrbs9kzwYs1al96efeVfjfsVzAS9EABRhyqx-5GvfiOIV-omkzU_J8rjZQXzZ_zw19U2UWuU_1PhVamUyxFy1sueBhSWrc-lWMMRuwNOTrFkckyEDCy9s6PbcXkfJ-_wQDfWJt4zc5zvwE-pMOrtPhvt0z0Dw3swj5by3Ch_xAKz6hdrEUFyvwMTmyi9mrSsQuzIlQ-_QE_Sb7WWTvxkF3xjbHiHJMa4wHEGOk0IAmx53tXfmWhI83rLhgOA1Ct-Z7rMBeC9Tdrb9MRPbBs8PZUzjC1DMAUKgdaWRUMTkgxM7qLJwO1bBm_wXGjthab_9adPN7O8z6ob4Aub_VSr5WsRaIRiFhWkvK4AZlIfOGSh193nU505QqZKSL19qOXSP2MKJoK8_L40FwC1aU6nnz6xHcSPhALEQ1HHnL0tLU1RJ4JbI9hWiHbEHGiZQR89EBdIQj3sgwE3EiCYwwmHUu68tLxc9IjFWIfpZ47Vtur&cid=CAASEuRoWO2S6mYNwriKo5bLrxLv3A&rfl=2%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 17:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 17:28:29 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 7D10 11 KB
4 KB 45ms
12ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbQn2G8ZZYoHxKsyu1fAP-NOmwA6m5b2gaYWVnKfJD_AuEAEg0uOSfWCV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTmAU_Qt9rj3A8tolv-amOv0ckX-AewxBOiQGDa_Z7UdB0mvj61W4F-bzPFF3ulJLQKovfitnOcjJV4q_6KvZ7BhjIsmI3geoEJ5XgUF4DdEG7mVGsxo6AZwraxHQrZhVOhiqhjznAkovOqB1hVKKff36880VLjjoPBG25FrhWypK1PzJyAG-yGpM90gheBnPhxgumuB1khy2V4Hkxqgax0utivOXkoUrm5WQNjdufuRzqAe4hEF9VbwDMuSfHyhecJW47PLLPFncmQEbHqijOjBlFFIorq5cVgu0KOop-lfu_OeJt52xGQwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoWO2S6mYNwriKo5bLrxLv3A%26sig%3DAOD64_2Nyh0zUn8QUStIc1WCNCRk-AvMvQ%26client%3Dca-pub-9928410365207988%26dbm_c%3DAKAmf-DVdvEOfcRs5c53PIVd5Q4xrAGtZRESWT4YbM_ji__IGRajzoHbQlymuSXtQrkXyGrwPddWinyHWmGm-PNTqYwvprWGRCbgSQYy_HzEAsXmC2KAKGP88OYwf1AOF4a78A-XVkCBBBDnLFVXihUNBhZkH8aaIw%26cry%3D1%26dbm_d%3DAKAmf-DhDxcwGAegsLgNh30L73LqrR3xovSlFaBF0Byzf_ftPdf7IhtIHwnA7tzNjsslpQSUBA8MIm0a7hMv631INC9b5uknLlbcQWF3q8fw9OUGDsqj3YpjBtC7SYScOJMG8QGTxWcjswGXUQqHMf7uBLZLXf3I6aRapV1s_qBi9GX-AGH3D_ji3quMNEPG8cHa4t9lQRMqInNd_Hrg8eEby9nXeDn8eWMKpkKlCUuER-Ay0cpNg8Zqy5xk9svUvtybPYqlLuN0xZAVEYVEsXWgRUor5IwzTgYz1KULMe0svr_uVDEcHFKIeM3z5MWJ7Z2jOzKBjgRU7vrVGmmFbm59j7fIxok_V9FYXWBnFLAjZesNVh-gg-IMrNbsg8axHGcgcbDEMQ7kP4vYZ524VYJdbSD9YBLnTu2kOHGfIZE9LuZvD_M43fcTXTLCbUiKGIyg27u03oGN%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 27426181890ce4b872308f6771eaee96d14f67043c49aaaa1c43ad1f752387c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3895
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 4AF2 106 KB
38 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Apr 2022 09:31:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 4AF2 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKPPT4Ax7mo7SX8t1CMp7JokCRZzlzN-efmyaBFmW7cSuC5T80MtAXkAn9a96PL_5xFM099K5EM-KF6vh-Jj2H_jRx84Yam9htB7sTpQQPS7ixUQl-17g7EXKYXX26FpvnSwsDdXo1QU0jtvUznNZfeiezyw&dbm_d=AKAmf-A0sBndRoiUyDcLrLZYkchqm2KFvKccsMOVPbwg4Anwcdtd1x88YU17IeKlbPTxFa_ophlxWDWAnOwIQ2OISWkUorbEEagFaXwIULwBhPFPDt8kqUEdw3BENl2TFo0wuPDHBfy-QPA4dxBFyU5K06GEN6kO0eK156yiwjgVpsvxAiGvz-9YH3_tbbTmmkUV0YnSAGlW4i3c6cOmbnh2rWQfSm2kNmdl8i_-yyIgvOzL97xM7hgnqUrwEpdCBtbnqBK0VEzMHYzT8hr0cNd9vjVnQbxvxRbIbRTdVq3atdbORuJ8ZecN-klY2u8sEnVRbb_IRonQmillFg4qjSIClugW5Ud-EQ80MOUsU0FiXDoWJJC768qw7w389WuAlNaAUklGijJzjw3VV8jP592MW91JZ4RpSksKRq_gJ6R80532x733QMFHzJPv8QD0CEFQbOV51Q2iMzpIX-TepXV6u5yI0iYWk3LouUGnVn3TuxF8pJ1g5Sz3D_p2H9IapfP-GjB1Cc7Qa2iMQnmeyDxtVLI_R2qih19vJ6YxKPafh7lK-5qvPecaoUaejuKxp6gsnBDWSAa6wTC5GqjIYmzB6w2ebfEBJYj8FboXrt8ciT7AFhzcgwF4DHisO9GvJ14cibRJ1La6oa6GT_hoDIP9-V9LwwxIv2EuiUf3uP9e0yZWcmWoJeCm2W-BCx-tNkpgup_wakFfNaxltp8rwD0Bb973JH1klQ1Rv5wWya_EGzIzP74QS3Qb7QXFOfbHSwmFnzLkBY3oS55sMM71n0l2KEgW-q30Z07sD3VSyV0_xXVCNko0xlkqX5De63HNKaMbs-cvN7J8uhK7_y9fPfHdIb8gcfn-XMZ6yb23TEYcmjpbJzoOxzHN99SuWbjlEzbn9Wnm1p9sGrWP9TJdRiRI_DGzWPuife8iPXAbrozU9AlYc2ZrjHXDi_knvrrzQnzq0y_CAW8d-YSNKfeRwFMucBQg2S1bCU_0Y4_QAiJ3D1gZvoXunzAppj35Vg3Du9oXkiKN9eZ3gScQMy5hiz7nDJC27nfkyDaJqNH8i8AJtln2gRBJopTE4fkDzoZEaVnkYTVfQNSGvM8Yh74COjhn8U5RPvayOHITueUHHECjvE6thL9SToTUFSbvW9kROOyUqo7dNRU4E831ePOvF2kj2NqTqQ4OKNLbvFDccHW5yyI43aIY2p_3KpUdigJln70t6h4Krzo_RBBZaex_heFJsRrcqO9yR0RgdIGo8imHAnw8pVOoA_11vU6hZg-2LVuwdsdFSd2Nk34woxwNpx2b5eNL23p66isyNW7Vu-LDHzgg3vp2kdyAl9cnq5Q4xZI3f_4hY-DlEZxKxkoGPotqewZKoluopu0qauub0oiyVcNz-hWg_n1MgDw0BH2NO8iPTHyTS88CjohzALuTP2KS8WOsYQ6QEPXWBo1AgobU7Cv5ygs0mTMEwH7HT_c_w5yLan1tyS3CU5CE7E2SFjm2gNXLLji5sqjzYEZIdUXCzb7rKZCHyn2mJoKMEOzGRpuO1v31FBW1ZL8B1dnua6v8Q7HtZI7h5yoMybZlhTo9r_4z_aVrO6ST-CqjsnrEZckQEk1CN-zJQXVZ8PCliobAAozPsbF5fQcD32faOXMBOMfdowtFPJS1WLaPAa0Qcli76GOk4JqaT8CjdxArMLrxNxR3VtRWwK8w0qfpyJ8HAJaGxTg3IjNclqJZhhrqwb5QsIRrIYEi3JYXs1N2z5vnEE1Y-Fw7_z4gz5qNGQr8MNVEEkeuSAFlC8n8aqLZORv_1QXf7ehM20JNbDrIhzMRIlPtU3FJXzGBn6kB958ASptpYTk4d_9SxdSvC0KwxKM7Y5BbjsLlJUcvA3Gcorl3eEyIZ44e4ZkY2qQIoahxs9DaFzpXTfPtWdTqaqSoxAFMgjirqRP243hMjwZ-pS3QDDvkuy9xeWOQW54GsnDHuPAxeg_lMBsc6x6G2I6S31xTddmz-4LfSuNxyio9E4N-u8109mWpi2qxMjSuT3Bajvun9sE7I_5s56koAKQZYJt-BRMPhyZNfeqTLDcJm66WPWocWk57-1OeuXuaGIzsQ_i8EE_0FZykfoiUdmmy3JoJ8yLqCt8TE1wrCFv5p3V015XqmGFaaygsCymZ7XHZT02uhXnkwtxnPPP1FE2DGByjdUwInp78272P8A7zNyGuvnVuA0-3TXg4FNZnjuUmpHVXIsempYXaFoc_UWre6hqAdNwYtVJM24RKtx2S3aHk0Uc139wgx5TliWgSh7CRLj_HXpAwOMWUQfkAtf8OT3vx4OlMGp7e6_JtDALLh3aRlxdj_zVn04abfZd23T8VSS1ASx00QqQPJ27-TeA4MWQWNPuItbGfeDQif1c9NaAWhrWtukkvelh6r56lpdxENeLI0CYbjHPg1pdniR6JkOeF1TprLg3-NQSsvF1b_9LCvWZ2-4XDF05ZdZFyiqqWLqK8dnPPXgGwW8WbcidRta0FyvctOXrYydPCQy-BUWAq1iewztUBoZ_6dutMi04ZkxmDff3n8_aaa3I4YWZGt7uTholqj62H4_c7sGJEMa6HRTRUq4XUjRsZK4YxKnVUtS-qde0fUxFdVlG4t6S6w9KsxP1yEKNb9F3LyXZh9RVFv4CHk5kXaGYOO8yTsN1sRaBXiB1g8fttcFXExMKooEksnyn9C5JIi_HgfTWAFpVgaKk78yBJeRZW_do-NKwQGeOXE5bpWm4Sfv35j8cELCGDj5QMql0yJcFVMJN4udoRpVsX6uXGvZnpAM8DiJvXtVeRfAtYcrD2O_StggJANyiPPRCYin55e5Ffe14m_mPJIP00wKx5XeoaJmSvEQFzi7dLivoEMkugXESla-CLBq2gl7yueud3mNya0lwO6P8kaIbhCAKpU0-Yfzz67Lsjzj7lWLBFSl_pPHEueQNbYSK1TnyDfg1pDVorVDTKsMhkPdf9Y3PIHPrWWZckBUZR-TPdH4_tInXUBQCIl1p3oUg8OuavYwB-Xv-j_d1-3XqKdMszZwZRpj6QDK0cWOmtsu9BNc_5XrMkbQ3_VGgSs8kys3U48_bTDoklbOT_BJdePRO_4fUpxfcyYg3biMNQLoCFqvDbxhwqdMjwCIDPmntHSNhEanspxi3BI7uenZ2vxzNDD40b5WJeAOU-3pWRsHj5HALP-mA&cid=CAASEuRomJ1pkQsFZJJwOUzZyloAGQ&rfl=3%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:22:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 4AF2 25 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Apr 2022 19:21:32 GMT

GET
H/1.1

200
OK

request.php Show response
hal900013.redintelligence.net/ Frame 7D10
Redirect Chain

https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

101ms
74ms

Script
application/x-javascript

116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbQn2G8ZZYoHxKsyu1fAP-NOmwA6m5b2gaYWVnKfJD_AuEAEg0uOSfWCV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTmAU_Qt9rj3A8tolv-amOv0ckX-AewxBOiQGDa_Z7UdB0mvj61W4F-bzPFF3ulJLQKovfitnOcjJV4q_6KvZ7BhjIsmI3geoEJ5XgUF4DdEG7mVGsxo6AZwraxHQrZhVOhiqhjznAkovOqB1hVKKff36880VLjjoPBG25FrhWypK1PzJyAG-yGpM90gheBnPhxgumuB1khy2V4Hkxqgax0utivOXkoUrm5WQNjdufuRzqAe4hEF9VbwDMuSfHyhecJW47PLLPFncmQEbHqijOjBlFFIorq5cVgu0KOop-lfu_OeJt52xGQwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoWO2S6mYNwriKo5bLrxLv3A%26sig%3DAOD64_2Nyh0zUn8QUStIc1WCNCRk-AvMvQ%26client%3Dca-pub-9928410365207988%26dbm_c%3DAKAmf-DVdvEOfcRs5c53PIVd5Q4xrAGtZRESWT4YbM_ji__IGRajzoHbQlymuSXtQrkXyGrwPddWinyHWmGm-PNTqYwvprWGRCbgSQYy_HzEAsXmC2KAKGP88OYwf1AOF4a78A-XVkCBBBDnLFVXihUNBhZkH8aaIw%26cry%3D1%26dbm_d%3DAKAmf-DhDxcwGAegsLgNh30L73LqrR3xovSlFaBF0Byzf_ftPdf7IhtIHwnA7tzNjsslpQSUBA8MIm0a7hMv631INC9b5uknLlbcQWF3q8fw9OUGDsqj3YpjBtC7SYScOJMG8QGTxWcjswGXUQqHMf7uBLZLXf3I6aRapV1s_qBi9GX-AGH3D_ji3quMNEPG8cHa4t9lQRMqInNd_Hrg8eEby9nXeDn8eWMKpkKlCUuER-Ay0cpNg8Zqy5xk9svUvtybPYqlLuN0xZAVEYVEsXWgRUor5IwzTgYz1KULMe0svr_uVDEcHFKIeM3z5MWJ7Z2jOzKBjgRU7vrVGmmFbm59j7fIxok_V9FYXWBnFLAjZesNVh-gg-IMrNbsg8axHGcgcbDEMQ7kP4vYZ524VYJdbSD9YBLnTu2kOHGfIZE9LuZvD_M43fcTXTLCbUiKGIyg27u03oGN%26adurl%3D&documentReferer=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frisu.ua&random=1860033319262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Protocol: HTTP/1.1
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 6f06a81429d1e056b95896230fcd4333ef48f831b4c0e5795a6a9be617fb7bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:08 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 56500500188839704444550011930013
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 864
Expires: Fri, 15 Apr 2022 20:23:08 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:08 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbQn2G8ZZYoHxKsyu1fAP-NOmwA6m5b2gaYWVnKfJD_AuEAEg0uOSfWCV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTmAU_Qt9rj3A8tolv-amOv0ckX-AewxBOiQGDa_Z7UdB0mvj61W4F-bzPFF3ulJLQKovfitnOcjJV4q_6KvZ7BhjIsmI3geoEJ5XgUF4DdEG7mVGsxo6AZwraxHQrZhVOhiqhjznAkovOqB1hVKKff36880VLjjoPBG25FrhWypK1PzJyAG-yGpM90gheBnPhxgumuB1khy2V4Hkxqgax0utivOXkoUrm5WQNjdufuRzqAe4hEF9VbwDMuSfHyhecJW47PLLPFncmQEbHqijOjBlFFIorq5cVgu0KOop-lfu_OeJt52xGQwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoWO2S6mYNwriKo5bLrxLv3A%26sig%3DAOD64_2Nyh0zUn8QUStIc1WCNCRk-AvMvQ%26client%3Dca-pub-9928410365207988%26dbm_c%3DAKAmf-DVdvEOfcRs5c53PIVd5Q4xrAGtZRESWT4YbM_ji__IGRajzoHbQlymuSXtQrkXyGrwPddWinyHWmGm-PNTqYwvprWGRCbgSQYy_HzEAsXmC2KAKGP88OYwf1AOF4a78A-XVkCBBBDnLFVXihUNBhZkH8aaIw%26cry%3D1%26dbm_d%3DAKAmf-DhDxcwGAegsLgNh30L73LqrR3xovSlFaBF0Byzf_ftPdf7IhtIHwnA7tzNjsslpQSUBA8MIm0a7hMv631INC9b5uknLlbcQWF3q8fw9OUGDsqj3YpjBtC7SYScOJMG8QGTxWcjswGXUQqHMf7uBLZLXf3I6aRapV1s_qBi9GX-AGH3D_ji3quMNEPG8cHa4t9lQRMqInNd_Hrg8eEby9nXeDn8eWMKpkKlCUuER-Ay0cpNg8Zqy5xk9svUvtybPYqlLuN0xZAVEYVEsXWgRUor5IwzTgYz1KULMe0svr_uVDEcHFKIeM3z5MWJ7Z2jOzKBjgRU7vrVGmmFbm59j7fIxok_V9FYXWBnFLAjZesNVh-gg-IMrNbsg8axHGcgcbDEMQ7kP4vYZ524VYJdbSD9YBLnTu2kOHGfIZE9LuZvD_M43fcTXTLCbUiKGIyg27u03oGN%26adurl%3D&documentReferer=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frisu.ua&random=1860033319262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 15 Apr 2022 20:23:08 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9A39 22 KB
8 KB 51ms
47ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 17:28:29 GMT
expires: Sat, 15 Apr 2023 17:28:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4AF2 41 KB
15 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 17:28:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 17:28:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3C32 1 KB
749 B 44ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sat, 16 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4AF2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c75b57fb03d56955a7ab7143ad8c15fa72dcf329c174f26bd95c75d132e498d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8B58 22 KB
8 KB 43ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 17:28:29 GMT
expires: Sat, 15 Apr 2023 17:28:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A39 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 01:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 01:45:18 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3C32 35 B
464 B 41ms
9ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMEV_MDRYzNUelOGeegTPgc&google_cver=1&google_push=AYg5qPKbXk5mzTIBRDGygJkv1b_6XD7qZMnyYBIjMTCt-YTyPRrLNDsW6cHMKh2IIBMGjrZUT7uTsKdCcpYTgHWaxhEpDaLucztJ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C32
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPITNWBR7UDzfFRS84PHUFWaHVJc9mmOdkRQnVwe9RB2NeqzOrjY-V6NMbc34lt84b25oppYa_Sdwo7MLIdQDsvqTuMEVoDY&google_gid=CAESEFBMDaUTUBXDJAjA5TWj0ZI&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJyM55IGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJVE5XQlI3VUR6ZkZSUzg0UEhVRldhSFZKYzltbU9ka1JRblZ3ZTlSQjJOZXF6T3JqWS1WNk5NYmMzNGx0ODRiMjVvcHBZYV9TZHdvN01MSW...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ29Sc2RTVnJrM2hRZEJkeGJaYmc3YmdyVjNIRHo3T19mbHpBLWFaRl9aNA==&google_push

170 B
188 B

57ms
54ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ29Sc2RTVnJrM2hRZEJkeGJaYmc3YmdyVjNIRHo3T19mbHpBLWFaRl9aNA==&google_push

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Apr 2022 19:23:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ29Sc2RTVnJrM2hRZEJkeGJaYmc3YmdyVjNIRHo3T19mbHpBLWFaRl9aNA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3C32 43 B
351 B 81ms
34ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF1M64emD0D8CvtI8xt15q8&google_cver=1&google_push=AYg5qPLhNTWqv-KkVOz_ovUA5j6Krms9nJbLWbGU6Xhcj2ZitTqN4QoFjj7WlDpVCpd9x5FngVxD6ubVJO62gBLTpq1rAxUjnkU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 3hnljg2vcscllgmdl035vpgjffkr2gsp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C32
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsVqOaOSRDalk-xih4O8tA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsVqOaOSRDalk-xih4O8tA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKhtAhJS1eag5m6RzWUoiyOVsY-QcJTfIXXyI67LipAlTaVtn7BuWpvCwY69Wv9Asf6Rph5DJxsNsdJ1yfe0mgTd-uPLRBw

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VsVqOaOSRDalk-xih4O8tA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKhtAhJS1eag5m6RzWUoiyOVsY-QcJTfIXXyI67LipAlTaVtn7BuWpvCwY69Wv9Asf6Rph5DJxsNsdJ1yfe0mgTd-uPLRBw
date: Fri, 15 Apr 2022 19:23:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C32
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFW4RH1gvNnGMEvDoZCtJd0&google_cver=1&google_push=AYg5qPKW2aybptBt3TQ-93Ih5Esy1orC-hQs3YsdOGjwAhLldnJeaOBfGeywwxGCmS0x3rioNk2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNSVMtQy1INzZM&google_push=AYg5qPKW2aybptBt3TQ-93Ih5Esy1orC-hQs3YsdOGjwAhLldnJeaOBfGeywwxGCmS0x3rioNk2QA4SMG-Es9EHmsSlxCU-Zy1YH

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNSVMtQy1INzZM&google_push=AYg5qPKW2aybptBt3TQ-93Ih5Esy1orC-hQs3YsdOGjwAhLldnJeaOBfGeywwxGCmS0x3rioNk2QA4SMG-Es9EHmsSlxCU-Zy1YH

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNSVMtQy1INzZM&google_push=AYg5qPKW2aybptBt3TQ-93Ih5Esy1orC-hQs3YsdOGjwAhLldnJeaOBfGeywwxGCmS0x3rioNk2QA4SMG-Es9EHmsSlxCU-Zy1YH
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3C32
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYf...

0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame 3C32 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3C32 0
12 B 45ms
43ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITw5Uza3aaNe61LnYWwzaBMzbMpbxAoUz2YLo1NhbbMBwe2KvxjESwBymyFMuGdaGxyCB94Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 4 KB
2 KB 97ms
44ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 34076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1567
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 09:55:12 GMT
expires: Sat, 15 Apr 2023 09:55:12 GMT
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4AF2 0
622 B 180ms
76ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDu29WaVQuAEqzG-PlJjRwnFZvVUaFTi0dwNsir6t2AMng7VMtXHjrb-ZSi1Zxo-t9iIGeiWa2UWS2a7D9HKS2wUH1KknL8NTzyU1WPIK_QU3U4kAX3SrNzSXOgcLd9_hvFODzb1yEDr8r3kihOO87MnGESPJZJpA626kHopq9Nj3vHRjQ6A3Cbau54nv-xnRiIZoDpSLKLn83ClgLbNQlD8QMHaCUnzyLDMGzD68ItMOFZgzUI5bSiTrQ0Jp7RJleGUG2tDeOnLszM0KxDAMmHOFRr4XprgCK5X-_5WQk3oFhA7vJtsm86Dum752j9wo-RL5FJeZbHhuW-abWSFC1p85EmkIkeHFK41VfyCNtoqtIG0NCs7bjO45oF5R9veIrji1uIogOTBBNBBFHV0aw8BjHiCpe-r1IaTV5rpcJHaYgzfMJCECjwQRE7G8Ki-k9EUHD_6SOUh8HDQkEI12m3Wohqah5D5SOsgfK9icTubMTK9disvNIitPbD6v_1FK9h0RZLP1QtrEzZBKZLGw_bzOvSsAK1MTgVpV_IEIM8n1HwWJviFbh9XADbmPApFiKbCnllM3D3QhC1Fnsv0YPYivTJk6aiWcfBeAHugIuhbrss-iejvf1iO7dStKJdllaflFBX4JbeDW-osthUXg3uAp_dkrE4LTROOozyfNPdAXEGMNhopWPgnKh8C29WJsYY1DZAYfvJdXSXy_fK5IffBTF0aKFmCkxy_Y-obYZnsQqCYxde1urUC_MbbxQ2yMj7O2CvwWtulVH-Kp4nitID3NBhluPj-YBu7NhSlH2P1_j3MqOx-O5wZqVR1WOwXj7QLPfY3eGv49gAWvxLTxpwaW_Gh8u6RcNe5KwD8ig1LRM-XVDFY4gRfl4bz5oNFzgJiDsvHOIINRI07tYIL81KGJ54GD8zZHiUGQnrLyzyJ1TwJh0Wb7IQ8fZe7-XAr7AaIFjBFM_KcqvGAJiNCqpi2G1dI2pVwCB8uUNjhhmM2nw6cY7k0NaofHjf9D1m5U4h_XH6PWxlUZE3lraWSX9AvQEoEh42DikRq_oyHddDupXa_Ab6X-SnnbXVJux8wkC_9vufwlbPj_F4QxD40wKc-yhCSJgZWMj6mtkQ84rc7-LNLnIP_qs0N8iXcqmZkn8YROIusLnUX5ucFaMtD7irimNDvmlfQuVZ1OtQG21UyZKdfG2qbYRs70&sai=AMfl-YRNdqx0G8NrTkEq0rNiG-_crvHZNIGfJJmamrX-4eqIic4yKs5YjagqhjQKfl3Ln7q8K64edg2YV1dw-dN5y7lKMq74398ZD9PaPhp7Vw3Z2RXsHZLW1jT2YhDUa3Z8GCA-5RjU2dZpUM59EWqT58wzn-tU8Q&sig=Cg0ArKJSzKnDOJY8zviTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=186&cisv=r20220413.00117&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 15 Apr 2022 19:23:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 4AF2
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033531&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

13ms
8ms

Image
image/gif

18.184.26.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&psa=0&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587566&bpp=3&bdt=224&idt=134&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=3117877454399&frm=24&ife=3&pv=2&ga_vid=1508502011.1650050588&ga_sid=1650050588&ga_hid=742699444&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=3198292015&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44760332%2C31067063&oid=2&pvsid=1752089255598005&pem=370&tmod=583335846&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6zqrnbpzc3x&fsb=1&dtd=147
Protocol: HTTP/1.1
Server: 18.184.26.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-26-149.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Last-Modified: Fri, 15 Apr 2022 19:23:08 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B58 35 KB
13 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 01:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 01:45:18 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DBC1
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=56500500188839704444550011930013&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56500500188839704444550011930013&actionid=981741&produktid=&dt_url=

0
630 B

84ms
39ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56500500188839704444550011930013&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbQn2G8ZZYoHxKsyu1fAP-NOmwA6m5b2gaYWVnKfJD_AuEAEg0uOSfWCV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTmAU_Qt9rj3A8tolv-amOv0ckX-AewxBOiQGDa_Z7UdB0mvj61W4F-bzPFF3ulJLQKovfitnOcjJV4q_6KvZ7BhjIsmI3geoEJ5XgUF4DdEG7mVGsxo6AZwraxHQrZhVOhiqhjznAkovOqB1hVKKff36880VLjjoPBG25FrhWypK1PzJyAG-yGpM90gheBnPhxgumuB1khy2V4Hkxqgax0utivOXkoUrm5WQNjdufuRzqAe4hEF9VbwDMuSfHyhecJW47PLLPFncmQEbHqijOjBlFFIorq5cVgu0KOop-lfu_OeJt52xGQwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoWO2S6mYNwriKo5bLrxLv3A%26sig%3DAOD64_2Nyh0zUn8QUStIc1WCNCRk-AvMvQ%26client%3Dca-pub-9928410365207988%26dbm_c%3DAKAmf-DVdvEOfcRs5c53PIVd5Q4xrAGtZRESWT4YbM_ji__IGRajzoHbQlymuSXtQrkXyGrwPddWinyHWmGm-PNTqYwvprWGRCbgSQYy_HzEAsXmC2KAKGP88OYwf1AOF4a78A-XVkCBBBDnLFVXihUNBhZkH8aaIw%26cry%3D1%26dbm_d%3DAKAmf-DhDxcwGAegsLgNh30L73LqrR3xovSlFaBF0Byzf_ftPdf7IhtIHwnA7tzNjsslpQSUBA8MIm0a7hMv631INC9b5uknLlbcQWF3q8fw9OUGDsqj3YpjBtC7SYScOJMG8QGTxWcjswGXUQqHMf7uBLZLXf3I6aRapV1s_qBi9GX-AGH3D_ji3quMNEPG8cHa4t9lQRMqInNd_Hrg8eEby9nXeDn8eWMKpkKlCUuER-Ay0cpNg8Zqy5xk9svUvtybPYqlLuN0xZAVEYVEsXWgRUor5IwzTgYz1KULMe0svr_uVDEcHFKIeM3z5MWJ7Z2jOzKBjgRU7vrVGmmFbm59j7fIxok_V9FYXWBnFLAjZesNVh-gg-IMrNbsg8axHGcgcbDEMQ7kP4vYZ524VYJdbSD9YBLnTu2kOHGfIZE9LuZvD_M43fcTXTLCbUiKGIyg27u03oGN%26adurl%3D&documentReferer=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frisu.ua&random=1860033319262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Apr 2022 19:23:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 15 Apr 2022 09:23:08 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Fri, 15 Apr 2022 19:23:08 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=56500500188839704444550011930013&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B9D59BA5:8D82_91EFC182:01BB_6259C61C_1E96A4DB:F723

GET
H2

200

index.html Show response
www.parship.de/wplp/htlp/de/ Frame 1D63
Redirect Chain

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=56500500188839704444550011930013&pv=1
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID

558 B
968 B

115ms
28ms

Document
text/html

2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control: max-age=10, stale-if-error=432000
cf-cache-status: HIT
cf-ray: 6fc70dd42e339136-FRA
content-encoding: gzip
content-length: 325
content-type: text/html; charset=utf-8
date: Fri, 15 Apr 2022 19:23:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 28 Feb 2022 14:30:12 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Fri, 15 Apr 2022 19:23:08 GMT
location: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server: nginx
server-id: 12
x-robots-tag: noindex, nofollow

GET
H/1.1 200
OK request_content.php Show response
hal900013.redintelligence.net/ Frame 3669 7 KB
2 KB 49ms
16ms Document
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e89238e123&subid=&uid=a151f6a9c45910b9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbQn2G8ZZYoHxKsyu1fAP-NOmwA6m5b2gaYWVnKfJD_AuEAEg0uOSfWCV4pCCoAfIAQmpAivR1Qv0IbI-qAMBqgTmAU_Qt9rj3A8tolv-amOv0ckX-AewxBOiQGDa_Z7UdB0mvj61W4F-bzPFF3ulJLQKovfitnOcjJV4q_6KvZ7BhjIsmI3geoEJ5XgUF4DdEG7mVGsxo6AZwraxHQrZhVOhiqhjznAkovOqB1hVKKff36880VLjjoPBG25FrhWypK1PzJyAG-yGpM90gheBnPhxgumuB1khy2V4Hkxqgax0utivOXkoUrm5WQNjdufuRzqAe4hEF9VbwDMuSfHyhecJW47PLLPFncmQEbHqijOjBlFFIorq5cVgu0KOop-lfu_OeJt52xGQwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOPtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoWO2S6mYNwriKo5bLrxLv3A%26sig%3DAOD64_2Nyh0zUn8QUStIc1WCNCRk-AvMvQ%26client%3Dca-pub-9928410365207988%26dbm_c%3DAKAmf-DVdvEOfcRs5c53PIVd5Q4xrAGtZRESWT4YbM_ji__IGRajzoHbQlymuSXtQrkXyGrwPddWinyHWmGm-PNTqYwvprWGRCbgSQYy_HzEAsXmC2KAKGP88OYwf1AOF4a78A-XVkCBBBDnLFVXihUNBhZkH8aaIw%26cry%3D1%26dbm_d%3DAKAmf-DhDxcwGAegsLgNh30L73LqrR3xovSlFaBF0Byzf_ftPdf7IhtIHwnA7tzNjsslpQSUBA8MIm0a7hMv631INC9b5uknLlbcQWF3q8fw9OUGDsqj3YpjBtC7SYScOJMG8QGTxWcjswGXUQqHMf7uBLZLXf3I6aRapV1s_qBi9GX-AGH3D_ji3quMNEPG8cHa4t9lQRMqInNd_Hrg8eEby9nXeDn8eWMKpkKlCUuER-Ay0cpNg8Zqy5xk9svUvtybPYqlLuN0xZAVEYVEsXWgRUor5IwzTgYz1KULMe0svr_uVDEcHFKIeM3z5MWJ7Z2jOzKBjgRU7vrVGmmFbm59j7fIxok_V9FYXWBnFLAjZesNVh-gg-IMrNbsg8axHGcgcbDEMQ7kP4vYZ524VYJdbSD9YBLnTu2kOHGfIZE9LuZvD_M43fcTXTLCbUiKGIyg27u03oGN%26adurl%3D&documentReferer=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2Fe8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com%2Chttps%3A%2F%2Frisu.ua&random=1860033319262&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 2c75b8ca7343457352a8890c3b58e5d434f6ae87928956f12fe123edd66eab7a

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2107
Content-Type: text/html; charset=utf-8
Date: Fri, 15 Apr 2022 19:23:08 GMT
Expires: Fri, 15 Apr 2022 20:23:08 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 7D10
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56500500188839704444550011930013
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=56500500188839704444550011930013
https://ad-server.eu/wm/pb/native.png

68 B
312 B

175ms
39ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 19:28:28 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA5:8DBA_91EFC182:01BB_6259C61C_1E9A1B60:F725
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7D10 43 B
702 B 57ms
23ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=56500500188839704444550011930013&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Apr 2022 19:23:08 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 657F 1 KB
749 B 51ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sat, 16 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7D10 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d8917ea115d9893eafeeca063e4ce7fa5c99dfbd592f8186cb5d54d16e21bbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 3669 1 KB
921 B 156ms
48ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 Apr 2022 17:59:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 15 Apr 2022 19:23:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Apr 2022 19:23:08 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3669 9 KB
9 KB 50ms
18ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 96bf7b392bc871730e71f2ec0b70c282662e6c256b77b30d50a983892dfa2e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9343
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3669 9 KB
9 KB 42ms
15ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_627x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5d64f059fc67e71cf4581939924f2eee647fdab27e0ffe32ca289d0fc6e6c07f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9169
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3669 7 KB
7 KB 42ms
15ms Image
image/png 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_627x627.jpg
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d75327d5842aadf339f8e3e1c8c175013009eac6cdf2b209a23aa094dc36f267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7363
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 1 KB
524 B 54ms
51ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 495
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:29 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EA9E 109 KB
37 KB 64ms
60ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 19:23:08 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 8 KB
2 KB 52ms
49ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2182
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 657F
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIFHGITUbSb3jZU4l0i08Q1cwwuClDQdi9yUNO...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxuR0hBQUFCVW8xRTFzbg&google_push=AYg5qPIFHGITUbSb3jZU4l0i08Q1cwwuClDQdi9yUNO4l5kcZq0n7uss52gF-ouUCak8Uefa27Ij_IbgnFYLyj94rC1YdmK0IA6s

170 B
188 B

64ms
63ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxuR0hBQUFCVW8xRTFzbg&google_push=AYg5qPIFHGITUbSb3jZU4l0i08Q1cwwuClDQdi9yUNO4l5kcZq0n7uss52gF-ouUCak8Uefa27Ij_IbgnFYLyj94rC1YdmK0IA6s

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWxuR0hBQUFCVW8xRTFzbg&google_push=AYg5qPIFHGITUbSb3jZU4l0i08Q1cwwuClDQdi9yUNO4l5kcZq0n7uss52gF-ouUCak8Uefa27Ij_IbgnFYLyj94rC1YdmK0IA6s
Date: Fri, 15 Apr 2022 19:23:08 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 657F 42 B
317 B 51ms
46ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKy_DYt_wR7Y7jqwNCRkcoiMg306WY9iuKmxERtZ8aGoOp44wsXMVdHQmUedkQ_H075-gAqzH244le1GGroBtPQuFQXCyZX&google_gid=CAESEFBMDaUTUBXDJAjA5TWj0ZI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 657F
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLDyKH8...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLDyKH8...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTUxOTIzMDkwMDAxNTE1MTQ0NTI1Nw%3D%3D&google_push=AYg5qPLDyKH8JlBeHX_HSkJ43c5fY_ca4tj7fc65-58a60W-DsaCTy48IAy_qpZS2shGAM...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTUxOTIzMDkwMDAxNTE1MTQ0NTI1Nw%3D%3D&google_push=AYg5qPLDyKH8JlBeHX_HSkJ43c5fY_ca4tj7fc65-58a60W-DsaCTy48IAy_qpZS2shGAMD6sueA26iHd1UOUvAQ7luInEzwweI

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTUxOTIzMDkwMDAxNTE1MTQ0NTI1Nw%3D%3D&google_push=AYg5qPLDyKH8JlBeHX_HSkJ43c5fY_ca4tj7fc65-58a60W-DsaCTy48IAy_qpZS2shGAMD6sueA26iHd1UOUvAQ7luInEzwweI
pragma: no-cache
date: Fri, 15 Apr 2022 19:23:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 15 Apr 2022 19:23:09 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 657F 43 B
64 B 69ms
37ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF1M64emD0D8CvtI8xt15q8&google_cver=1&google_push=AYg5qPIOaX-b6yT4TKX_rrxUNp5yAeSD1KafYEcqL1TGISZIqD2NAKdkbQO3rV4C2sXhmH9P9n_s3Y4VTD4ceITUDFfcbl_X7h9y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=9648803897&adk=2790608382&adf=3173046728&pi=t.ma~as.9648803897&w=728&psa=0&format=728x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650050587530&bpp=3&bdt=193&idt=108&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&correlator=6115033120614&frm=24&ife=3&pv=2&ga_vid=1498140847.1650050588&ga_sid=1650050588&ga_hid=487760700&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3217467608&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=3904327303445832&pem=370&tmod=71432286&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.pv6vaouhtbr2&fsb=1&dtd=140
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: dqfsnl8pe40m4oqrki6gti31vn2cls02

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 657F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFW4RH1gvNnGMEvDoZCtJd0&google_cver=1&google_push=AYg5qPJtoE94omkh9dI4YmNqybMx4FAt0F9r9BsZA1fQxiuefv1KkO9cYtg9Jcz1UqZuBhLq755...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNT0EtMTktSFdDUA==&google_push=AYg5qPJtoE94omkh9dI4YmNqybMx4FAt0F9r9BsZA1fQxiuefv1KkO9cYtg9Jcz1UqZuBhLq7551ku95mHsWp3zSJ-c2DM8yavs

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNT0EtMTktSFdDUA==&google_push=AYg5qPJtoE94omkh9dI4YmNqybMx4FAt0F9r9BsZA1fQxiuefv1KkO9cYtg9Jcz1UqZuBhLq7551ku95mHsWp3zSJ-c2DM8yavs

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDIwVElNT0EtMTktSFdDUA==&google_push=AYg5qPJtoE94omkh9dI4YmNqybMx4FAt0F9r9BsZA1fQxiuefv1KkO9cYtg9Jcz1UqZuBhLq7551ku95mHsWp3zSJ-c2DM8yavs
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 657F 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 657F 0
12 B 53ms
49ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2h_sG2iFuvK-gpUSatGOd7pWbPXH0oF0x8-Ldgj7A5zc9hXutEUxn-QuK7TWxIB4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 17 KB
17 KB 51ms
48ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/bg1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6977a4964a998af15079f965e3c7e181ca67b3170c14437993b08e1de3fd4302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:13 GMT
x-content-type-options: nosniff
age: 34075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17743
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:13 GMT

GET
H3 200 b1.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 421 B
448 B 86ms
83ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/b1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 16:38:17 GMT
x-content-type-options: nosniff
age: 269091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 421
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Apr 2023 16:38:17 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 2 KB
2 KB 86ms
83ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:13 GMT
x-content-type-options: nosniff
age: 34075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1964
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:13 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 3 KB
3 KB 85ms
82ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:13 GMT
x-content-type-options: nosniff
age: 34075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3522
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:13 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 2 KB
2 KB 60ms
57ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/h3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:13 GMT
x-content-type-options: nosniff
age: 34075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2383
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:13 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 1 KB
1 KB 85ms
82ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:13 GMT
x-content-type-options: nosniff
age: 34075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:13 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/ Frame EA9E 3 KB
3 KB 84ms
81ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12824194602122111411/unicef_ukraine_spende_728x90_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 09:55:13 GMT
x-content-type-options: nosniff
age: 34075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2971
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 09:55:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4AF2 0
26 B 116ms
72ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDu29WaVQuAEqzG-PlJjRwnFZvVUaFTi0dwNsir6t2AMng7VMtXHjrb-ZSi1Zxo-t9iIGeiWa2UWS2a7D9HKS2wUH1KknL8NTzyU1WPIK_QU3U4kAX3SrNzSXOgcLd9_hvFODzb1yEDr8r3kihOO87MnGESPJZJpA626kHopq9Nj3vHRjQ6A3Cbau54nv-xnRiIZoDpSLKLn83ClgLbNQlD8QMHaCUnzyLDMGzD68ItMOFZgzUI5bSiTrQ0Jp7RJleGUG2tDeOnLszM0KxDAMmHOFRr4XprgCK5X-_5WQk3oFhA7vJtsm86Dum752j9wo-RL5FJeZbHhuW-abWSFC1p85EmkIkeHFK41VfyCNtoqtIG0NCs7bjO45oF5R9veIrji1uIogOTBBNBBFHV0aw8BjHiCpe-r1IaTV5rpcJHaYgzfMJCECjwQRE7G8Ki-k9EUHD_6SOUh8HDQkEI12m3Wohqah5D5SOsgfK9icTubMTK9disvNIitPbD6v_1FK9h0RZLP1QtrEzZBKZLGw_bzOvSsAK1MTgVpV_IEIM8n1HwWJviFbh9XADbmPApFiKbCnllM3D3QhC1Fnsv0YPYivTJk6aiWcfBeAHugIuhbrss-iejvf1iO7dStKJdllaflFBX4JbeDW-osthUXg3uAp_dkrE4LTROOozyfNPdAXEGMNhopWPgnKh8C29WJsYY1DZAYfvJdXSXy_fK5IffBTF0aKFmCkxy_Y-obYZnsQqCYxde1urUC_MbbxQ2yMj7O2CvwWtulVH-Kp4nitID3NBhluPj-YBu7NhSlH2P1_j3MqOx-O5wZqVR1WOwXj7QLPfY3eGv49gAWvxLTxpwaW_Gh8u6RcNe5KwD8ig1LRM-XVDFY4gRfl4bz5oNFzgJiDsvHOIINRI07tYIL81KGJ54GD8zZHiUGQnrLyzyJ1TwJh0Wb7IQ8fZe7-XAr7AaIFjBFM_KcqvGAJiNCqpi2G1dI2pVwCB8uUNjhhmM2nw6cY7k0NaofHjf9D1m5U4h_XH6PWxlUZE3lraWSX9AvQEoEh42DikRq_oyHddDupXa_Ab6X-SnnbXVJux8wkC_9vufwlbPj_F4QxD40wKc-yhCSJgZWMj6mtkQ84rc7-LNLnIP_qs0N8iXcqmZkn8YROIusLnUX5ucFaMtD7irimNDvmlfQuVZ1OtQG21UyZKdfG2qbYRs70&sai=AMfl-YRNdqx0G8NrTkEq0rNiG-_crvHZNIGfJJmamrX-4eqIic4yKs5YjagqhjQKfl3Ln7q8K64edg2YV1dw-dN5y7lKMq74398ZD9PaPhp7Vw3Z2RXsHZLW1jT2YhDUa3Z8GCA-5RjU2dZpUM59EWqT58wzn-tU8Q&sig=Cg0ArKJSzKnDOJY8zviTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=479&vt=11&dtpt=289&dett=3&cstd=186&cisv=r20220413.00117&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F245 0
0 84ms
83ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIgiWB4UOvQ7yLwEfc-5QWzWfaLMVMZAaVDG1MmjI69KKC_t2KFQzBdw0BwZGoLfYHiGbyC27UauqARrOMBIOtAvC1C6_GMxlnIYXJdm4dl0rF6YH_vSKwxwJ6taZAOE4tQFSyVYw9u0wqlLBVAZ1qDZdIEAC5ZR-cXjmSpFgJxvU6qT_wQKjH8K7zVfPOjRD-BHVhDdJb0FcLSy3KKqy2-F9szRWrZTlgVHEAtDvXQn-ypGGzVDEh6g9uCoUraC7NYZ8wVnzWZ63os1H2ivEq4Yg48Eg4GEq8nPZXJ0PbvQTE0U9q_p_qhWrVFudnJsG1K7T9&sai=AMfl-YQXtxIHH5pqElaiUoR9V4WjOdRq-BPHdBEZTafL-H20hDQTDFmQwu8viFcHMsjkcAGnB5G13phf7F-AVUUTc4FlJJUHRT0ygAevzKIT1ZR-KBSK-heIRjUGiBDT4HI&sig=Cg0ArKJSzMOmTk-DG9dWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 15 Apr 2022 19:23:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F245 14 KB
10 KB 101ms
54ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e76ceb3ecf1c28ef3f403f4584cc60883cf34660960c0fb1931e6f72ca3f579f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10646
x-xss-protection: 0

GET
H2 200 peg_logger.js Show response
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame 1D63 12 KB
4 KB 38ms
27ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17662
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Mar 2022 10:03:55 GMT
server: cloudflare
etag: W/"62399f0b-2ea6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6fc70dd4af4d9136-FRA
expires: Sat, 16 Apr 2022 14:28:10 GMT

GET
H2 200 pegtracking_combined.js Show response
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame 1D63 30 KB
9 KB 51ms
43ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9007a72d0fa0a45bdb1ba8527cdfe7122636a3ae014d75d32ece4de4efea45b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17697
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 09:22:00 GMT
server: cloudflare
etag: W/"61fcf038-7633"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 6fc70dd4dfa09136-FRA
expires: Sat, 16 Apr 2022 14:28:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A39 0
20 B 80ms
76ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BifXjHMZZYpOcEceX9u8Pm-G_iAsAAAAAOAHgBAI&bg=!eXqlej7NAAZvJBiFTyQ7ACkAdvg8WsuuWnFSSKW25KKbyt5Cdcq9WdP2_bfECSatgO75ZsVnQS8-4AIAAADqUgAAAAloAQeZAxohY3n-ovRrLFKu42vo3PCY8guIH1MFguiHBkwxsVbaCDrAo5Zuis-WHvfED2JytDhCgaT_PThCfxHj66_F5NSaKqlwglRhyHf_mJ4kyJZOeyg7IG7G6vwuD8aVbwV4wEqmkYDre0ib8EsZlO-HtF2Ca3BBkrLxnJDjnSxkOQDNhwDQTXg4fJ-RE25ZaXsng6JETbbLvOy2FJrFgHUca3NvoV4fpFYs6LgwhRMvE0tzIFGNd-6l9cErcJ1DP_0tCAH0iqFt8HTysG8y1ahBbhwElhbPhiTM7gDzvy1GK66q2kcEq0Pjk8Yljtfmk-m3jT2lOyecmk7-w1KKWu45qi-bQvbDL53ApMTo631SGvh9IRTJ1rL-8g74gk81p_TOO6BEau_8zDaYOa2j3RbsW7SeoYUDIJyisCbplv8R9itFyN56u3DwAUHVQI9vgYvXdZNrBkFnelO8kZO5MrbYJxdrQqR0zNS-go03yBZQ_baKlFlbtN42J4u5nr0X6me0Ky8tTEVt0jIhqBicSiFq7NonSkCZ33iXjYVasrFWowvWuW8GsOcZHW7z_p3dhRezSj0KL6dMvjM_ryJUvKh5Ht9k3OUzKgDciEgzsVAB6jNS4hVi2ZwyrT8LlVYF-9dyXHWbK6uXbN4vp-_4vQ7KcCoxbV2teIyLNm6DY0itOVsZf-aZAKFPGRnIwtGPDmgvknKdiQ1u3MuhOimnr4O-UjBIDojxmXuld4WpzZXjH7opaQuYwBIouaRCZpR_2auVfuATuPUP4a3yIEp0-ykt38KBmyWTu-IHBEJV6EuY8_dmEDoASXdt2EI6-VCrp4Ylyie2j5vfVzFSDS7zAgB3X6vUb84iyjJJiKDSsAw0B5J4VaLKcaNPEEQ9y5JgzYXP1jHvxdHVeUSLeGv3mwNp_EmK1nDQl-juDPejzi1DvVUBrw_mjJ2qYOoEUiI3EauJ9XZC0Z7871P9FLhoVby0rH6OKHE4jOiKfoLW1Y8Y2B5tQKWY-VOAyQHK4Uc95U63O76D8a3eqaiK-lYDKRvh5VnpSYDm5WXQztph2g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900013.redintelligence.net/ Frame 3669 0
150 B 59ms
14ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900013.redintelligence.net/viewability?s=56500500188839704444550011930013&a=f007a748&vb=m
Requested by: Host: hal900013.redintelligence.net
URL: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900013.redintelligence.net/request_content.php?s=56500500188839704444550011930013&a=5d77e1a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 15 Apr 2022 19:23:08 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B58 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLIspHMZZYrTnEdOt9u8Pp8yWmAIAAAAAOAHgBAI&bg=!EhGlEVXNAAZvJBiFTyQ7ACkAdvg8WszwvQQFcsH1ndf26bBD8ninO9sS1LLYTv-2_0szzcpF0KUd5wIAAADmUgAAAAloAQcKABS5ZLG6u52MHzamze_G3AFQIHaSG5kDLLPShJyN3tXvEOkhUBwMdp7t85ATC63KW971XwWn5cbDaq98l5p05XldnKYBMMtxJlZG-mo1XdBQ4SwOjJKmVzL2gTViztK-VEjzL2DzTpc_AX0kndFS3_OfmR5ko5iwC5lV7JbOkB9Dh8yd3SCZSQDuq6R78eFiKkwq6b-y3OIRBWwYTwksiRnQQpLiw80i0i22U3kgQG4_6LpNMDX1datN1LewLPzk5jlkiVbtYidralyuNC5LOyhl5JCKkW-jDFvhMdqFQALb0pR0WNA84VRsUYS68dZztjMf3Ho4SfFPp3XwOSTz2aCPtnevVpqGBPxtarqB-D3VAVVcIoXTUJKu8WwHyZ3QB2zNth4q_WRe2GW5RHpBvVrHMwei9-H55qkMWmVanmkCbPR_FhNoNndxzYCkjbWNvM13mD3XXxjvEK9Rv-aWxN7gnJeUvgvEq8V9Zs_2uqX9R5A0haI1L-gqhIZRGUVgqtMRJB_XFnN4xOrTiqBR4efw_mmVQQ6Hf186LgFoFyuN2jd2t-HQ7uFq7q31zAaHUdaRlzKglZPzE4RRqtznKFlT96oZu8mYFGWd0pUDxo7lW0wu3S8ATfE1amRv__qUh8wJoREJO9uIKO4z9NzcjbTn57-0kB9guqD2wtJu7Qq_Z2XC6HE4LBUt9npOyR8OhU_rACmACUW2ChZmprv9_i84NH6ZuGXAl_Q1a1cAEwK1rKjnpOp70DILmOLAALOs53eW-l3kn77wdRtGByTioRPa9LWm0_envN1L4uTltactbsPqmmxj-Ws_pcYT_agh-T-i-GSrXCKNVeVD_7p9XzE_2yK1jhHVLxJ4bj9qIIzcW2_BulgiMOAMQCBE16nqTADpmVJ818lK5p-c7dILeYRosOKNOZ31p8fifpA_xfTzr9GDJiZ_QMoTq7qBjoghC-saiHy6POKpR0vTIxPZPeiVNF3KhZb3XfLBDfX40aPzHHffR4Taet71z5c4yyOagVC62jrERnQ0w26Y3fBvyr_icJ2C_riVOBvE1tSWzaSEFb2enHjefpsyAnl7aCRKaH967W4cG1jy5PgtdZ9JacZKsLd7

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eum.min.js Show response
eum.instana.io/ Frame 1D63 24 KB
10 KB 108ms
29ms Script
application/javascript 2606:4700::6810:cc16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 5 Apr 2022 18:00:54 GMT
server: cloudflare
age: 270757
etag: 768077806--gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
cf-ray: 6fc70dd59a489b71-FRA
via: 1.1 google

GET
H2 200 nvi Show response
www.parship.de/nocache/ Frame 1D63 15 B
412 B 54ms
50ms XHR
application/json 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID&ref=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F

Requested by

Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/json
cf-ray: 6fc70dd5184c9136-FRA
content-length: 15

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F245 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 19:23:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 876B 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 17:28:22 GMT
expires: Sat, 15 Apr 2023 17:28:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D51A 783 B
537 B 101ms
52ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7771a88d65a9e9e11dc2fba0309fc04ba72f88d1c42f519d6f20f6edb61333dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RPCMRRh76LgD06Cj9FTzkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-RPCMRRh76LgD06Cj9FTzkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:09 GMT
expires: Fri, 15 Apr 2022 19:23:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C8A 0
0 69ms
69ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIylooNH54ZI81hiBZZfDqpnZ-74ZKqY2XWlmcXitMhViW6pT238e83muUvHCNaOH0RSO2Qny0LcM5mLCzC9AfNDnxIL7i6BLk8ad2w7oYtaHHDNzKIyOx2fvj9jjFc-FFXYKClY2kH8QxcsVjCAE7LUYCyykyXdvjM_m66IwkXJ2gZ5ZqT6_t3WldBURcBqiMXA1IelFS3S0ja8n4JN7u7nOM2cKKLf2ftqhoqU6nygF8L9_8zb6wsoQenNn8yWCYksUdVT6DfeIJigstU595T9bKRJBScLjsgfEOaUcyMxuO3a4UD_rXlsuNv11caqA5_ILPJ9Qf&sai=AMfl-YQ94E5OGe7zTwl4SKupg64Q6KI94lgYx8Gpy0OK7VrheYCMez7pwDIMCLmmnhbKzAQbLNvkYJXjy1frv1d4OMBwb4KehFyEBM6oCAMQZcDjvIZraetNKJ0rQ8D1m6A&sig=Cg0ArKJSzBYtbItgIkb3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 15 Apr 2022 19:23:09 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3C8A 13 KB
10 KB 49ms
49ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

435bb76cef92fa837c79a8761caae0e4fa81f8df14103b77941cd8e29dfb9cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10376
x-xss-protection: 0

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 876B 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 01:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 01:45:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C8A 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 19:23:09 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 55ms
55ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b79f9bf826ae7382bc588e6ec5a14e85eba1b7d58d6430425ae10990d713af74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 15 Apr 2022 19:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10580
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D51A 0
0 93ms
91ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=1752089255598005&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9562 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 17:28:22 GMT
expires: Sat, 15 Apr 2023 17:28:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1B42 783 B
536 B 50ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6cca10ac34ce46ad5497f208aa88f76f546cc1d2576ed004578fdde1b3e40b25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xJWSIqbJXlkcZRGVUfAYhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-xJWSIqbJXlkcZRGVUfAYhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:09 GMT
expires: Fri, 15 Apr 2022 19:23:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 19:23:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 876B 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f0EH0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1B42 0
0 80ms
79ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=3904327303445832&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9562 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 01:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 01:45:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF04 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 17:28:22 GMT
expires: Sat, 15 Apr 2023 17:28:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1265 783 B
535 B 49ms
49ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f29d0fe2cfe7a8d21e59c15d5d7bf7d7713543795a386ff495db075e5e14887a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HIZ5by1BCht/7EL6c8MZWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-HIZ5by1BCht/7EL6c8MZWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Apr 2022 19:23:09 GMT
expires: Fri, 15 Apr 2022 19:23:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 16ms
16ms Font
application/octet-stream 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 7ms
7ms Font
application/octet-stream 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 2046077270.png
cdn.gravitec.net/images/users/1642479991123869696/ 6 KB
7 KB 7ms
7ms Image
image/png 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1642479991123869696/2046077270.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 97ba4a1b5e275f47dd46121275bd0148ac3be43bb1b302613a4d06923a50fb18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Fri, 15 Apr 2022 19:23:09 GMT
last-modified: Wed, 03 Jun 2020 11:32:56 GMT
server: nginx
etag: "5ed78a68-198d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6541
x-proxy-cache: HIT

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame CF04 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 01:45:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 01:45:18 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4AF2 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu24SaZaeznaY2kU0WbWvpq2ZdDfbbIB0Dz2QVREMg0NNlucQzH5H3P3NUhlmcDPov9EacSQa8d04rxgPWkg_qkiI380X3WH9nZdLJd8CSx6-9T9n5kLw&sai=AMfl-YTW0yxlSbw41D2cVuif6T8YiP8bxz-lOUIhdS_1QGd7lfECfPkJMZkWbXolE5Dg4AqXtwOpi-nJPkzG-NpQHE5sWM3M9dMOXWo&sig=Cg0ArKJSzE1hVe51AQ7YEAE&cid=CAASEuRomJ1pkQsFZJJwOUzZyloAGQ&id=lidar2&mcvt=1004&p=0,0,90,728&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2872405833&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650050588266&rpt=243&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1265 0
0 80ms
79ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=1441686392116815&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9562 0
9 B 42ms
41ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WDPiCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CF04 0
9 B 44ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AvIGUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 19:23:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F245 0
0 105ms
105ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=1752089255598005&bg=!IiGlIWXNAAZvJBiFTyQ7ACkAdvg8Wq9adUZK1CL7dqfdOiu-8GL5zkCfqMxMUILCXS3fc9MN6dt55wIAAACbUgAAAAJoAQcKAHr9iEFM7vdr5cGPnZ1BRgxEeTDK4e_0BqP18lhBPi4e6ogcrW-gdZlMzageXN-AyJ65proT0YF_xJIVeL-eJRtVSwjFHUWBZAFvNbrPww5XzGH1xnet0B3SSYvFGjXxp2QFOXmckvmuqtVnyBJ4D4EJ1vP7kNzWELAdApkC6P27OnmgMdRkXHyOvsKy4weD8ahu1e8cogJ9tKiBUApJdmsdR8aNEvCKL8PxE-_tFa8JHrrp2eLYh6qcnYGHkTR-GV8aJiwxd1qEiRFWA46adJ7AnAVic0edCd7f5qM9QjjI3IVzB6faRGSk44YHF_BktOZuxSFCixMIOyvDsIwPTSA4gm7oat3AG71jUfmb0OkqVP5HmL8w7Ko-drzYize4zPHzTHXvkKDnyclmNEhbEqRM8FtPXRD9Hcm4szPdgUEItfWd0WRVzl1hznndB1Bzdi8cvxueCOHbOstaxNMMANhAo497eC5daekjLsigvVqS01Es4KxGJ7yIT5J_WZkqCD0W66-VXeGqW-ftXerIe9zWymQjOxA9k5JC57X0RyD9W8X_o2SPW3Lnlu1qlfH4pKryDebVw5JO1RQoLoVtxAJZb9iv_Va9kmvo-F5VKcZhVEnW0w2AqhCThPJzHBgK86gp5nt39nz9GsFxUuiQ4gYdsheV17xKcP4dUc1h4KJP25Sf6RTzavDPX9bcNn7sZC5SAl-rQVEL8b170KLQZD4HQCxn6Xt7yKYAVSCx3RjBsy4j2ZognLg39bDinhboEJp5cktod5uSftQ1dL8C30tov9DWIsnpOdyTnsRFr2RayP-fdY9fC5GLoaWzJ4dmn2jE_hxmqX8ArwRi1nfvxg92FaHx9ZLMP3hAy8REDazqIGDdExjgm47kYj_2_5JW7z-AAKImf_LesCUVPQdRk7b6gK-nI7fM6L-1jJ9VqDc2QTjuQnfO2gZD73bpobTnl3Dr4NFLHZXLJY6lwNUmI9SMBbiKi16BCZVhReQuuKLUEMzT59ihWi4guUOcjyEsNGrWolUZJtgIJP4af68YIGL5QAl2iaS1YbZaEsK8ZzB4PTvK-hbACGQmhkmpmXRktQ9_2tsi_nZ_hL-eQ7VzVpOhlrhgCG3PV14TGJIr2wnN81JIkH8aZNArWWRo0H6QFNUQVubNHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F245 42 B
64 B 68ms
68ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUyF6ql3tKyVLY-usCXiM5i-D22rMZyHQYGiFp2be4rl_oBbeDuywlgV12CJSP6Je3pcAe1y9hHRCP3rlEUGCZ11OxIagN3RNKyYVRw6LpsRihxZq9&sig=Cg0ArKJSzPICeWsXGWeUEAE&id=lidar2&mcvt=1000&p=88,240,178,1210&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2389199358&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650050587258&rpt=1593&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Apr 2022 19:23:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3C8A 0
0 108ms
108ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=3904327303445832&bg=!GRqlGl7NAAZvJBiFTyQ7ACkAdvg8WtCRtRlObVVPcXXAmbFs6oej84ae_pif5sDIk3m1abzhxcYiBQIAAAClUgAAAAFoAQcKAGH6vOF7zM99w6CnVVH8ET8B_PxhdOFErrA7hwsCKiLYrInriUyfTZm_yk34LazeAQnbdo0fr5hJdsMa-8edwQc_Fv1goHg_QSZQqCWsnKFdEpOKxnnQT3V8AugdY1jcHhB8mQLwdZXSIsn4lEXECSfH0XLIsiKUhjTkpEsaZ0NVDpH9x3pxpzu_8Clb4_jlKG5twn_m-96jvrFL5zyJysvV6pmduAG3pmxLGNXD2jDLSEyd_Vu64fs9uTvOfHp8vM51fKfEyZ61K8bBfrpWu9h8p29eqVTEf-iVBMb1r_en8vMe5C6pnljWWp9P2fKxGxbDDlHbVQdEsKP4nyKN6WQZ8Va2hgWihzTGK8SYEp5J4hiIyXFI17OjmmufoMV3PkKgYWk1y4xjOIv0Re_cRXuokgMgo_Hl9BfZ3qdkOPxhty_BdZQY-0L076hBXRZjCzR9-rFffJ5RRFlBqDcdzudkaAoyX63uh_1_Qppa_gSiFl3x3pfUroGXb9i8xFoMCFlbXoefLP3Aqy7De5Jips0xGltSUBQfvf-HE7DQPECxEMWANgkqIEQ7lEHLTeXL4n_z5u68J9BVAPSlaYTWUJ9KBWUg1PVYy6M6LFvjonHbFpqyer3BrpehjQ_NiaHgOJ9KpNllphXwNGW6_BUB6QwZCf8ux3AZ41nZjN4TSikED8o0MRiVOh8LUL6WLIpYn4CZvcDTCYbdJSFyDJiHkEi0RR_wCLyAq3j74SHP5ieNjKlKCFHy0kHpy7QR3Zp0ONNaSCim1UD31qP3yL8owfnValb45ElZkTQN4EHDu7S4deiE180pu3zKmrmBA9mdZ_BzOwtsaCQrBPq11cRgRbyB4usJR8elXB44kOJUynQrlgHg8tYDSvfjjA_dYgmxWkW1vMDHurkXqV6NT8Tw0EvHOFP6wLbhsyfospfX-cJpNY0zrDqNFP5GJcdoPRy4qcbyxmSpXJd5eJsfyzcNNykYQaTww5H-K7_Cn_4_-Dh3LXB-AH1LWiC2zR7Qqa5zTvtqE37RKkcsSDb6GTsYr22XbsetXdvVpvqvcJ0SOxNQzYu1TKSjEonv_NvnWpPgIHYFMV22mlwqnulF-b4HzJmrxrxeeoeJBwN9pFcD0SE5SMrb8IU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=1441686392116815&bg=!qaqlqu7NAAZvJBiFTyQ7ACkAdvg8Wuw0Je5v7TPPTAMi5yVyxGcnyg7uutmA5alUmACwKR4CiCXHZwIAAACYUgAAAAJoAQeZApw0o3O-J4HladsdmAgD4QgAhSrX4DTSz3zkEBZTN4C6Pcjs_Hp2cB8p-TsDKXt2yy7RiUF2zpvxDN9j60cB3CLZoXpRXlteBDB3EvYiWMfBcYmEt8onCRw0STtjgvgDHY3VWc0FNXS_tKVIRur7nDruMju0d25fI4IryVzxsLb3F_RAc7_RWevVnTlxLadV8osFDgS0NOz5P7nb10Tr8HPko_G660A8IZ2G-TrxbWscQs4joonh_2Z3jCiX5NdkMzn-EjHmBHKoa8OakFPG-7df1_8vGItprmYoAHNh3vRpxY9-vs72CJtsZyxPK5LYS1zGjlRhkYYsgA89yYt5bFzaQQOl0cw69bfdzAt8V78MWHsoXalmzeUbDuimhACAiQgRxyZFSzh__ubIhpyJCjP8SIpBHH7MV6rkbKbx6XlKyzxR55I3xlXtdGPqaacmQq1eHWFPzEcblOPm-TlHIqSqaXPMdReUEiLwIQDS51wdKuAWMM8F_W66ldef96p8fmO0umO1C7vzpu5W-nAHWAVlUElF08I7X8a0PfRdga8OVy3Cl8qShQfD7inMBU3M2AnagPhpOJb-rwdrlfs_-kX2O9dont-mNNBCDf1-8S93R2m32t_o6WurVmXydaATyrAqRle2Jof21cdn3x40Ki_OgwEZ5bAWKDg1MqjWYKIdYQZRGfan-mlfNVhN8t_CnzZVUXiIsWKjTscRQhBPrHHX0QMG2gmR6XsBv4SRWAcCq1HAc9WhBI1vnytrV394LKGVTi_OfxuqviT7Asl-pejiQ550PcqWqzqyj6oB2yVUvgciomYUJ7l0SWJOVw8nmetZCtHDVm4Bjgtg_a9tVgt1vmTAeBlEo-89nJ94FfuxPYqy6QerdxUh_7PA_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: risu.ua
URL: https://risu.ua/push-worker.js?version=6&appKey=acf6494db584a05259a7b96ad5661584&track_inactive=false

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGWCDHdsWLEF34EU15Euk-0&google_cver=1&google_push=AYg5qPJviOnMaDlFK1-CjaZ6MpwDZkoWFwNv55bcVkbWhfECuKzo0843lWDBu2J5Kk9OoVvKm4py5V_h-pm3k5M2t7E1rN8CNBmtMA

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGWCDHdsWLEF34EU15Euk-0&google_cver=1&google_push=AYg5qPKIBwpPEyeAvh7xGI3TsY9XC_5XLUmhbkS2rdn7z0QgsP6WSqUxUpgtpWu6Y2KmDGDzLWo9E9LklClTunk3d2uQu2PXSoOt

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
risu.ua/	1970-01-20 11:06:26	Name: hl Value: uk
risu.ua/	1970-01-20 03:04:02	Name: device_view Value: full
risu.ua/	1969-12-31 23:59:59	Name: b Value: b
risu.ua/	1970-01-20 19:52:02	Name: GN_USER_ID_KEY Value: d4040279-1b35-4624-8717-e0734691e6b4
risu.ua/	1970-01-20 02:20:52	Name: GN_SESSION_ID_KEY Value: 0844bb96-b351-4461-b5ce-f5b3c3e584e8
.risu.ua/	1970-01-20 19:52:02	Name: _ga Value: GA1.2.1570595480.1650050587
.risu.ua/	1970-01-20 02:22:16	Name: _gid Value: GA1.2.1495686004.1650050587
.risu.ua/	1970-01-20 02:20:50	Name: _gat_gtag_UA_11950234_1 Value: 1
.risu.ua/	1970-01-20 11:42:26	Name: __gads Value: ID=d080140e1d975897-22e9225c76cd00e2:T=1650050587:RT=1650050587:S=ALNI_MYF2OFL3x8LqaZTyQe_qmqJWQtqOA
.doubleclick.net/	1970-01-20 11:42:26	Name: IDE Value: AHWqTUlqhqnjHyFEwXqgL1-eeIOW2It6zlr3uXKYmJSLytaxZTQyLF5og2HnHNgBejY
.casalemedia.com/	1970-01-20 11:06:26	Name: CMID Value: YlnGHA7RcYJmVA1hjKf-4AAA
.casalemedia.com/	1970-01-20 04:30:26	Name: CMPS Value: 3270
.casalemedia.com/	1970-01-20 04:30:26	Name: CMPRO Value: 1158
.casalemedia.com/	1970-01-20 02:22:16	Name: CMST Value: YlnGHGJZxhwA
.adnxs.com/	1970-01-20 04:30:26	Name: uuid2 Value: 6674172583243021379
.adnxs.com/	1970-01-20 04:30:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTueovu1!]tbPl1M>e)ZlrFUfJ+tGXxp$VB`z#A)33J9%U8=?/OqL]-`ki_.zr%pIJSHbpRzqF1`*b^fL)w4l3
.redintelligence.net/	1970-01-20 04:30:26	Name: 8lcfmzhxc8d6_uid Value: 2a9b782ce43bdcc4
.casalemedia.com/	1970-01-20 11:06:26	Name: CMRUM3 Value: 2d6259c61c2760CAESEFfJ9GwBGoJUDzbWKxCZZ0g
.quantserve.com/	1970-01-20 04:30:26	Name: d Value: EEkBCQH0JYEA
.quantserve.com/	1970-01-20 11:51:04	Name: mc Value: 6259c61c-84dae-42b35-de1c7
.pubmatic.com/	1970-01-20 02:22:16	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:30:26	Name: KADUSERCOOKIE Value: 56C56A39-A392-4436-A593-EC628783BCB4
.adtriba.com/	1970-01-20 19:53:28	Name: atbgdid Value: 843d0400-2b72-45c5-a03d-e662a13549a8
.rlcdn.com/	1970-01-20 11:06:26	Name: rlas3 Value: Ba892LpxWR4sJcnsrshca+lnAyNZKnMjG4GQGpyhpIQ=
.awin1.com/	1970-01-20 02:22:16	Name: awpv11524 Value: 296283\|1650050588\|7b7c59d0-bcf1-11ec-9b3a-22623ec29485
.awin1.com/	1970-01-20 02:23:43	Name: awpv11830 Value: 296283\|1650050588\|7b7c59d1-bcf1-11ec-9b3a-22623ec29485
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338577
.rlcdn.com/	1970-01-20 03:47:14	Name: pxrc Value: CJyM55IGEgUI6AcQABIGCOndKhAA
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_si Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%227b864c2e-bcf1-11ec-a2b2-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bi%3A1650136988%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/	1970-01-20 19:52:02	Name: cjcookie Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj7b86697a-bcf1-11ec-a2b2-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1713122588%3B%7D
trf.greatviews.de/	1970-01-20 06:40:02	Name: mcookie Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%227b864bc0-bcf1-11ec-a2b2-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221650050588%25%255712300%25%257b864b02-bcf1-11ec-a2b2-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1665602588%3B%7D
trf.greatviews.de/	1970-01-20 02:30:55	Name: ads_pu Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A1650655388%3B%7D
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_ps Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bi%3A1%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
.www.parship.de/	1970-01-20 02:20:52	Name: __cf_bm Value: 2zAJ74yfqaUZCv4yuH2UC6INGpmscTwdG32.SfOJv.M-1650050588-0-Af35zBYI+QrqLVjoArjtwezUwo5hX/MmZcWO2PFfCUX54fHnbhpqC1Ad/y0D4VX0HUu5P3ETyvyPReLYnJp1CY8=
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hpr4qg3ehwegpwg1tkyrmwfc
pb.media01.eu/	1970-01-20 19:53:28	Name: DTU Value: EB62FFCCEAD00F732BB0FFC9D038D39A
.parship.de/	1970-01-20 02:30:55	Name: NVI_LC2 Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID_TS%3A1650050589
.parship.de/	1970-01-21 04:16:02	Name: NVI_FC Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1650050588.5712300.7b864b02-bcf1-11ec-a2b2-00155d255900ID_TS%3A1650050589
.e.dlx.addthis.com/	1970-01-20 11:51:04	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:51:04	Name: na_id Value: 2022041519230900015151445257
.addthis.com/	1970-01-20 11:51:04	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:51:04	Name: uid Value: 6259c61da1c3a7b0
.addthis.com/	1970-01-20 11:51:04	Name: ouid Value: 6259c61d00014c03ca47429e597f46291515a638e256e72a544f
.dlx.addthis.com/	1970-01-20 03:04:02	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:04:02	Name: na_sr Value: 20220415
.dlx.addthis.com/	1970-01-20 02:20:50	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:04:02	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGWCDHdsWLEF34EU15Euk-0&google_cver=1&google_push=AYg5qPJviOnMaDlFK1-CjaZ6MpwDZkoWFwNv55bcVkbWhfECuKzo0843lWDBu2J5Kk9OoVvKm4py5V_h-pm3k5M2t7E1rN8CNBmtMA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGWCDHdsWLEF34EU15Euk-0&google_cver=1&google_push=AYg5qPKIBwpPEyeAvh7xGI3TsY9XC_5XLUmhbkS2rdn7z0QgsP6WSqUxUpgtpWu6Y2KmDGDzLWo9E9LklClTunk3d2uQu2PXSoOt Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlnGHA7RcYJmVA1hjKf_4AAABIYAAAAB&google_cver=1&google_gid=CAESEDQehozV686Q-EUjf5dfQWU&google_push=AYg5qPJpqfIG-sQ1mPJ9S9X-Sav89xgpUYgYfZfAE3laz_vGJNmd9kH_vpKt_fgIITu6JjShGHJ9PPPOHcjobEXZBY7x8vb43tZS Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
adservice.google.com
adservice.google.de
api.gravitec.media
c.bigmir.net
cdn.gravitec.media
cdn.gravitec.net
cm.g.doubleclick.net
cms.quantserve.com
d.adtriba.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
e8a4dc87326c207cd704aa9381093885.safeframe.googlesyndication.com
eum.instana.io
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hal9000.redintelligence.net
hal900013.redintelligence.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.everesttech.net
pixel.rubiconproject.com
pv.medialead.de
risu.org.ua
risu.ua
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
trf.greatviews.de
us-u.openx.net
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.parship.de
cm.g.doubleclick.net
googlecm.hit.gemius.pl
risu.ua
104.111.239.217
104.111.242.245
116.202.48.214
138.201.63.164
142.250.185.66
142.250.186.130
142.250.186.66
142.250.186.98
145.239.193.130
18.184.26.149
18.202.199.206
193.239.68.97
194.44.175.95
198.47.127.19
2606:4700::6810:cc16
2606:4700::6813:b979
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a06:98c1:3121::7
34.98.64.218
35.186.253.211
35.244.174.68
37.252.172.123
45.133.44.3
45.133.44.4
52.174.47.89
54.76.176.197
69.173.144.165
69.192.160.219
69.192.160.245
85.239.105.10
88.198.250.30
94.23.99.218
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
025c20fb10b4e6e9e50a29fa5b98dd467363247bdde0ac5783a4f7aaa089d86a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
05dd10259e050908c5800c80aea9e234205f84ad5a287c95ac2538c5b447c950
06c3c78658ced02c04d2e3c64352e3826410cbabca43309338f6b56f9d935d19
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
081bea1f69d4c8d86fa4f6fd61ea4348249bc79e2b967399b96e72016e3676b7
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e571a606de4d37373afdb6f9cebc7f0bd2c2f2cee7cf31261d7c32a5e35d121
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
151a7259f7b7ba9f238f2597a72cce7d2671faf4b4660313ba5c0856eeca1bc3
16555ef1cffe3379aa4a915ec6a51ebf338a0d51ffa4409a3da31e0bed2c2cee
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
21957c013694a56bc982e2139c09a521fd3ce659a9c5e539d992bf7d2215a019
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c7ba7dacd1fb2729340d88f61049fd6fb901a246ed3b07a81561ade0a8ebf4
26d02cf659048aef8e7da80b39e42f21c8aa169d586d951a2e2d4af555ccdacb
27426181890ce4b872308f6771eaee96d14f67043c49aaaa1c43ad1f752387c7
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2c75b8ca7343457352a8890c3b58e5d434f6ae87928956f12fe123edd66eab7a
2cbffe2136b79d63e01902998025b4f492151ee3c7d084dc5ec2d3a96145a8f1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30c9c218c59a131fa94959c526e27e7335018c04425ac5c02b1ffeb7e55b9962
31ae2de0adfdf883af557744dad1f9c2bb15c0234d4fe2804627bf48787d1c33
3238462d9b997dc1adade939293897092b3a259de0b1d3c4ea617d8b297cc4c1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33430a4e18aa10ce687b1fa837f8d69cbd82f5f16ae8bea30c44c6546835f77e
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
351180a2e4f5cea27bf98218a88af6888acdd476973ad50710dbfd4ac0d7ed06
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37ac7f1471139dba4812e669add5bb3afed07adc983d26670e807d60abc64594
3e389dd1005db17be5e79f39ed92a2ac14f5e545ccb4ff0bdb32eb573707c292
3f3048328ea976c336c13ce30d86374bfc6036a0dc0e6efba2eebefc1040bc1e
435bb76cef92fa837c79a8761caae0e4fa81f8df14103b77941cd8e29dfb9cee
43c03b4c6717847e16573f7ae823df8bf1df9fcfa158360f79b2f10da31adbe4
45f0783d5695f7b6bc2b6db15c813d63525bf53fd48021c818ed4ed220c7074c
467ca9a0c173f3885961822b419e20a09de9ad517d3df9cc43f5020ac2fae437
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5ba4bf4fc24aa6dc552010b947918e296908c1947684333657a6188b67164d
4c0eaa2887a0752b226940babcf52d8041babb181409b1bc233137e625bfd455
4d8917ea115d9893eafeeca063e4ce7fa5c99dfbd592f8186cb5d54d16e21bbd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2e744787dcdfb50e0aa6ff2612e5531fb7b13334f5636216fb87fb49986f2d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5576063cb1d6eee83799dd58a65a4c81cba09b6e86eebc2e12b43faef0a5f381
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582968901979b2af9066448b8cc8bfeb6c0fb983041317324d1dd43c396a0848
59e8d2cc5c52ca031748b9882882c15a74b168f517381a583d83a1c469b21205
5c75b57fb03d56955a7ab7143ad8c15fa72dcf329c174f26bd95c75d132e498d
5d64f059fc67e71cf4581939924f2eee647fdab27e0ffe32ca289d0fc6e6c07f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
65e3c2f9a07bc4e2d63a12b985a8470ed7b307ced714b009bff7907f0ad6d783
69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb
695551a844068546447a6df1581e2b220e4317b44e318e535c730dfddb8c3f84
6977a4964a998af15079f965e3c7e181ca67b3170c14437993b08e1de3fd4302
6a77560cffb10516a81a0ecd03a1d373fd4d5778d6e6f3a59058d925d91b483d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cca10ac34ce46ad5497f208aa88f76f546cc1d2576ed004578fdde1b3e40b25
6f06a81429d1e056b95896230fcd4333ef48f831b4c0e5795a6a9be617fb7bca
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
7089cd256fb80e65626730d83693bdae5f8d5ddd7a1ec9bdc1a0ed930c3bdca1
734e02e4d64bce8c4125595d235b57467b4277c1f62172ec9b9ed14fde3311a7
7771a88d65a9e9e11dc2fba0309fc04ba72f88d1c42f519d6f20f6edb61333dd
79b775326d9c3f18c893826981dcf4eeb26d7b9588e3048d7b2b9498adb41f9e
7a92ca1bfb477f8a251e768ab46d7de2698f4515b25827e7cda614f53604ee29
7b8b4801b20c34b012de161039f1f859b2fc80644711ea4f2bf9611a75b41ce7
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
83bb1c1433004062c48e4014f8e4f9eb11790090df84c21df06ba2a7d5634360
88e1ab7f96c2ac58b57851e24306c1d0bddcd8fc15c2ba85a4cbfd93608cfb5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9007a72d0fa0a45bdb1ba8527cdfe7122636a3ae014d75d32ece4de4efea45b4
914ea28f6ee2d1345fa130a7477a87374136664a28e88a2f2a3705bbbcb9b228
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
960354bded7022048cfab4ea407d8a46792bfd7c11eafb5dec82f08099a3c74a
96bf7b392bc871730e71f2ec0b70c282662e6c256b77b30d50a983892dfa2e9b
976004e3013568dfd055384ead521527c0177e9c1abba672b18dfa9a67f3e157
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
97ba4a1b5e275f47dd46121275bd0148ac3be43bb1b302613a4d06923a50fb18
9a9a3ec0c9652abf8ddc1ff43f16475fbeb02cd510e9cf9d0a3a729200dc8312
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a39a8fca170c2500aa3a659d9628cfe602522d33191ef0a9ba395d315b49452b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c61d4c30e1d5dfab6fcab843dd3aa7402ae59a8a5a33c265e42bd755a418b1
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acdce42d98fae766eaab50437adf696ac3db02d8961510879a597ec4dcf3fceb
ad22f7b4b8296952e81ba21f79f6fade48de7de9386321cf8305a75ed6ab43c2
af848f4cfd4ca713e249c26e739c5da98ce59a9b38f5e7811f41ad2605123ba7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16a8494caaebe8f8113d4319897715bc664b1708bde9ffbfd85e7bfede0cd30
b3ef1c1a0f5a027c937ca9f20ffe65773796f38a07bd9277115ad3ed5c6791dd
b79f9bf826ae7382bc588e6ec5a14e85eba1b7d58d6430425ae10990d713af74
b9ff1a0033ed24a5a3274d4792174cd0fbfac2da714ebcd2f0e6b38b96dca3d4
bc17bc7bd77c3964e9d71c2df3f1e6a70437059ba2ee261f21d6fd54f964c57c
c48b8380ae487073a7c3353ad9753891fa4a4de4eca80966e9a61d9e03afd8fa
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444
cb511816e2641b5d54a718b6d2b6e2be81a51cd9a5df9ce627cf915d124a4e16
cbc098b106cb6c879d78f3fcf5cb3cb9ebfcceb6a60bbf8cfef355ebb661d924
ce3158f1fc0138d17fa3fc4d8c43b45b652fd27820cf1680b9fdc7a2246b6e6f
ce501a62d0b7206c725595f525fc46c7b2f56b27266803c7dea473d2a5b0eaf9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d75327d5842aadf339f8e3e1c8c175013009eac6cdf2b209a23aa094dc36f267
daaa25f958faab02cda2e6d8594c4a56d7241518e0301aea58da76ec0d0d5442
ddcdcee860870f3376e2bbd699c7ee6100b0b207a44052354393254c72c37506
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d912ca3f1497bd7a00e7044519bfa14d184b7ea37d2010e2e42de8f0933b00
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e76ceb3ecf1c28ef3f403f4584cc60883cf34660960c0fb1931e6f72ca3f579f
e98ef43ec22752ae124b3e46f4a45fff226f4203a2e100aa89cbce250d953247
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ea7c468fcc21916cd32aa42ef2b215c362c263bd8464347f2c2db9ba802a265d
eb18b5207e493a33aaa0270696766051851f6b170250d157e9e139fc70928265
ecd5dd4ce320f783a40597f79027f2187cbe41497a923f25305b98665bfe9b3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8ad3e830d8544bdc63581734e53e87e549504fea5391db4374042ba76e34c5
f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944
f29d0fe2cfe7a8d21e59c15d5d7bf7d7713543795a386ff495db075e5e14887a
f3404d30f1b9956025fd6221078b56ab9f3301a4af97ddaeb3ef8cc4a8bb88de
ff01ff6ace5d9aa42c3d0de10e679fb0a576346936536997fa681793db1915a4

risu.ua Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

90 %HTTPS

33 %IPv6

35 Domains

45 Subdomains

35 IPs

6 Countries

7887 kBTransfer

10972 kBSize

47 Cookies

4 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

risu.ua Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

90 %
HTTPS

33 %
IPv6

35
Domains

45
Subdomains

35
IPs

6
Countries

7887 kB
Transfer

10972 kB
Size

47
Cookies

194 HTTP transactions
4 data transactions