marikpost.net.ua Open in urlscan Pro
185.230.89.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.marikpost.net.ua/
Effective URL:
https://marikpost.net.ua/
Submission: On March 30 via automatic, source certstream-suspicious (March 30th 2021, 3:30:36 pm UTC)

Summary HTTP 210 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 29 domains to perform 210 HTTP transactions. The main IP is 185.230.89.42, located in Kyiv, Ukraine and belongs to THEHOST-AS, UA. The main domain is marikpost.net.ua.
TLS certificate: Issued by R3 on March 30th 2021. Valid for: 3 months.

This is the only time marikpost.net.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	185.230.89.42 185.230.89.42	56485 (THEHOST-AS) (THEHOST-AS)
8	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	3.212.69.80 3.212.69.80	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
27	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
20	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 4	52.39.207.175 52.39.207.175	16509 (AMAZON-02) (AMAZON-02)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5 5	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.126.239.96 3.126.239.96	16509 (AMAZON-02) (AMAZON-02)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
2	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
1	13.226.159.63 13.226.159.63	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
2	54.72.18.9 54.72.18.9	16509 (AMAZON-02) (AMAZON-02)
1	99.86.3.101 99.86.3.101	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2013	15169 (GOOGLE) (GOOGLE)
210	30

52 185.230.89.42 (Kyiv, Ukraine) 1 redirects

ASN56485 (THEHOST-AS, UA)
PTR: goukraine.net.ua

www.marikpost.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marikpost.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.69.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-69-80.compute-1.amazonaws.com

platform.vine.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.39.207.175 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-207-175.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.115 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.239.96 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-239-96.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-63.dus51.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.18.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-101.fra6.r.cloudfront.net

analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	marikpost.net.ua 1 redirects www.marikpost.net.ua marikpost.net.ua	3 MB
49	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	381 KB
34	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	104 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	171 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	386 KB
8	googleapis.com fonts.googleapis.com	5 KB
7	google.com 2 redirects adservice.google.com www.google.com	1 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com	5 KB
5	pubmatic.com 5 redirects image6.pubmatic.com	4 KB
5	googletagservices.com www.googletagservices.com	171 KB
4	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
4	webgains.com track.webgains.com diapi.webgains.com	99 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	addthis.com 4 redirects e.dlx.addthis.com	4 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com	1 KB
3	quantserve.com cms.quantserve.com	883 B
3	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net	5 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	m-t.io w-it.m-t.io	280 B
2	awin1.com www.awin1.com	1 KB
2	google.de adservice.google.de	2 KB
2	cloudflare.com cdnjs.cloudflare.com	8 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	304 B
1	agkn.com 1 redirects d.agkn.com	665 B
1	googleadservices.com partner.googleadservices.com	644 B
1	google-analytics.com www.google-analytics.com	171 B
1	vine.co platform.vine.co	2 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
210	29

	Domain	Requested by
51	marikpost.net.ua	marikpost.net.ua
27	tpc.googlesyndication.com	googleads.g.doubleclick.net marikpost.net.ua tpc.googlesyndication.com pagead2.googlesyndication.com
22	pagead2.googlesyndication.com	marikpost.net.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com
20	cm.g.doubleclick.net	marikpost.net.ua googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net marikpost.net.ua
10	fonts.gstatic.com	fonts.googleapis.com
8	fonts.googleapis.com	marikpost.net.ua googleads.g.doubleclick.net tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
5	ssum-sec.casalemedia.com	5 redirects
5	image6.pubmatic.com	5 redirects
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	rtb.openx.net	4 redirects
4	e.dlx.addthis.com	4 redirects
3	track.webgains.com	as.ad4m.at analytics.webgains.io
3	pixel.rubiconproject.com	3 redirects
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	cms.quantserve.com	googleads.g.doubleclick.net
2	w-it.m-t.io	analytics-wg.webgains.io
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	as.ad4m.at
2	as.ad4m.at	ad4m.at as.ad4m.at
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	marikpost.net.ua
2	platform.twitter.com	marikpost.net.ua platform.twitter.com
1	analytics-wg.webgains.io	analytics.webgains.io
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	ad4mat.net	ad4m.at
1	static-de.ad4mat.net	ad4m.at
1	googlecm.hit.gemius.pl	1 redirects
1	d.agkn.com	1 redirects
1	prod-rtb.ad4mat.net	marikpost.net.ua
1	syndication.twitter.com	platform.twitter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	platform.vine.co	marikpost.net.ua
1	www.googletagmanager.com	marikpost.net.ua
1	www.marikpost.net.ua	1 redirects
210	42

This site contains no links.

Subject Issuer	Validity	Valid
marikpost.net.ua R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.vine.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D2	`2021-02-10` - `2021-05-11`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://marikpost.net.ua/
Frame ID: 6D14829248DAFAFE9201BAF86C353050
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Frame ID: B097014623B3C874FF54DA5DC10A4728
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fmarikpost.net.ua
Frame ID: CECA18843CBCA190F0818AAFF5D43B31
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&adk=1812271804&adf=3025194257&lmt=1617118218&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmarikpost.net.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617118218177&bpp=16&bdt=662&idt=193&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8560235720329&frm=20&pv=2&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: AB775BBF755D35E0797006A527AE3926
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45
Frame ID: 12587EB31EC83C98C9F0FAB6995FB212
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57
Frame ID: A94782826DD1479FB45026121DDD3A84
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=1391495236&adf=2082721316&pi=t.aa~a.1343261652~rp.4&w=393&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=393x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1104&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=1jhAcwVyS3&p=https%3A//marikpost.net.ua&dtd=64
Frame ID: 3D842131CA899282A077DB25726CACDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72
Frame ID: 63B44F05157C1A822E70EB3C0FBF0267
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 69335EC1885BDE858A6106D6C6CA0A4D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E5033B89D53517B7A09FB4767A2BCCD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSBkfCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwAFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZOm3syr-fsEfrZGqgLiwb-uWuCABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi0zNTk1NjYxODIyMDA3ODI1&sigh=soMdXCmllHc&tpd=AGWhJmuzTftUSeJ1BUamNPl_NZOPBuTFYtTU5dazBiqouCaPfg
Frame ID: 10236CC4255E966AF5AD302EDEC44F43
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
Frame ID: 586936FEFAD1D806D0DE0E561E3A8194
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C479A85E50FEA7DAE646F863E6DFB02
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Frame ID: 1F39322ECF6C96A330D07ECF5FF1029F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F60BB09AF6CE6CBFC9D95192583CB930
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
Frame ID: 4FB7E12D863E7AA006822A64655513E8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cx4JKCkRjYJ6tK_Cn7gPp8IBInp3yi2HS14rfpw2_4R4QASCC3q9PYJWKuILIB6AB2qmj7QLIAQmpAs6fDVxhrrM-qAMByANIqgTaAU_QAm76p131qV9Av5dX1h9BAoMnNxZl9BFWIvQpJN8f4mAEUTDE3uSEspPaTS1g9wibvhe4SlcWH0tdcuaroa5Q-TgnSPjilDBX-5BUmdpGqkGeCVUkyHes2cXyEq6jefPTxUWt8ELCTpV_ccBxo7BHkfnnon_sCx2K2-gS7eociDS9UGxsL9htNFbueGztGtJCRRlRYYnEtwWRGdJxmFow9_Xh0L7vjYJopHFAIZ2si6HtvCIKAi4jMSef6SUMtSb5rNm6ZeNIRBovLF6wKvHawdgYkifVwBLzwASy2rPJkQKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxt-QDKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCr2gbSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMzU5NTY2MTgyMjAwNzgyNQ&sigh=sdpORmq8844&template_id=419&tpd=AGWhJms13C3RxmXApc7Q7QkexEmiqqNfqvxdgBYRWiwelrOcTg
Frame ID: 0B2E0B5F9D95FFFAFA3A96804E39F907
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 033D95FFDA2E60B4C78BD1D38DEDF6D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CDBA838FAE444BF3DBC3952CBCF0AE21
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Frame ID: A3666057213298F1D9EEED921750BEE8
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 8B77EDDCA48DD3891A23B748F88D5FCF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 03B7513F85D9E0A65F236FCFBF852887
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Frame ID: 542EC9EE367F95F873886E65871D4CFB
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.marikpost.net.ua/ HTTP 302
https://marikpost.net.ua/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

210
Requests

100 %
HTTPS

47 %
IPv6

29
Domains

42
Subdomains

30
IPs

6
Countries

4538 kB
Transfer

6078 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.marikpost.net.ua/ HTTP 302
https://marikpost.net.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIS8A38FB9brlDAPJHOI4po5OMCE-ngMcmpozfSyURHNTx2ry9ThzgJk9_UkjDZJ08RspioEANuNtS25UaRL1d1V6JHJ3120g&google_gid=CAESEFsV-ABGOR6QochBz77bIS0&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIuIjYMGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJUzhBMzhGQjlicmxEQVBKSE9JNHBvNU9NQ0UtbmdNY21wb3pmU3lVUkhOVHgycnk5VGh6Z0prOV9Va2pEWkowOFJzcGlvRUFOdU50UzI1VWFSTDFkMVY2SkhKMzEyMGc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXVwWmU3T0FuZmZSR245MlEwZzFXTUVBakNzamxkdE80UHdsLXZzQUJMMA==&google_push

Request Chain 121

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKnfVuSv1GzLPJ_0ZV8Uff5H9odMNgOLQMlwVdvxHa28eQcSoL5AH3ph7w6ykSQyXiqXCJzz8i43KejPTU06GFzN0zJliKNXw&google_gid=CAESEFY66PAM4fFV4mFgZN8TJeA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKnfVuSv1GzLPJ_0ZV8Uff5H9odMNgOLQMlwVdvxHa28eQcSoL5AH3ph7w6ykSQyXiqXCJzz8i43KejPTU06GFzN0zJliKNXw&google_gid=CAESEFY66PAM4fFV4mFgZN8TJeA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzNzU3NTM1ODU2Mzg4Nw%3D%3D&google_push=AQvitUKnfVuSv1GzLPJ_0ZV8Uff5H9odMNgOLQMlwVdvxHa28eQcSoL5AH3ph7w6ykSQyXiqXCJzz8i43KejPTU06GFzN0zJliKNXw

Request Chain 122

https://rtb.openx.net/sync/dds?google_gid=CAESEELQ8jda7iFchKEvdBOPP3Q&google_cver=1&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEELQ8jda7iFchKEvdBOPP3Q&google_cver=1&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis&google_hm=26k-72j5yUU0tTZM-i6dhA==

Request Chain 123

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHlRvbTzC_gRtw3u-hNBsqU&google_cver=1&google_push=AQvitULO141gQJVn18MS9eKbRUE7tNi3RiNMRBI4YGYhymRVKntCPT5pZC3W2TU6gpyuL8FU5CAoaA6Cbmt_-Ir8_toUTN_Y1nAHpQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHlRvbTzC_gRtw3u-hNBsqU&google_cver=1&google_push=AQvitULO141gQJVn18MS9eKbRUE7tNi3RiNMRBI4YGYhymRVKntCPT5pZC3W2TU6gpyuL8FU5CAoaA6Cbmt_-Ir8_toUTN_Y1nAHpQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xFTTSZgTQ26tQ6INtn122A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULO141gQJVn18MS9eKbRUE7tNi3RiNMRBI4YGYhymRVKntCPT5pZC3W2TU6gpyuL8FU5CAoaA6Cbmt_-Ir8_toUTN_Y1nAHpQ

Request Chain 124

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENazMSmUQgWHElN5yR7sfTY&google_cver=1&google_push=AQvitULRzGcwKkxRRjWizuJjq9W32qqb7VrWfeyUMT-Rmf6rUisnY8mqn1r6Irl7t5zNMAcdE-sTeo4Dh50KBDYSOHDXyulgwOCuFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOVVgtMjAtNVVCTQ==&google_push=AQvitULRzGcwKkxRRjWizuJjq9W32qqb7VrWfeyUMT-Rmf6rUisnY8mqn1r6Irl7t5zNMAcdE-sTeo4Dh50KBDYSOHDXyulgwOCuFw

Request Chain 125

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_cver=1&google_push=AQvitUJ8b23jQcCii8HntD28BEGd5yFmfo-QHAzMtOFQ9zRGfQSbQtKR7gIsUMEaSlyprkqe-vHR3MW_faEaKdPH8VwmcUMDE_duGA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_push=AQvitUJ8b23jQcCii8HntD28BEGd5yFmfo-QHAzMtOFQ9zRGfQSbQtKR7gIsUMEaSlyprkqe-vHR3MW_faEaKdPH8VwmcUMDE_duGA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_push=AQvitUJ8b23jQcCii8HntD28BEGd5yFmfo-QHAzMtOFQ9zRGfQSbQtKR7gIsUMEaSlyprkqe-vHR3MW_faEaKdPH8VwmcUMDE_duGA

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 143

https://d.agkn.com/pixel/2175/?google_gid=CAESEFhaahK8qBocDNkZIzv71-k&google_cver=1&google_push=AQvitUILo7NpFTuDLFDh61o-4aTCVIhDWTzavi_YgvSR-wzfmbbJ0C5CbQhyj8ayODf6hMPNtCcOUGST5mHO-HzC3MQG0jcqHK0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VGaGFhaEs4cUJvY0ROa1pJenY3MS1r

Request Chain 144

https://rtb.openx.net/sync/dds?google_gid=CAESEDoZFp1UUyopSrKGYg394HA&google_cver=1&google_push=AQvitUKtMn6xhOeVKRZziQJA1Gczpr5oWCFkg83Gvyp7t34db1c1C84AfE7e9C4WK-heZa6G6uTFhP518UdH_MrwEsbpfpHYrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKtMn6xhOeVKRZziQJA1Gczpr5oWCFkg83Gvyp7t34db1c1C84AfE7e9C4WK-heZa6G6uTFhP518UdH_MrwEsbpfpHYrQ&google_hm=26k-72j5yUU0tTZM-i6dhA==

Request Chain 145

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJLhYtsOxG-k4e3MI3-02jU&google_cver=1&google_push=AQvitULwT9NkWt3USInL8_eh91yhvGEwH35yk5xPnu4paZNJ2MFsAo93rzoXW-LAlKcgQD8B8-KDZbH0NY_rO0N0si_RnKJK-Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJLhYtsOxG-k4e3MI3-02jU&google_cver=1&google_push=AQvitULwT9NkWt3USInL8_eh91yhvGEwH35yk5xPnu4paZNJ2MFsAo93rzoXW-LAlKcgQD8B8-KDZbH0NY_rO0N0si_RnKJK-Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULwT9NkWt3USInL8_eh91yhvGEwH35yk5xPnu4paZNJ2MFsAo93rzoXW-LAlKcgQD8B8-KDZbH0NY_rO0N0si_RnKJK-Q

Request Chain 146

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPbXdqGS8AsT71ViKqZUkx4&google_cver=1&google_push=AQvitUJv4ypOk4_V71sy5QSD8ISBGjbfPh5nfqPe41xxXMKfp7-D-WyYXo-Yl5vH3qey0VGrnx-jHr46iKdrnDSMyd_iYEaYDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOWDQtMjItQUE1Vg==&google_push=AQvitUJv4ypOk4_V71sy5QSD8ISBGjbfPh5nfqPe41xxXMKfp7-D-WyYXo-Yl5vH3qey0VGrnx-jHr46iKdrnDSMyd_iYEaYDA

Request Chain 147

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_cver=1&google_push=AQvitULVQkf0j30puUElfo7i2JXGsMYikdTyZ_FyCg5kD1ByyVRGeCAboEQmgJFpvMXXbVsrpmQdhbUUZQhQAWe5VUo19AOcbQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_push=AQvitULVQkf0j30puUElfo7i2JXGsMYikdTyZ_FyCg5kD1ByyVRGeCAboEQmgJFpvMXXbVsrpmQdhbUUZQhQAWe5VUo19AOcbQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_push=AQvitULVQkf0j30puUElfo7i2JXGsMYikdTyZ_FyCg5kD1ByyVRGeCAboEQmgJFpvMXXbVsrpmQdhbUUZQhQAWe5VUo19AOcbQ

Request Chain 148

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECrwJtf3D3H3thfwHuUv1vc&google_cver=1&google_push=AQvitUJ0Cq0PCud0lcFpTVxoW3o2ObiS92VeYXv_mU5kuy_7_V6rMCRukI3xsL8vJW9ev3l6jDDVMVJCiF1MgVNbDAcVi0hGNpBS HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ0Cq0PCud0lcFpTVxoW3o2ObiS92VeYXv_mU5kuy_7_V6rMCRukI3xsL8vJW9ev3l6jDDVMVJCiF1MgVNbDAcVi0hGNpBS&google_hm=

Request Chain 162

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdHPpMPLRzn9DoZTPFsu0aXcaprjyeg1fuXIBcCX2OWf3O5ER3MlxbSkJ7w7L09fhbMGDRiN2mCLOE-dMOobQZEjNA-T_4sQ&google_gid=CAESEAYRpCnEygMFFVJJXJnTnxY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdHPpMPLRzn9DoZTPFsu0aXcaprjyeg1fuXIBcCX2OWf3O5ER3MlxbSkJ7w7L09fhbMGDRiN2mCLOE-dMOobQZEjNA-T_4sQ&google_gid=CAESEAYRpCnEygMFFVJJXJnTnxY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzODc2MzYxNDM5OTAxNg%3D%3D&google_push=AQvitUIdHPpMPLRzn9DoZTPFsu0aXcaprjyeg1fuXIBcCX2OWf3O5ER3MlxbSkJ7w7L09fhbMGDRiN2mCLOE-dMOobQZEjNA-T_4sQ

Request Chain 163

https://rtb.openx.net/sync/dds?google_gid=CAESEBy9I7DFfU2yn6RwAUyovRs&google_cver=1&google_push=AQvitUKHGMveviUA_oKrWAwMV7yq_cJFL1u-TxG9Pyas0bfM9V4wzY_v93gf7G7QEEGLBNqZyFRBm6jIbsyElg1NEb_Hmbv0IYar4A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKHGMveviUA_oKrWAwMV7yq_cJFL1u-TxG9Pyas0bfM9V4wzY_v93gf7G7QEEGLBNqZyFRBm6jIbsyElg1NEb_Hmbv0IYar4A&google_hm=26k-72j5yUU0tTZM-i6dhA==

Request Chain 164

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH9jKrj6md5YlTllRdraHTY&google_cver=1&google_push=AQvitUKmu0IsNxKvtiTg9OZHN5Ty_OU9OhW1MOQxt-CO7fm9xAFwXrhNxO-zX0d-KkfVmhbg5bMhOn0p6ZIvHwFcQGkEPPqTrh1ZWA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKmu0IsNxKvtiTg9OZHN5Ty_OU9OhW1MOQxt-CO7fm9xAFwXrhNxO-zX0d-KkfVmhbg5bMhOn0p6ZIvHwFcQGkEPPqTrh1ZWA

Request Chain 165

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFjRTBvuidpD-JLebmxMXTA&google_cver=1&google_push=AQvitUL6uNEH7RkGrpxqSMba8DEh-Dh17IxzqpHl-Fwj7zry2ydya8popYa8mBFRDe2i6Pj2rULoGFCRBWYBtcNfLreDeiOUCUl94Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZPNEUtMU8tQjhLMQ==&google_push=AQvitUL6uNEH7RkGrpxqSMba8DEh-Dh17IxzqpHl-Fwj7zry2ydya8popYa8mBFRDe2i6Pj2rULoGFCRBWYBtcNfLreDeiOUCUl94Q

Request Chain 166

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPrUjJaztQNoj6Y83r1y4BE&google_cver=1&google_push=AQvitULGLFnARpeHBzg4NoLZG7NDhAzYxCwXuMjN8H0o-uyhpEq8y2aaQGRdSLW_aIyGTTcfk4RpB8wKKczogM9P8uMTznnXX20ozQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_push=AQvitULGLFnARpeHBzg4NoLZG7NDhAzYxCwXuMjN8H0o-uyhpEq8y2aaQGRdSLW_aIyGTTcfk4RpB8wKKczogM9P8uMTznnXX20ozQ&google_gid=CAESEPrUjJaztQNoj6Y83r1y4BE&google_cver=1

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

210 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
marikpost.net.ua/
Redirect Chain

https://www.marikpost.net.ua/
https://marikpost.net.ua/

73 KB
15 KB

412ms
273ms

Document
text/html

185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.33-0ubuntu0.16.04.16
Resource Hash: 85f5e9132388fab3aee2f05b2423cbfdca8d334433032c5727706bea28262f68

Request headers

Host: marikpost.net.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 30 Mar 2021 15:30:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 15224
Connection: keep-alive
X-Powered-By: PHP/7.0.33-0ubuntu0.16.04.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=bf247364f168b8d22d20ce3fa1b1132b; path=/
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 30 Mar 2021 15:30:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/7.0.33-0ubuntu0.16.04.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=732fe53f432860819786b0a460ca1c60; path=/
Location: https://marikpost.net.ua

GET
H/1.1 200
OK bootstrap.min.css
marikpost.net.ua/themes/default/css/ 119 KB
119 KB 72ms
69ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/css/bootstrap.min.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 83c131000f14a1d667b5116e5f182997489fbf82e6d790d0ee2737ddb765b56e

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-1db51"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121681

GET
H/1.1 200
OK font-awesome.min.css
marikpost.net.ua/themes/default/css/font-awesome-4.7.0/css/ 30 KB
31 KB 238ms
112ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/css/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-7918"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31000

GET
H/1.1 200
OK twemoji-awesome.css
marikpost.net.ua/themes/default/css/ 71 KB
71 KB 232ms
105ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/css/twemoji-awesome.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 88be7865697b18ad3611fe75af39ea43e86aac0c1e5b2ebdcd04a534c1e1d5d4

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-11c73"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72819

GET
H/1.1 200
OK mediaelementplayer.css
marikpost.net.ua/themes/default/js/mediaelement/build/ 16 KB
16 KB 239ms
112ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/mediaelement/build/mediaelementplayer.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b0ff4684daca946ed282213f63599bbfcd02c656de7934f8f583a1a042aa6ca8

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-3e0e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15886

GET
H/1.1 200
OK style.css
marikpost.net.ua/themes/default/css/ 146 KB
146 KB 232ms
105ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/css/style.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fc09fb5de9c704bd45cb90515ca5897304f87fe8f4293059f94aa2de482d62f5

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-246bf"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149183

GET
H/1.1 200
OK media-query-breakpoints.css
marikpost.net.ua/themes/default/css/ 4 KB
5 KB 196ms
69ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/css/media-query-breakpoints.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4c8db09d94619da9090cac5c5f5ef5450484ca3adc36f54f02d63d26a01c13b4

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-1115"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4373

GET
H/1.1 200
OK owl.carousel.min.css
marikpost.net.ua/themes/default/js/owl-carousel2/dist/assets/ 3 KB
4 KB 216ms
63ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/owl-carousel2/dist/assets/owl.carousel.min.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3fd498cc0ae566423ac60276950b945aec0f2dbd65e99e9fe5ebc0e1d525885a

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-d70"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3440

GET
H/1.1 200
OK bootsrap-social.css
marikpost.net.ua/themes/default/css/ 20 KB
20 KB 305ms
108ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/css/bootsrap-social.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef99180c20d75a06ecc10268de1f4049251d23b1743f55369dd5a8d55e4cf1b1

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-4ebf"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20159

GET
H/1.1 200
OK sweetalert2.min.css
marikpost.net.ua/themes/default/js/sweetalert2/dist/ 14 KB
14 KB 280ms
64ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/sweetalert2/dist/sweetalert2.min.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7450b0ba109fa1ea0178cb9588dee185b644656eed6a4013a34b90f12cd9488f

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-38cc"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14540

GET
H/1.1 200
OK swal-forms.css
marikpost.net.ua/themes/default/js/swal-forms/ 612 B
858 B 305ms
66ms Stylesheet
text/css 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/swal-forms/swal-forms.css
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fdb2ddc55b7bd8231d8ff1ef9f0092a2300696786ccb40adaaa0bc8b393d624e

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-264"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 612

GET
H2 200 icon
fonts.googleapis.com/ 568 B
415 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8e7e777ab2c510a548bec6e1e8b9a3fbceb986ba8603686a64f7d11ed3e8805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 15:30:17 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
879 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arvo|Open+Sans|Open+Sans+Condensed:300|Montserrat

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbdcd25ed66bfc1e83de87d605e819be98ca3acc5665bfc8e64f68d3c89c87c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 15:30:17 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
551 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 14:19:22 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:17 GMT

GET
H/1.1 200
OK jquery-3.min.js Show response
marikpost.net.ua/themes/default/js/ 85 KB
85 KB 319ms
74ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/jquery-3.min.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-15287"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86663

GET
H/1.1 200
OK jquery.form.min.js Show response
marikpost.net.ua/themes/default/js/ 15 KB
15 KB 348ms
68ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/jquery.form.min.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-3b90"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15248

GET
H/1.1 200
OK owl.carousel.js Show response
marikpost.net.ua/themes/default/js/owl-carousel2/dist/ 85 KB
85 KB 359ms
75ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/owl-carousel2/dist/owl.carousel.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f8d4c5649419ac70b9c08454afe5a7897c61f19b356135d888e97a17543805ef

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-15438"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87096

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 136 KB
53 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-94PED1KHHS

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c1fe012e845505c4c0bf412b4d1185513d88dfe4cbadcaffed7c191f835515a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53580
x-xss-protection: 0
expires: Tue, 30 Mar 2021 15:30:17 GMT

GET
H/1.1 200
OK logo.png
marikpost.net.ua/themes/default/img/ 23 KB
23 KB 105ms
64ms Image
image/png 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/themes/default/img/logo.png
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 90e5850c4cb46fb439478f28c17ddf112115180914a0e4394d07bbb2dc7f71e1

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sun, 10 Jan 2021 11:56:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffaeb6a-5c47"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23623

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feea6127a153da9ba9d4553649cbc353d8d3e504a0406d59e2828b1d506147c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49709
x-xss-protection: 0
server: cafe
etag: 2439029923726210354
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 15:30:17 GMT

GET
H/1.1 200
OK K8NiJChd1PkjPJY5NrnI_30_4fcc8bc0f3264e71b832c18790830811_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 107 KB
107 KB 63ms
63ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/K8NiJChd1PkjPJY5NrnI_30_4fcc8bc0f3264e71b832c18790830811_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e420b75154a5c28ca63c56ece9af5dfa5186c072b766510ec7e8cddaa42cea6b

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Tue, 30 Mar 2021 10:32:46 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6062fe4e-1aaea"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109290

GET
H/1.1 200
OK tm4oYsn2WyBvllFQa36H_30_e6d12bcdfc699ea034600fa25f1e1e5a_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 10 KB
10 KB 69ms
68ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/tm4oYsn2WyBvllFQa36H_30_e6d12bcdfc699ea034600fa25f1e1e5a_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2b5ae377f0f40ee0c56f840acd919c982c11947be3271fed74061063cc381ee5

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Tue, 30 Mar 2021 09:54:55 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6062f56f-2759"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10073

GET
H/1.1 200
OK 2CwFFmYLmfDDBiFvHaOT_30_4feeb2a4dae0d148afa13f7f4672a9be_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 86 KB
86 KB 67ms
66ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/2CwFFmYLmfDDBiFvHaOT_30_4feeb2a4dae0d148afa13f7f4672a9be_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 03a63f41f8b9d354f860b945eb497bb5fdacd6098b55ca90b6579b7602928c9a

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Tue, 30 Mar 2021 09:28:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6062ef40-1566a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87658

GET
H/1.1 200
OK CDRDNFnTeCgYQqA8OVF9_30_c7120293b29eb5235839fb1afe16c369_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 78 KB
78 KB 83ms
81ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/CDRDNFnTeCgYQqA8OVF9_30_c7120293b29eb5235839fb1afe16c369_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 31aa715f046536217cef97bf9d2741ff21fdfbe74474ed3e82568244a49ae894

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Tue, 30 Mar 2021 06:51:40 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6062ca7c-13832"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79922

GET
H/1.1 200
OK faQ1cDIBjMQpNNbXugjQ_30_61af0c9dce63ec9f24fa239aee61b6d3_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 86 KB
87 KB 106ms
105ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/faQ1cDIBjMQpNNbXugjQ_30_61af0c9dce63ec9f24fa239aee61b6d3_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 134881b275ce7f315d7266f7aa7ba8b5c40bf6b49ab1585fe7d8bd3894439038

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Tue, 30 Mar 2021 06:03:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6062bf45-1599c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88476

GET
H/1.1 200
OK vGHQQ37vzdok4P6sfdxH_30_a196ccc8aeb36d8f87e6f93f8191d479_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 75 KB
75 KB 67ms
66ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/vGHQQ37vzdok4P6sfdxH_30_a196ccc8aeb36d8f87e6f93f8191d479_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 42da09139a98c1ca5f89a5532b07dbe03f8f06415a2ea9d44df5ea8eb130691b

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Tue, 30 Mar 2021 05:26:10 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6062b672-12c40"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76864

GET
H/1.1 200
OK kgiTHvGpKTiIeTb38i4q_29_c0dcff27ff5c6ad743e77868b38a353a_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 25 KB
25 KB 67ms
66ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/kgiTHvGpKTiIeTb38i4q_29_c0dcff27ff5c6ad743e77868b38a353a_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6f31d0ffc99a940f01a7224fd04dbb23443dc327e46a7225781f84adacd9799d

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 29 Mar 2021 13:38:51 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6061d86b-645c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25692

GET
H/1.1 200
OK yQEJldIjWwpzJb3ayrub_29_a0aaf89ca38f0193116bae5d6a897825_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 546 KB
546 KB 69ms
68ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/yQEJldIjWwpzJb3ayrub_29_a0aaf89ca38f0193116bae5d6a897825_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 704d9311a35ee969ab5fec086ee7c9beb0847c278b99296ad7eb60208f6416ff

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 29 Mar 2021 04:09:47 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6061530b-88852"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 559186

GET
H/1.1 200
OK oDjzru8ACZeXFE4VDlE2_28_798d09cd25e499e735f07f9d56e4a2a3_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 27 KB
27 KB 65ms
65ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/oDjzru8ACZeXFE4VDlE2_28_798d09cd25e499e735f07f9d56e4a2a3_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 480267a1eaa652ec531663e399c0a31abdd694795158c04b64bd5dc9cb4c7e90

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sun, 28 Mar 2021 16:13:00 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6060ab0c-6aa8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27304

GET
H/1.1 200
OK WFNCBowIaycRg5Pis4ld_28_b047ee6723e8dee141b3727d3e18d288_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 44 KB
44 KB 67ms
66ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/WFNCBowIaycRg5Pis4ld_28_b047ee6723e8dee141b3727d3e18d288_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b814f9ed4996878a3f280e7b6c1ac40112da40dd89aad1335d02440991597aff

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sun, 28 Mar 2021 13:24:27 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6060838b-b046"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45126

GET
H/1.1 200
OK BIIWcx48OA5jzCQqqkUi_28_a3a0e5fff70b2d2f1e311113fcb7b4ef_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 76 KB
77 KB 65ms
64ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/BIIWcx48OA5jzCQqqkUi_28_a3a0e5fff70b2d2f1e311113fcb7b4ef_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 004a437d7089840beee57c26d31bae4f4d5db320d0d4a8a1e66afaba98bcf27b

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sun, 28 Mar 2021 11:40:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "60606b41-13140"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78144

GET
H/1.1 200
OK Dkejb9uRCGO5LMVwS1mc_27_11195936a24babee7d72965d6d8cef7c_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 60 KB
60 KB 63ms
63ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/Dkejb9uRCGO5LMVwS1mc_27_11195936a24babee7d72965d6d8cef7c_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: dce93bce75edb01d2fdebfba166067193065d06e9362d4e39b6ab0c1c1d3384c

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sat, 27 Mar 2021 19:08:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "605f8292-f0b0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61616

GET
H/1.1 200
OK TOxks7Pv5ZaNtKVxAuhY_27_abc7f53177eac539cb5841445fdfe7d2_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 23 KB
24 KB 64ms
64ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/TOxks7Pv5ZaNtKVxAuhY_27_abc7f53177eac539cb5841445fdfe7d2_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d2719085c9677e9d497fd20aa546f872a161ab5d63690aa99b0555640ff2acb5

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sat, 27 Mar 2021 17:51:58 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "605f70be-5d68"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23912

GET
H/1.1 200
OK QE97o9iDec4sTT9tTbbc_27_301fad5aab120068371e9dc1a154960b_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 19 KB
19 KB 65ms
65ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/QE97o9iDec4sTT9tTbbc_27_301fad5aab120068371e9dc1a154960b_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 519d220012b4b23204d171c218ff9c288b424c4bf4c6c753ca471f4514b57787

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sat, 27 Mar 2021 12:19:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "605f22ca-4a72"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19058

GET
H/1.1 200
OK mBhkyaj6eTMC55V5R8lw_05_b07e808e742c4da058f708de2e83bbaf_image.png
marikpost.net.ua/upload/photos/2021/03/ 22 KB
23 KB 197ms
63ms Image
image/png 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/mBhkyaj6eTMC55V5R8lw_05_b07e808e742c4da058f708de2e83bbaf_image.png
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e975153c7c730161ea9e0225810815140afd7bfeeaf1515db8a0d06a45a2142f

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Fri, 05 Mar 2021 17:59:43 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6042718f-59ee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23022

GET
H/1.1 200
OK l4nVmgXV1xHlxwkcsKzI_06_15d84e53ecca8b428b9b557c39d7183a_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 62 KB
62 KB 64ms
63ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/l4nVmgXV1xHlxwkcsKzI_06_15d84e53ecca8b428b9b557c39d7183a_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 27fe0f3d7408ff7d7522bc77b8c1eeaa6c2b73587c069fa457adee24a35927c7

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sat, 06 Mar 2021 07:26:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "60432e8a-f62e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63022

GET
H/1.1 200
OK QkOufrl3ai4dnY5kI6Bl_05_3d5e0f91741cd1f6144fd957a1202e86_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 28 KB
28 KB 63ms
63ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/QkOufrl3ai4dnY5kI6Bl_05_3d5e0f91741cd1f6144fd957a1202e86_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1e9d90fec6306b4bb5669773fbbd6568a5b0fbcb2d10618f9d678a5074376f36

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Fri, 05 Mar 2021 18:25:26 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "60427796-6f69"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28521

GET
H/1.1 200
OK script.js Show response
marikpost.net.ua/themes/default/js/ 94 KB
94 KB 67ms
66ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/script.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 12a8f9389ac1e17bd9fbb2d509eb59d046894e26cc1b35c4e49b6499741d98b4

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-1762a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95786

GET
H/1.1 200
OK bootstrap.min.js Show response
marikpost.net.ua/themes/default/js/ 36 KB
36 KB 65ms
64ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/bootstrap.min.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-90b5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37045

GET
H/1.1 200
OK autosize.min.js Show response
marikpost.net.ua/themes/default/js/ 3 KB
3 KB 68ms
63ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/autosize.min.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1b7590e7fdb0854f28c063b7ae0f54f6e39fea515d5e610af020e5ad0fb67ce6

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-a5b"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2651

GET
H/1.1 200
OK sweetalert2.min.js Show response
marikpost.net.ua/themes/default/js/sweetalert2/dist/ 24 KB
24 KB 70ms
65ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/sweetalert2/dist/sweetalert2.min.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b2a0d90b1e8b4dbd727013172d0b837c198facf1ac3e2ad1ab06d09158659573

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0eb-5fa8"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24488

GET
H/1.1 200
OK swal-forms.js Show response
marikpost.net.ua/themes/default/js/swal-forms/ 8 KB
8 KB 71ms
66ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/swal-forms/swal-forms.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d08fcbc9d1ecf0c0f6b8010051686678bcea576791223500ebd2ec8926165776

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-2042"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8258

GET
H/1.1 200
OK mediaelement-and-player.js Show response
marikpost.net.ua/themes/default/js/mediaelement/build/ 253 KB
253 KB 74ms
69ms Script
application/javascript 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/js/mediaelement/build/mediaelement-and-player.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e411c8ff7e5d0c5fce8b53806c39c4f303a9617463bf271be02c31e80950075f

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ffad0ec-3f2f1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258801

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 60ms
14ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC2) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6BC2)
Age: 316
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H/1.1 200
OK embed.js Show response
platform.vine.co/static/scripts/ 4 KB
2 KB 514ms
127ms Script
application/javascript 3.212.69.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.vine.co/static/scripts/embed.js
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.69.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-69-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: 73f8849c1fbf8a9a7a6886c9efe3bcdae4627d1b08451b1424cada88232e5792

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Content-Encoding: gzip
ETag: W/"eab-162bb0b51c0"
Last-Modified: Thu, 12 Apr 2018 18:08:24 GMT
X-Powered-By: Express
Vary: X-Vine-Client, Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=300
transfer-encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 34ms
15ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1624953
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
cf-request-id: 09255adece0000326034036000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2AVcz4AIhOXTe64Nd8Io49XgkYvQ5CzomR7yPtkE0yz0dyGVm%2Bh1PDBwXvS%2Bhv9C2aG4ZFZDrxE7amqSonmW6yhUEub7gk7ARS2jpc9jTSghgYdyUj19VkR1%2BZeaNGld9A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 638260de1eff3260-FRA
expires: Sun, 20 Mar 2022 15:30:17 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 40ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1421607
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
cf-request-id: 09255adecf00003260298b8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ea1FnCDwqUr0jBR8D32Tl52Lq%2BlZr%2BVrKjB0DF1VUe8na9Nrpmlg3GbeJlPYiEspQ9Tyn66TBAQRmvVX1iw%2FRhh4pCr%2BDF3TSe%2BZ0aK63zp5Wzp3QXjz0i1k9QYoI5Ty7w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 638260de1f003260-FRA
expires: Sun, 20 Mar 2022 15:30:17 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 4 KB
1 KB 44ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/themes/default/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 14:23:40 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:17 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 973 B
434 B 44ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/themes/default/css/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd564036612969ce6c3d8464cb59cefd79be4dab161c358f251c0f637f34da17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 14:23:34 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v20/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://marikpost.net.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:49:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:51 GMT
server: sffe
age: 578421
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9900
x-xss-protection: 0
expires: Wed, 23 Mar 2022 22:49:56 GMT

GET
H/1.1 200
OK Q3HFATtsgiVvSN5SYXhU_12_3e0d6114312391a4fa013968f9c709da_image_hd.jpg
marikpost.net.ua/upload/photos/2021/03/ 54 KB
54 KB 124ms
75ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/Q3HFATtsgiVvSN5SYXhU_12_3e0d6114312391a4fa013968f9c709da_image_hd.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c2c8bdb473fb37e4f60e33dd3eb5969758e8d61412cebb662bd76bd596b74ec9

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Fri, 12 Mar 2021 11:26:51 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604b4ffb-d687"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54919

GET
H/1.1 200
OK DiXZG3FL8B1WedHy73a2_15_b2a48647e57a6c60bd6a2d0b3add3daf_image_hd.jpg
marikpost.net.ua/upload/photos/2021/03/ 100 KB
100 KB 134ms
65ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/DiXZG3FL8B1WedHy73a2_15_b2a48647e57a6c60bd6a2d0b3add3daf_image_hd.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1eb84c5c797e84a595498a5b348eb9390e04edb202b3134b74117d2eee43a997

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 15 Mar 2021 08:59:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604f2209-19040"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102464

GET
H/1.1 404
Not Found 5LNChee8hhKlMYi85gZ8_12_ed5e3e6aedb71083dbec48c4e31798fe_image_hd.jpg
marikpost.net.ua/upload/photos/2021/03/ 196 B
196 B 195ms
66ms Image
text/html 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/5LNChee8hhKlMYi85gZ8_12_ed5e3e6aedb71083dbec48c4e31798fe_image_hd.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 1Iu2USdxANThnVQta77L_29_612703a6a0414a192145accc794e274a_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 75 KB
76 KB 66ms
65ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/1Iu2USdxANThnVQta77L_29_612703a6a0414a192145accc794e274a_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6a95713b3ded7bafb1d82e78474bc3cfbf5e98e08e7cc5ca0286410d5ae6b0de

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 29 Mar 2021 16:32:45 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6062012d-12db6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77238

GET
H/1.1 200
OK IkPoj3OeqqjoNd9zXQnp_14_782b5bf39ee7b5cfb2c0e824eb2e24d2_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 56 KB
56 KB 84ms
83ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/IkPoj3OeqqjoNd9zXQnp_14_782b5bf39ee7b5cfb2c0e824eb2e24d2_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6fe4d2c27229a0bc2e053342d8601c0c8d8ea6a9ca4c3937aa63aed501e9c257

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sun, 14 Mar 2021 07:33:36 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604dbc50-df2e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57134

GET
H/1.1 200
OK WOCFavcASA5X75tUQgdl_17_0117c915e021a26edf5b98f29ffc45ac_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 23 KB
23 KB 82ms
82ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/WOCFavcASA5X75tUQgdl_17_0117c915e021a26edf5b98f29ffc45ac_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fa18fcf82fc981fc03e4189755d61169f04e08a6b0a2418fef70c2ecf01556e9

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Wed, 17 Mar 2021 16:46:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6052325c-5b95"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23445

GET
H/1.1 200
OK GKXQYQm1CKZZ3hM7s6u2_15_819eefd75cb0b1d2a724b99aaef44fd6_image.jpeg
marikpost.net.ua/upload/photos/2021/03/ 16 KB
16 KB 80ms
80ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/GKXQYQm1CKZZ3hM7s6u2_15_819eefd75cb0b1d2a724b99aaef44fd6_image.jpeg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f34c5577b0ee593ee87043955c8f34568edcfc1a81e0c0aa712638328515735c

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 15 Mar 2021 08:50:25 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604f1fd1-3fae"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16302

GET
H/1.1 200
OK iqcLBZGFAjGyyQm1Y4Zm_15_7e6dd0ad3b05cb5e954b5da3789e9a18_image.jpeg
marikpost.net.ua/upload/photos/2021/03/ 11 KB
12 KB 65ms
65ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/iqcLBZGFAjGyyQm1Y4Zm_15_7e6dd0ad3b05cb5e954b5da3789e9a18_image.jpeg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 02103fe5f8781ce458e6e79eda33f044d7af146f906695f37929b96cec706783

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 15 Mar 2021 08:52:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604f2032-2d4d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11597

GET
H/1.1 200
OK yqgWNSOxS1fsUwpgcz3u_15_7344220c8e3703820574dd58b652352d_image.jpeg
marikpost.net.ua/upload/photos/2021/03/ 7 KB
7 KB 68ms
67ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/yqgWNSOxS1fsUwpgcz3u_15_7344220c8e3703820574dd58b652352d_image.jpeg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3f7a0b739872f4ac674758dc15f2751b15bb6c11108336b67fb9b28b7a1b0e86

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 15 Mar 2021 08:52:48 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604f2060-1b2a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6954

GET
H/1.1 200
OK VGyzdovd4VyoZnY71Qtd_15_a462aa20f6462ed62eaf1acd97367870_image.jpeg
marikpost.net.ua/upload/photos/2021/03/ 16 KB
16 KB 66ms
66ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/VGyzdovd4VyoZnY71Qtd_15_a462aa20f6462ed62eaf1acd97367870_image.jpeg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 97693337cd1dc42d5cf5cb2d6fb75958f9074ba746904f8d25b542cc4cd5e2c6

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 15 Mar 2021 08:54:27 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604f20c3-403f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16447

GET
H/1.1 200
OK xphDBGlpY3DhbFynHiVN_15_b478bbc4dfd4b748dec9dceaf42744cc_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 13 KB
14 KB 69ms
63ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/xphDBGlpY3DhbFynHiVN_15_b478bbc4dfd4b748dec9dceaf42744cc_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e43baab93b8d659337bcc2401b1990d7b1a8a0a2d9bf23ec8969a88969150883

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 15 Mar 2021 08:58:28 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604f21b4-3516"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13590

GET
H/1.1 200
OK DiXZG3FL8B1WedHy73a2_15_b2a48647e57a6c60bd6a2d0b3add3daf_image.jpg
marikpost.net.ua/upload/photos/2021/03/ 14 KB
14 KB 73ms
66ms Image
image/jpeg 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marikpost.net.ua/upload/photos/2021/03/DiXZG3FL8B1WedHy73a2_15_b2a48647e57a6c60bd6a2d0b3add3daf_image.jpg
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 974d7aa7ffb871b7207ddeb6ca6918be83ed8fa15f16666895801a5f04124992

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Mon, 15 Mar 2021 08:59:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "604f2209-3640"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13888

GET
H/1.1 200
OK fontawesome-webfont.woff2
marikpost.net.ua/themes/default/css/font-awesome-4.7.0/fonts/ 75 KB
76 KB 99ms
74ms Font
application/octet-stream 185.230.89.42
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marikpost.net.ua/themes/default/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/themes/default/css/font-awesome-4.7.0/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.230.89.42 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: goukraine.net.ua
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://marikpost.net.ua
Referer: https://marikpost.net.ua/themes/default/css/font-awesome-4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 15:30:18 GMT
Last-Modified: Sun, 10 Jan 2021 10:03:23 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Accept-Ranges: bytes
ETag: "12d68-5b888e6647a41"
Content-Length: 77160

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v20/ 10 KB
10 KB 37ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6bbcc62f3b6a3ada1215006f0f6c04dbcc035efe815caf60e6a26eafc335b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://marikpost.net.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 12:27:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 10954
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10048
x-xss-protection: 0
expires: Wed, 30 Mar 2022 12:27:43 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 16 KB
16 KB 38ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://marikpost.net.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:36:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 291241
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:36:16 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://marikpost.net.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 578624
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 23 Mar 2022 22:46:33 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ 226 KB
85 KB 57ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3595661822007825&plah=marikpost.net.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86619
x-xss-protection: 0
server: cafe
etag: 10759459106970592627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 15:30:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/ Frame B097 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210322/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://marikpost.net.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 30 Mar 2021 02:30:17 GMT
expires: Tue, 13 Apr 2021 02:30:17 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 46801
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame CECA 320 KB
104 KB 15ms
15ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fmarikpost.net.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAB) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://marikpost.net.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1708794
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Mar 2021 15:30:18 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BAB)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 13ms
12ms Other
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-94PED1KHHS&gtm=2oe3h0&_p=384126198&sr=1600x1200&ul=en-us&cid=1049094790.1617118218&_s=1&dl=https%3A%2F%2Fmarikpost.net.ua%2F&dt=%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20%7C%20%D0%9C%D0%B0%D1%80%D1%96%D0%BA%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&sid=1617118218&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94PED1KHHS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marikpost.net.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
644 B 139ms
65ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=marikpost.net.ua&callback=_gfp_s_&client=ca-pub-3595661822007825

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3595661822007825&plah=marikpost.net.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ed1fd799bb2a05880924e2ef9f7e2be8de07f9cde01c4b8d6111c00c0d626107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=marikpost.net.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=marikpost.net.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
38ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmarikpost.net.ua%2F&tn=NAV&cls=navbar%20navbar-findcond%20navbar-fixed-top%20fl_trans_head&ign=false

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB77 22 KB
2 KB 87ms
73ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&adk=1812271804&adf=3025194257&lmt=1617118218&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmarikpost.net.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617118218177&bpp=16&bdt=662&idt=193&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8560235720329&frm=20&pv=2&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

907eaddfe1772a81bfe66583c75a2f70f55175dc984cd314dcb209bc84d28e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3595661822007825&output=html&adk=1812271804&adf=3025194257&lmt=1617118218&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmarikpost.net.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617118218177&bpp=16&bdt=662&idt=193&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8560235720329&frm=20&pv=2&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=245
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://marikpost.net.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 15:30:18 GMT
server: cafe
content-length: 1518
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 30-Mar-2021 15:45:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 15:30:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 64ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Tue, 30 Mar 2021 15:30:18 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame CECA 183 B
411 B 260ms
165ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9b59f8751c39caaaf07624a3a5b669f87991288c

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fmarikpost.net.ua

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 118
date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 15:30:18 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 15bf0791889cc2dfe6c55a02d561d029
strict-transport-security: max-age=631138519
content-length: 152

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 43ms
27ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=marikpost.net.ua

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 43ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=marikpost.net.ua

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1258 81 KB
27 KB 347ms
346ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf0ae87b5d44aaa8747534e74088aa41867ece468fbff3173bd541b7c0e9dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://marikpost.net.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 15:30:19 GMT
server: cafe
content-length: 27515
x-xss-protection: 0
set-cookie: IDE=AHWqTUlhee0xfiLHhXgQ1YE877MJ8WrJxDGvtbZNC8ces3116bYvC2-FtMbTvoTj7DU; expires=Sun, 24-Apr-2022 15:30:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 15:30:19 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A947 74 KB
25 KB 256ms
255ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3750585d3747a0e4fb65ca7dfc7f425849c388477e68631208f77562ec18ec92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://marikpost.net.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 15:30:18 GMT
server: cafe
content-length: 25438
x-xss-protection: 0
set-cookie: IDE=AHWqTUkHZEdpiMbdXNekCgpwROP_LLdQ1kJFXwCV-7uxvpgyDAwJGUD4EqZE9RJ3mP8; expires=Sun, 24-Apr-2022 15:30:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 15:30:18 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D84 106 KB
35 KB 454ms
453ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=1391495236&adf=2082721316&pi=t.aa~a.1343261652~rp.4&w=393&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=393x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1104&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=1jhAcwVyS3&p=https%3A//marikpost.net.ua&dtd=64

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

220542531fa701592adfee12f0f6b3fcdeaf7bb80292a646f0ed9704d90bbc37

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7a8eeq2O8CFfCTewodaTgACQ&gqi=CkRjYPfQKtbpgQectrXIAw&layout=/sadbundle/%24csp%253Der3%24/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=1391495236&adf=2082721316&pi=t.aa~a.1343261652~rp.4&w=393&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=393x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1104&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=1jhAcwVyS3&p=https%3A//marikpost.net.ua&dtd=64
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://marikpost.net.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7a8eeq2O8CFfCTewodaTgACQ&gqi=CkRjYPfQKtbpgQectrXIAw&layout=/sadbundle/%24csp%253Der3%24/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 15:30:19 GMT
server: cafe
content-length: 34846
x-xss-protection: 0
set-cookie: IDE=AHWqTUk6LOmRzHOe3UZ9cvMMc9FfwMTClO02lLGPx-Vj7SynDL1Rp2mrMqrJ3hzxnq0; expires=Sun, 24-Apr-2022 15:30:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 15:30:19 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63B4 12 KB
6 KB 297ms
297ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d86657b0a31fde86d20a1d347746f11242e1a8335d59759baa94a226a1dba655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://marikpost.net.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 15:30:18 GMT
server: cafe
content-length: 5605
x-xss-protection: 0
set-cookie: IDE=AHWqTUlXdyZYYIkHn9zPn05VPYHKYtmN7LiGj7OhO2L3UHAj9Vn8x-PURuw_U8uRs_k; expires=Sun, 24-Apr-2022 15:30:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 15:30:18 GMT
cache-control: private

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A947 6 KB
737 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 14:27:06 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:18 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame A947 1 KB
990 B 36ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:25:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame A947 17 KB
7 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:19:55 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame A947 2 KB
1 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:29:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A947 118 KB
36 KB 66ms
53ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Tue, 30 Mar 2021 15:30:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame A947 12 KB
5 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:30:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A947 0
0 15ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBrmgjpf-WxRnAZPsroh07TDn02AS5B3RDl2nIR2eEweSd4Nyu4g5mHTBnGfCDjD-yDeIuQmueOI8-rYP5IJrODPywQg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 0d892f21276454e9a338c8a4ad11a214.js Show response
www.gstatic.com/mysidia/ Frame A947 24 KB
10 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d892f21276454e9a338c8a4ad11a214.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8687e90791df4582658ad44eb7a20b332e8593811f9ae96d5b1a37b6086953ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 12:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 23:49:33 GMT
server: sffe
age: 11802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10348
x-xss-protection: 0
expires: Mon, 28 Jun 2021 12:13:36 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame A947 0
0 47ms
43ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkAnyCkRjYLTeKo-UgQf2y4vYBejP_-5hoq_Dw_kLv-EeEAEggt6vT2CViriCyAegAZXP6PEDyAEJqQLOnw1cYa6zPqgDAcgDywSqBNQBT9C6MhHCrJsR9Lw9Bm4gssDgadLKjGBmoZEqU3DJD1RfOW0GOCJW5VNfRK0R52oQ65_EqYbZeHmzzlX1vKFWHnZJqozwTVPY-HCqmQHHjEvIAv-FF90TQLQuw1Y_Y503Nddw3UxeZCseBLrK7V2ASHI5YwNIC4iBqVo3ajaQAwdfo0lJMMQJZkwt8sh9Z2HsZNZGoujVJxECCBwWel8bFxDetFkxSvV4dy404CxiLXlIDYO_URb49_fYGN3hXZ2vBrX5IQnaDufBL6O2lFufb999oBvABL6Q3pqNA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfTsJcOqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEM64BNIICQiA4YAQEAEYH4AKAcgLAdgTDYgUBbIXGgoYCAASFHB1Yi0zNTk1NjYxODIyMDA3ODI1&sigh=j0NsqKWqN9s&template_id=484&tpd=AGWhJmtxBaoy9Ufr1NcOE6VrQ1NtknDj2roXmONUu1UXH7P8aA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Mar 2021 15:30:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8069427594818656131/ Frame A947 26 KB
26 KB 23ms
14ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8069427594818656131/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d842df61112542a09a4b9ab985a9805c5479c67ab6c17922e282fbf3fa9904a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:42:31 GMT
x-content-type-options: nosniff
age: 290867
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26423
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 11:40:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 06:42:31 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14655860395488168549/ Frame A947 4 KB
4 KB 22ms
13ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14655860395488168549/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d22fcbeac879b62d00d1dc838fcccfe3c2ecc797cad9831cba2ca4d926c7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 14:31:13 GMT
x-content-type-options: nosniff
age: 3545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3607
x-xss-protection: 0
last-modified: Wed, 27 Mar 2019 05:41:53 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Mar 2022 14:31:13 GMT

GET
DATA 200
OK truncated
/ Frame A947 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6933 143 B
226 B 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=2132116195&pi=t.aa~a.4230793914~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=2&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280&nras=3&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=yZdCl8IQg7&p=https%3A//marikpost.net.ua&dtd=57

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 30 Mar 2021 14:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2933
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9E50 1 KB
864 B 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Mar 2021 16:59:40 GMT
expires: Tue, 30 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 81039
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1023 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSBkfCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwAFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZOm3syr-fsEfrZGqgLiwb-uWuCABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi0zNTk1NjYxODIyMDA3ODI1&sigh=soMdXCmllHc&tpd=AGWhJmuzTftUSeJ1BUamNPl_NZOPBuTFYtTU5dazBiqouCaPfg

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Mar 2021 15:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1023 0
0 34ms
15ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jsyg7tdgx3fwqpjegt22deakamnswpg1jj7gg8peshgwcc9z7kv1wdzdejjg9ffyfp3mw86ts4fvdc2pjcj7b51r4pq62n60r41a46a3fm6kfkrb505ssmxebqpjz7v3qjx18gndjs5dtp5hw928epeaekf7a2wztx1n92s4z6td1pwkvmfg0k9eg2nn02qz9vzrf6c73dsev74a2v2crjsqq7bwnvb1tddeewzbbzactb8h8nr9y183m3c3zcqne4waht2995mzjdazxypwsvjp3n1v206ab499ps9k37kybmpphm4rc913gxfw6zbe071wjp1vk0s4ghgzy8gjb12g4eexhyp7g0wrb2gndzk8sf27e13fx5ye3y3cvf6xep2c91t&b=YGNECgAK3uEK4CRPAAchRQ3mqa0aCZwhlV3vTw
Requested by: Host: marikpost.net.ua
URL: https://marikpost.net.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 30 Mar 2021 15:30:19 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 5869 2 KB
2 KB 43ms
25ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7dabf6ed2991db97570d496fc9fccaea699d6f4fed6b77b1c18a4a93b93f01e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da7838fb7f2652211748b154a944548f31617118219; expires=Thu, 29-Apr-21 15:30:19 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7rdk
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09255ae322000005e91c116000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 638260e50abd05e9-FRA
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 1023 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:29:06 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C47 1 KB
854 B 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Mar 2021 16:59:40 GMT
expires: Tue, 30 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 81039
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1023 118 KB
36 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 1023 12 KB
5 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:30:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1023 0
0 15ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSUJVwdKIG7tKusE-eX7lOxfyfT_vIFDeJL7xEPVjrqDuXxVqU3q_ZUV930q7j-COmACp7sAa6zV9H3OekdQ6nQTD6sQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 8c77a2c821ca4e98b0049784c1486a62.js Show response
www.gstatic.com/mysidia/ Frame 1258 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8c77a2c821ca4e98b0049784c1486a62.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0c5f7a8de37a02414756f98e8e57a5b396961226b912f832c1c2b1590fb73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 07:29:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 115242
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2797
x-xss-protection: 0
expires: Sun, 27 Jun 2021 07:29:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1258 4 KB
713 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 14:24:00 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
DATA 200
OK truncated
/ Frame A947 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5bfa02fd3c35c755623ac6b9bc3cd412beac4f4c2ffa05bf181ff2a2f1ef2e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A947 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 15:37:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 604367
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Wed, 23 Mar 2022 15:37:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame A947 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:20:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 292172
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:20:47 GMT

GET
H3-Q050 200 3aa3fb99195f3894d7dec54cc5b479a1.js Show response
www.gstatic.com/mysidia/ Frame 1258 8 KB
4 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 15:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 03:37:36 GMT
server: sffe
age: 603385
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3798
x-xss-protection: 0
expires: Mon, 21 Jun 2021 15:53:54 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 1258 1 KB
980 B 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:25:30 GMT

GET
H3-Q050 200 42fcf8bf7a7866de9163eb604d46e59a.js Show response
www.gstatic.com/mysidia/ Frame 1258 3 KB
2 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42fcf8bf7a7866de9163eb604d46e59a.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd2d99e6e5124043d247cc2cdf999365ee5b7c914726a18901604f3f5095abe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 00:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 401165
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1294
x-xss-protection: 0
expires: Thu, 24 Jun 2021 00:04:14 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 1258 17 KB
7 KB 37ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:19:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 1258 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:29:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1258 118 KB
36 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 1258 12 KB
6 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:30:03 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 1258 0
0 49ms
34ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4dP20ejLZPGU-9Z6ahTIcpv0--5sst6MsayP0iCvaGaVFQVn9FiIYzaG6PwR3__C5dyy6aymH17qWf0vgolx0S3t1IQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 0d892f21276454e9a338c8a4ad11a214.js Show response
www.gstatic.com/mysidia/ Frame 1258 24 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d892f21276454e9a338c8a4ad11a214.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8687e90791df4582658ad44eb7a20b332e8593811f9ae96d5b1a37b6086953ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 12:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 23:49:33 GMT
server: sffe
age: 11803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10348
x-xss-protection: 0
expires: Mon, 28 Jun 2021 12:13:36 GMT

GET
DATA 200
OK truncated
/ Frame 1023 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9de61d49cd1fb868e020d41adcce38e783b2835504ba4e5ed87b15f1f300ce20

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9E50 35 B
463 B 26ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE9SsosXYP3aJyteBrUy3NA&google_cver=1&google_push=AQvitUJ8dIEOOVam-BrME1rdF-0DwCe7hi2T-C1f0roefmjkyZS5ZOr4QDMn0ECrHBfSRWyd92th_lHIRMj45WaAlyk4W38Z9Qi6WQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E50
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUIS8A38FB9brlDAPJHOI4po5OMCE-ngMcmpozfSyURHNTx2ry9ThzgJk9_UkjDZJ08RspioEANuNtS25UaRL1d1V6JHJ3120g&google_gid=CAESEFsV-ABGOR6QochBz77bIS0&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIuIjYMGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVJUzhBMzhGQjlicmxEQVBKSE9JNHBvNU9NQ0UtbmdNY21wb3pmU3lVUkhOVHgycnk5VGh6Z0prOV9Va2pEWkowOFJzcGlvRUFOdU50UzI1VW...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXVwWmU3T0FuZmZSR245MlEwZzFXTUVBakNzamxkdE80UHdsLXZzQUJMMA==&google_push

170 B
190 B

45ms
44ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXVwWmU3T0FuZmZSR245MlEwZzFXTUVBakNzamxkdE80UHdsLXZzQUJMMA==&google_push

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 30 Mar 2021 15:30:19 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXVwWmU3T0FuZmZSR245MlEwZzFXTUVBakNzamxkdE80UHdsLXZzQUJMMA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E50
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKnfVuS...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKnfVuS...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzNzU3NTM1ODU2Mzg4Nw%3D%3D&google_push=AQvitUKnfVuSv1GzLPJ_0ZV8Uff5H9odMNgOLQMlwVdvxHa28eQcSoL5AH3ph7w6ykSQyX...

170 B
213 B

53ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzNzU3NTM1ODU2Mzg4Nw%3D%3D&google_push=AQvitUKnfVuSv1GzLPJ_0ZV8Uff5H9odMNgOLQMlwVdvxHa28eQcSoL5AH3ph7w6ykSQyXiqXCJzz8i43KejPTU06GFzN0zJliKNXw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzNzU3NTM1ODU2Mzg4Nw%3D%3D&google_push=AQvitUKnfVuSv1GzLPJ_0ZV8Uff5H9odMNgOLQMlwVdvxHa28eQcSoL5AH3ph7w6ykSQyXiqXCJzz8i43KejPTU06GFzN0zJliKNXw
Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:20 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E50
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEELQ8jda7iFchKEvdBOPP3Q&google_cver=1&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis
https://rtb.openx.net/sync/dds?google_gid=CAESEELQ8jda7iFchKEvdBOPP3Q&google_cver=1&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis&google_hm=26k-72j5yUU0tTZM-i6dhA==

170 B
190 B

45ms
45ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis&google_hm=26k-72j5yUU0tTZM-i6dhA==

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:18 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKFrWjYaSjDVrjcd5Zrpcq5HIvc2Oa0OPDlXiS1TM1ja-9Rh_ozMhm5xyJ9HwhtXG3YUmcjeTI4SZL3uxDoHFRXxfXuhEis&google_hm=26k-72j5yUU0tTZM-i6dhA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: sl9nnav6gm0tbih4amgq2su4dvfs09f4

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E50
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xFTTSZgTQ26tQ6INtn122A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

50ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xFTTSZgTQ26tQ6INtn122A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULO141gQJVn18MS9eKbRUE7tNi3RiNMRBI4YGYhymRVKntCPT5pZC3W2TU6gpyuL8FU5CAoaA6Cbmt_-Ir8_toUTN_Y1nAHpQ

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xFTTSZgTQ26tQ6INtn122A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULO141gQJVn18MS9eKbRUE7tNi3RiNMRBI4YGYhymRVKntCPT5pZC3W2TU6gpyuL8FU5CAoaA6Cbmt_-Ir8_toUTN_Y1nAHpQ
Date: Tue, 30 Mar 2021 15:30:19 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E50
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENazMSmUQgWHElN5yR7sfTY&google_cver=1&google_push=AQvitULRzGcwKkxRRjWizuJjq9W32qqb7VrWfeyUMT-Rmf6rUisnY8mqn1r6Irl7t5zNMAcdE-s...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOVVgtMjAtNVVCTQ==&google_push=AQvitULRzGcwKkxRRjWizuJjq9W32qqb7VrWfeyUMT-Rmf6rUisnY8mqn1r6Irl7t5zNMAcdE-sTeo4Dh50KBDYSOHDXyulgwOCuFw

170 B
190 B

53ms
53ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOVVgtMjAtNVVCTQ==&google_push=AQvitULRzGcwKkxRRjWizuJjq9W32qqb7VrWfeyUMT-Rmf6rUisnY8mqn1r6Irl7t5zNMAcdE-sTeo4Dh50KBDYSOHDXyulgwOCuFw

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOVVgtMjAtNVVCTQ==&google_push=AQvitULRzGcwKkxRRjWizuJjq9W32qqb7VrWfeyUMT-Rmf6rUisnY8mqn1r6Irl7t5zNMAcdE-sTeo4Dh50KBDYSOHDXyulgwOCuFw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9E50
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_push=AQvitUJ8b23jQcCii8HntD28BEGd5yFmfo-QH...

170 B
190 B

46ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_push=AQvitUJ8b23jQcCii8HntD28BEGd5yFmfo-QHAzMtOFQ9zRGfQSbQtKR7gIsUMEaSlyprkqe-vHR3MW_faEaKdPH8VwmcUMDE_duGA

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEGXBPtnHAeAMykdQY3r1D_U&google_push=AQvitUJ8b23jQcCii8HntD28BEGd5yFmfo-QHAzMtOFQ9zRGfQSbQtKR7gIsUMEaSlyprkqe-vHR3MW_faEaKdPH8VwmcUMDE_duGA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9E50 0
236 B 124ms
42ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSAd2eFnWBC35jKz5P3D-qhI-9VrmUGNairmeTcLPewcJuXBC5DbdjM6EHkWSSvvdC8crI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6933
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
114 B

14ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk6LOmRzHOe3UZ9cvMMc9FfwMTClO02lLGPx-Vj7SynDL1Rp2mrMqrJ3hzxnq0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 15:30:19 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 30-Mar-2021 16:30:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 15:30:19 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 15:30:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F39 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 13:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 7079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Wed, 30 Mar 2022 13:32:20 GMT

GET
H2 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 5869 58 KB
58 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=hiljLg==, md5=+lvqF0TsKKKClDdg0n1GpA==
date: Tue, 30 Mar 2021 15:30:19 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1312632
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uwujar11Vkwh6U6n2MXFne7AWYJGqCzROZDlvajsE11nvMJCQziEfwndO5biOTHJ84pHc8ApwhyUSOSXqNIPW1AgPvCqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58969
cf-request-id: 09255ae417000005e93a32e000000001
last-modified: Mon, 15 Mar 2021 10:52:33 GMT
server: cloudflare
etag: "fa5bea1744ec28a282943760d27d46a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eAaUCyh1bB7bhRFWoArmLYWlhJs%2BebKiw7wENEopDcLP1MG7I0MGNcY%2FD2GFw0hrViqRKvD2%2F56YhvB4sWQEQ6M0EgX8gkoc1QhA12yGxEK7fvd5"}]}
x-goog-generation: 1615805553645751
content-type: text/css
expires: Tue, 15 Mar 2022 10:53:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 638260e68cf805e9-FRA
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 5869 53 KB
15 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 684ff092700c7b5f8852994d1795a7246c204d0f97e64f1dc34a4a07d1dc4d82

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=0RPMmQ==, md5=Ohk2wK1I/f+nXoeuNDBp3g==
date: Tue, 30 Mar 2021 15:30:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 68812
cf-polished: origSize=53797
x-guploader-uploadid: ABg5-UxU0fzbIYV3cROO_rTGW67rl4pxxqoGI_dV3c1A6jAx2ZK_9UpAwD17BnIAA7tlqjlI5zcEH4KhTSPQ74z6XcMq33qgrg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09255ae417000005e9199c0000000001
last-modified: Wed, 24 Mar 2021 20:23:06 GMT
server: cloudflare
etag: W/"3a1936c0ad48fdffa75e87ae343069de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Kc7Mx%2Fh0fM3OyaFze3aMVduC2DIEosGks2Yf0tK0psQBBCmuDFyAl0ReEiwMsQ7HwZzry10BKiTxvPDPJRhGoCZxwrA7h%2B058%2BgZzkkrKpHFXEz"}]}
x-goog-generation: 1616617386640534
content-type: application/javascript; charset=utf-8
expires: Mon, 29 Mar 2021 20:23:27 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 15196
cf-ray: 638260e68cfa05e9-FRA
cf-bgj: minify

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13499413586715863570/ Frame 1258 28 KB
28 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13499413586715863570/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85bfcb0ce20c244365ded7b5381302cd4fa77cbdce9ae658b9e136e6f315cd18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 04:31:53 GMT
x-content-type-options: nosniff
age: 298706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28171
x-xss-protection: 0
last-modified: Sat, 09 May 2020 06:49:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 04:31:53 GMT

GET
DATA 200
OK truncated
/ Frame 1258 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
46 B 39ms
38ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEAMhAACIehSihEAwBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 39ms
39ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEAohAAAADK5HAkAwBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 38ms
38ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEA0hAAAAADy5jj8wBAoNEB4qBzM2MHgyODAwBAoNEBkqBzM2MHgyODAwBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 39ms
39ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEA4hAAAAADy5jj8wBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 43ms
43ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEBAhAAAAAAAU20AwBAoNEBEhAAAAAADdyUAwBAoNEBIhAAAAAAAAFEAwBAoNEBMhAAAAAAAACEAwBAoNEAQhAADkE67WhEAwBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 43ms
43ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEA8hAAAAADy5jj8wBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 43ms
43ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEBQhAAAAAIBBy0AwBAoNEBUhAAAAAAAAHEAwBAoNEBYhAAAAAAAAEEAwBAoNEAUhAADYeRTfhEAwBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1258 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGSM4CkRjYPzdKaGmx_AP1_ey-ATd86_vYbz4y6jcC-HNouTNGhABIILer09glYq4gsgHoAGv7PPfAsgBCakCzp8NXGGusz6oAwHIA8sEqgTVAU_QcueLVUogERrMuRFt6V28PnpLLvXwDNqA0SAHsRZcpxpMnixph1VsqgynpYePraJS3E5Wgdo_TUdzzj1Rt0iK8bhY9IcniE2EmEOzqbfNrDAp19Uerwi8ce-sLcXoeQJbGby8Sc_O8nFNZA9w9m9ynT2zdXXHYlcz4Mrt9HAgeZ1yG8rkMS3Dr9q5W19gP3YhsBEPCcSg3TJrnEffnglpuPqDuK6Hc6x4St2ZKdCRoxx8kuV_Z_PTthyHmvIzgGH4hSKjP9J0KuhlF8Fh8TtTp1nsTsAE0qap7_sCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7mTjKABqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENGdCtIICQiA4YAQEAEYH4AKAcgLAdgTDIgUArIXGgoYCAASFHB1Yi0zNTk1NjYxODIyMDA3ODI1&sigh=dzxR6v2il40&template_id=5000&tpd=AGWhJmvWJND3f4iZf4laWnFu4TlmHWBOW_CKc9J4Wnm23Y4eOQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Mar 2021 15:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F60B 1 KB
750 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Mar 2021 16:59:40 GMT
expires: Tue, 30 Mar 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 81039
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9C47 35 B
210 B 13ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDbTNXBuL7pDOumNeTxNN2o&google_cver=1&google_push=AQvitUKjRSQtUwExE7niYA54Cr6pUibqC6R3_LEFzyMH3rkF2KJeRwhJRle9bLz7vdP9kZpOXqL55ik3RgStX4ZIqS-daBs-LQo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9C47
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEFhaahK8qBocDNkZIzv71-k&google_cver=1&google_push=AQvitUILo7NpFTuDLFDh61o-4aTCVIhDWTzavi_YgvSR-wzfmbbJ0C5CbQhyj8ayODf6hMPNtCcOUGST5mHO-HzC3MQG0jcqHK0
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VGaGFhaEs4cUJvY0ROa1pJenY3MS1r

170 B
190 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VGaGFhaEs4cUJvY0ROa1pJenY3MS1r

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:19 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VGaGFhaEs4cUJvY0ROa1pJenY3MS1r
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9C47
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDoZFp1UUyopSrKGYg394HA&google_cver=1&google_push=AQvitUKtMn6xhOeVKRZziQJA1Gczpr5oWCFkg83Gvyp7t34db1c1C84AfE7e9C4WK-heZa6G6uTFhP518UdH_MrwEsbpfpHYrQ
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKtMn6xhOeVKRZziQJA1Gczpr5oWCFkg83Gvyp7t34db1c1C84AfE7e9C4WK-heZa6G6uTFhP518UdH_MrwEsbpfpHYrQ&google_hm=26k-72j5yUU0tTZM-i6dhA==

170 B
287 B

53ms
52ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKtMn6xhOeVKRZziQJA1Gczpr5oWCFkg83Gvyp7t34db1c1C84AfE7e9C4WK-heZa6G6uTFhP518UdH_MrwEsbpfpHYrQ&google_hm=26k-72j5yUU0tTZM-i6dhA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKtMn6xhOeVKRZziQJA1Gczpr5oWCFkg83Gvyp7t34db1c1C84AfE7e9C4WK-heZa6G6uTFhP518UdH_MrwEsbpfpHYrQ&google_hm=26k-72j5yUU0tTZM-i6dhA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: vp27givd1oh1kv15ipsi1nmihu6qjhid

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9C47
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

46ms
46ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULwT9NkWt3USInL8_eh91yhvGEwH35yk5xPnu4paZNJ2MFsAo93rzoXW-LAlKcgQD8B8-KDZbH0NY_rO0N0si_RnKJK-Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULwT9NkWt3USInL8_eh91yhvGEwH35yk5xPnu4paZNJ2MFsAo93rzoXW-LAlKcgQD8B8-KDZbH0NY_rO0N0si_RnKJK-Q
Date: Tue, 30 Mar 2021 15:30:17 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9C47
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPbXdqGS8AsT71ViKqZUkx4&google_cver=1&google_push=AQvitUJv4ypOk4_V71sy5QSD8ISBGjbfPh5nfqPe41xxXMKfp7-D-WyYXo-Yl5vH3qey0VGrnx-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOWDQtMjItQUE1Vg==&google_push=AQvitUJv4ypOk4_V71sy5QSD8ISBGjbfPh5nfqPe41xxXMKfp7-D-WyYXo-Yl5vH3qey0VGrnx-jHr46iKdrnDSMyd_iYEaYDA

170 B
190 B

45ms
44ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOWDQtMjItQUE1Vg==&google_push=AQvitUJv4ypOk4_V71sy5QSD8ISBGjbfPh5nfqPe41xxXMKfp7-D-WyYXo-Yl5vH3qey0VGrnx-jHr46iKdrnDSMyd_iYEaYDA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZOWDQtMjItQUE1Vg==&google_push=AQvitUJv4ypOk4_V71sy5QSD8ISBGjbfPh5nfqPe41xxXMKfp7-D-WyYXo-Yl5vH3qey0VGrnx-jHr46iKdrnDSMyd_iYEaYDA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9C47
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_push=AQvitULVQkf0j30puUElfo7i2JXGsMYikdTyZ...

170 B
190 B

47ms
47ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_push=AQvitULVQkf0j30puUElfo7i2JXGsMYikdTyZ_FyCg5kD1ByyVRGeCAboEQmgJFpvMXXbVsrpmQdhbUUZQhQAWe5VUo19AOcbQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_cver=1&google_gid=CAESEAe8PhMCP6JOKx3RkU8vNsU&google_push=AQvitULVQkf0j30puUElfo7i2JXGsMYikdTyZ_FyCg5kD1ByyVRGeCAboEQmgJFpvMXXbVsrpmQdhbUUZQhQAWe5VUo19AOcbQ
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 9C47
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECrwJtf3D3H3thfwHuUv1vc&google_cver=1&google_push=AQvitUJ0Cq0PCud0lcFpTVxo...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ0Cq0PCud0lcFpTVxoW3o2ObiS92VeYXv_mU5kuy_7_V6rMCRukI3xsL8vJW9ev3l6jDDVMVJCiF1MgVNbDAcVi0hGNpBS&google_hm=

170 B
190 B

45ms
45ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ0Cq0PCud0lcFpTVxoW3o2ObiS92VeYXv_mU5kuy_7_V6rMCRukI3xsL8vJW9ev3l6jDDVMVJCiF1MgVNbDAcVi0hGNpBS&google_hm=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJ0Cq0PCud0lcFpTVxoW3o2ObiS92VeYXv_mU5kuy_7_V6rMCRukI3xsL8vJW9ev3l6jDDVMVJCiF1MgVNbDAcVi0hGNpBS&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 29 Mar 2021 15:30:19 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C47 0
223 B 104ms
56ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOiYWa3pN_e18fZnbdBya6fpAGReBxexY31e47uXZy6GEXhJ6AIuG-UKgGcBuxGPQazdXy3g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=658502821&pi=t.aa~a.4230798441~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1105&idt=2&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280%2C393x280&nras=5&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=VvFWVR63oz&p=https%3A//marikpost.net.ua&dtd=72

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/ Frame 4FB7 30 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb51d2e4ca8afb54c4d1927453e2021e9b2bb0da4e50fdc7209ad9ab0e03c124

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 25 Mar 2021 10:54:52 GMT
expires: Fri, 25 Mar 2022 10:54:52 GMT
last-modified: Tue, 16 Feb 2021 10:02:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 3851
age: 448527
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B2E 0
0 46ms
44ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cx4JKCkRjYJ6tK_Cn7gPp8IBInp3yi2HS14rfpw2_4R4QASCC3q9PYJWKuILIB6AB2qmj7QLIAQmpAs6fDVxhrrM-qAMByANIqgTaAU_QAm76p131qV9Av5dX1h9BAoMnNxZl9BFWIvQpJN8f4mAEUTDE3uSEspPaTS1g9wibvhe4SlcWH0tdcuaroa5Q-TgnSPjilDBX-5BUmdpGqkGeCVUkyHes2cXyEq6jefPTxUWt8ELCTpV_ccBxo7BHkfnnon_sCx2K2-gS7eociDS9UGxsL9htNFbueGztGtJCRRlRYYnEtwWRGdJxmFow9_Xh0L7vjYJopHFAIZ2si6HtvCIKAi4jMSef6SUMtSb5rNm6ZeNIRBovLF6wKvHawdgYkifVwBLzwASy2rPJkQKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxt-QDKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCr2gbSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItMzU5NTY2MTgyMjAwNzgyNQ&sigh=sdpORmq8844&template_id=419&tpd=AGWhJms13C3RxmXApc7Q7QkexEmiqqNfqvxdgBYRWiwelrOcTg

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=1391495236&adf=2082721316&pi=t.aa~a.1343261652~rp.4&w=393&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=393x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1104&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=1jhAcwVyS3&p=https%3A//marikpost.net.ua&dtd=64
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Mar 2021 15:30:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 0B2E 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=1391495236&adf=2082721316&pi=t.aa~a.1343261652~rp.4&w=393&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=393x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1104&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=1jhAcwVyS3&p=https%3A//marikpost.net.ua&dtd=64

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:19:55 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 0B2E 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:29:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B2E 118 KB
36 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 0B2E 12 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Apr 2021 15:30:03 GMT

GET
DATA 200
OK truncated
/ Frame 1258 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00d0f7ed2516f90e948a42996a2fbdb6eb5ccc2e607b7e9e542843156352ddd8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 40ms
40ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEBchAABE1aMCiEAwBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5869 3 KB
4 KB 286ms
19ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1573
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-request-id: 09255ae5cb00004a68b5099000000001
last-modified: Thu, 08 May 2014 12:48:39 GMT
server: cloudflare
etag: "536b7d27-cbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qBb2%2FYVBUyG6nWlgBw%2FvfbOHNnywpjZ4wAUbHd4yYbfvn6Z8gdOaTMsXq5jtmVIS3zuDZB05Zi2ZpRLR0s9P7VnT6%2Fo6BkAEBi1RGnAatZT9m02t3on6pIMGNlREgDQvhw%3D%3D"}]}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 638260e949b34a68-FRA

GET
H2 200 frame.html Show response
ad4m.at/ Frame 033D 2 KB
1 KB 14ms
14ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
content-type: text/html
set-cookie: __cfduid=dd4b0bbc32ff71894de5c3caf205130211617118219; expires=Thu, 29-Apr-21 15:30:19 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires: Tue, 30 Mar 2021 16:30:19 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 978950
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 09255ae5b9000005e9f1973000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ucCZjzEtiXNFzwnxiDKM5bSByZc2zZN10ChORmKksqLjvoNOevQd7tPKAsGhQ%2FLYF%2B53Xu%2B1hB2KlmfdKHXasY%2BaI9OrqEl%2Bu2hZAOfoSGcYvMJT"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 638260e9298705e9-FRA
content-encoding: br

GET
H2 200 dpixel
cms.quantserve.com/ Frame F60B 35 B
210 B 13ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE3NmXmoK-BapYYzc1dYEms&google_cver=1&google_push=AQvitUJ8Lk-yQxNij_DyV75uKHKXI_nQW3PBDrBSQjH-lDCdFmwkJKZse1olLFJZoAgGzpLieaTsRg_8AXNcjO0SkQnWjMcmUMfqUg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame F60B 42 B
319 B 78ms
72ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKe6-rdI0FtlVB8WlGFktKhplXy-WrTVuhkPnA6xRctiewlG4Ev6ne9SoEoFcMFGD3mOotvyW6fjf-jrG5lAPa0MxeiXuVBJQ&google_gid=CAESEBim6Vb1V_sMgxjMyaTbKJA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 15:30:19 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F60B
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdHPpM...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIdHPpM...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzODc2MzYxNDM5OTAxNg%3D%3D&google_push=AQvitUIdHPpMPLRzn9DoZTPFsu0aXcaprjyeg1fuXIBcCX2OWf3O5ER3MlxbSkJ7w7L09f...

170 B
190 B

45ms
45ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzODc2MzYxNDM5OTAxNg%3D%3D&google_push=AQvitUIdHPpMPLRzn9DoZTPFsu0aXcaprjyeg1fuXIBcCX2OWf3O5ER3MlxbSkJ7w7L09fhbMGDRiN2mCLOE-dMOobQZEjNA-T_4sQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMzAxNTMwMjAzODc2MzYxNDM5OTAxNg%3D%3D&google_push=AQvitUIdHPpMPLRzn9DoZTPFsu0aXcaprjyeg1fuXIBcCX2OWf3O5ER3MlxbSkJ7w7L09fhbMGDRiN2mCLOE-dMOobQZEjNA-T_4sQ
Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:20 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F60B
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBy9I7DFfU2yn6RwAUyovRs&google_cver=1&google_push=AQvitUKHGMveviUA_oKrWAwMV7yq_cJFL1u-TxG9Pyas0bfM9V4wzY_v93gf7G7QEEGLBNqZyFRBm6jIbsyElg1NEb_Hmbv0IYar4A
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKHGMveviUA_oKrWAwMV7yq_cJFL1u-TxG9Pyas0bfM9V4wzY_v93gf7G7QEEGLBNqZyFRBm6jIbsyElg1NEb_Hmbv0IYar4A&google_hm=26k-72j5yUU0tTZM-i6dhA==

170 B
190 B

52ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKHGMveviUA_oKrWAwMV7yq_cJFL1u-TxG9Pyas0bfM9V4wzY_v93gf7G7QEEGLBNqZyFRBm6jIbsyElg1NEb_Hmbv0IYar4A&google_hm=26k-72j5yUU0tTZM-i6dhA==

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKHGMveviUA_oKrWAwMV7yq_cJFL1u-TxG9Pyas0bfM9V4wzY_v93gf7G7QEEGLBNqZyFRBm6jIbsyElg1NEb_Hmbv0IYar4A&google_hm=26k-72j5yUU0tTZM-i6dhA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: k9potfhp557dkqkfsrvq7p0ifi43caol

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F60B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

51ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKmu0IsNxKvtiTg9OZHN5Ty_OU9OhW1MOQxt-CO7fm9xAFwXrhNxO-zX0d-KkfVmhbg5bMhOn0p6ZIvHwFcQGkEPPqTrh1ZWA

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nYSw5wjzSCGa7r4IMg4r2Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKmu0IsNxKvtiTg9OZHN5Ty_OU9OhW1MOQxt-CO7fm9xAFwXrhNxO-zX0d-KkfVmhbg5bMhOn0p6ZIvHwFcQGkEPPqTrh1ZWA
Date: Tue, 30 Mar 2021 15:30:19 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F60B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFjRTBvuidpD-JLebmxMXTA&google_cver=1&google_push=AQvitUL6uNEH7RkGrpxqSMba8DEh-Dh17IxzqpHl-Fwj7zry2ydya8popYa8mBFRDe2i6Pj2rUL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZPNEUtMU8tQjhLMQ==&google_push=AQvitUL6uNEH7RkGrpxqSMba8DEh-Dh17IxzqpHl-Fwj7zry2ydya8popYa8mBFRDe2i6Pj2rULoGFCRBWYBtcNfLreDeiOUCUl94Q

170 B
190 B

52ms
51ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZPNEUtMU8tQjhLMQ==&google_push=AQvitUL6uNEH7RkGrpxqSMba8DEh-Dh17IxzqpHl-Fwj7zry2ydya8popYa8mBFRDe2i6Pj2rULoGFCRBWYBtcNfLreDeiOUCUl94Q

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01XNkZPNEUtMU8tQjhLMQ==&google_push=AQvitUL6uNEH7RkGrpxqSMba8DEh-Dh17IxzqpHl-Fwj7zry2ydya8popYa8mBFRDe2i6Pj2rULoGFCRBWYBtcNfLreDeiOUCUl94Q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame F60B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPrUjJaztQNoj6Y83r1y4BE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_push=AQvitULGLFnARpeHBzg4NoLZG7NDhAzYxCwXuMjN8H0o-uyhpEq8y2aaQGRdSLW_aIyGTTcfk4RpB8wKKczogM9P8u...

170 B
190 B

50ms
50ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_push=AQvitULGLFnARpeHBzg4NoLZG7NDhAzYxCwXuMjN8H0o-uyhpEq8y2aaQGRdSLW_aIyGTTcfk4RpB8wKKczogM9P8uMTznnXX20ozQ&google_gid=CAESEPrUjJaztQNoj6Y83r1y4BE&google_cver=1

Requested by

Host: marikpost.net.ua
URL: https://marikpost.net.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGNECwT2J538MbL194ePbAAABKUAAAAB&google_push=AQvitULGLFnARpeHBzg4NoLZG7NDhAzYxCwXuMjN8H0o-uyhpEq8y2aaQGRdSLW_aIyGTTcfk4RpB8wKKczogM9P8uMTznnXX20ozQ&google_gid=CAESEPrUjJaztQNoj6Y83r1y4BE&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame F60B 0
16 B 46ms
42ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8q-mwk2Snzt0xVy9NILrbJisycTnNxY9fkkBIJVPeRwCCaAHCSljksPuKAbrBP2XoU3KA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:19 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1258 0
23 B 40ms
40ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIASoGc3F1YXJlCgoIAioGc2VydmVyCisIBConbXlzaWRpYV9hbmFseXRpY3NfZXhwMSx2aWRlb19ob3RmaXhhYmxlCgUIBioBMAoNEBghAAAQ4fqAkEAwBBIaQ1B5SzhPZXEyTzhDRlNIVEVRZ2QxN3NNVHciJ3RleHQvamVhbl9ncmV5X3YyX29jaF9vbl9sb2tpX2xvbmd0aXRsZSgV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3aa3fb99195f3894d7dec54cc5b479a1.js?tag=pingback

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 1258 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:36:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 291243
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:36:16 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 1258 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:46:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 578626
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Wed, 23 Mar 2022 22:46:33 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDBA 143 B
216 B 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=1391495236&adf=2082721316&pi=t.aa~a.1343261652~rp.4&w=393&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=393x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1104&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=1jhAcwVyS3&p=https%3A//marikpost.net.ua&dtd=64
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk6LOmRzHOe3UZ9cvMMc9FfwMTClO02lLGPx-Vj7SynDL1Rp2mrMqrJ3hzxnq0; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=1391495236&adf=2082721316&pi=t.aa~a.1343261652~rp.4&w=393&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=393x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=1&bdt=1104&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C360x280%2C360x280&nras=4&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=1jhAcwVyS3&p=https%3A//marikpost.net.ua&dtd=64

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 30 Mar 2021 14:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2933
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0B2E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 019f0d476f34f29b8c99ff3504862bf7a8f4c6a3321d97d57e99de60f9af7776

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame A366 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3595661822007825&output=html&h=280&adk=2692089315&adf=3063398229&pi=t.aa~a.4230804008~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1617118218&rafmt=1&to=qs&pwprc=2906320893&psa=0&format=360x280&url=https%3A%2F%2Fmarikpost.net.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617118218619&bpp=4&bdt=1105&idt=-M&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8560235720329&frm=20&pv=1&ga_vid=1049094790.1617118218&ga_sid=1617118218&ga_hid=384126198&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1030&ady=1499&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44736524%2C21068083%2C44740079%2C44739387&oid=3&pvsid=2030265228215640&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=457Yk5UJ17&p=https%3A//marikpost.net.ua&dtd=45

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 13:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 7079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Wed, 30 Mar 2022 13:32:20 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0B2E 0
433 B 77ms
42ms Other
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7a8eeq2O8CFfCTewodaTgACQ&gqi=CkRjYPfQKtbpgQectrXIAw&layout=/sadbundle/%24csp%253Der3%24/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4FB7 9 KB
4 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 31 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4FB7 22 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 31 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 4FB7 4 KB
711 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 14:28:27 GMT
server: ESF
date: Tue, 30 Mar 2021 15:30:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 15:30:19 GMT

GET
H3-Q050 200 bild.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 4FB7 71 KB
71 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/bild.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01db69cca8062a2c1def13f84d5a681ad07b5d046f5871d65856ef55ccf6973f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 378130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72732
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:02:03 GMT
server: sffe
date: Fri, 26 Mar 2021 06:28:09 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 06:28:09 GMT

GET
H3-Q050 200 textbox.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 4FB7 3 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/textbox.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7c16a2634176ae1011cf12236608a573a5bfa50685e2e2884cf2da48e22769

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 556367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1592
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:02:03 GMT
server: sffe
date: Wed, 24 Mar 2021 04:57:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 04:57:32 GMT

GET
H3-Q050 200 einzelpreis.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 4FB7 3 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/einzelpreis.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d4436dc6b96cb1da16005f77fd69a3fd05cad38ab283411cb2437a7dbcc9b8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 361984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1243
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:02:03 GMT
server: sffe
date: Fri, 26 Mar 2021 10:57:15 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 10:57:15 GMT

GET
H3-Q050 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 4FB7 2 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 187093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:02:03 GMT
server: sffe
date: Sun, 28 Mar 2021 11:32:06 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Mar 2022 11:32:06 GMT

GET
H3-Q050 200 cta-icon.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 4FB7 198 B
386 B 12ms
12ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/cta-icon.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 430477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:02:03 GMT
server: sffe
date: Thu, 25 Mar 2021 15:55:42 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 15:55:42 GMT

GET
H3-Q050 200 cta-text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 4FB7 1 KB
842 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/cta-text.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8465079287002710380/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 346504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 10:02:03 GMT
server: sffe
date: Fri, 26 Mar 2021 15:15:15 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 15:15:15 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4FB7 15 KB
15 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 15:00:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 347377
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Sat, 26 Mar 2022 15:00:42 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 4FB7 14 KB
14 KB 14ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 07:39:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 460247
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 25 Mar 2022 07:39:32 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDBA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

14ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk6LOmRzHOe3UZ9cvMMc9FfwMTClO02lLGPx-Vj7SynDL1Rp2mrMqrJ3hzxnq0; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 15:30:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 30-Mar-2021 16:30:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 15:30:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 15:30:19 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 8B77 1 KB
1 KB 18ms
11ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:20 GMT
content-type: text/html
set-cookie: __cfduid=d2e6e95f5af3ffbdac876309aa2bf03951617118220; expires=Thu, 29-Apr-21 15:30:20 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 1586
cf-request-id: 09255ae6ed00004a68e0b5b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GIWW9qfocTllA2dnfcrVAT8f2MDYP2l0bcRTBLggyjltCxJJMQCRCgHwvRZlPNCm46TJNUbbZ%2BEWfjT8xtW%2Bz5RSOWfVGufh4o%2F4nsNTkdjE8TX70aA5"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 638260eb1cc04a68-FRA
content-encoding: br

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FB7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 13:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 7080
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Wed, 30 Mar 2022 13:32:20 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2e7f5ae424534e76b21e9bed217cf989125356ba6178a5d52e18d73a41bb462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 15:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6524
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 30 Mar 2021 15:30:20 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 03B7 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://marikpost.net.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://marikpost.net.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 30 Mar 2021 15:18:42 GMT
expires: Wed, 30 Mar 2022 15:18:42 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 698
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 03B7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 13:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 7080
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Wed, 30 Mar 2022 13:32:20 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=2030265228215640&bg=!FxSlFFDNAAbUo7L91KM7ACkAdvg8WvuyAiIvaOH3t-VE5edZcc_gityu_Hok8_PAztg-BZk8M6N3rAIAAACJUgAAAA9oAQcKAI-F2bmV6FOCLOw6_LhGnzsfb75DBu3ZYHY6_CYevoGk79eJNR02q6qlkff6KYl9Vc7krREeSWKbQiCBcH1on4ykxeuZnfs5O94PacxNAvzDTJZpBpidPvKGzZuwMuQMs7vxcNjy9xCOfNSv9P6-Xxor322qeXpcAjmQD0W0k1PgGiz2Y9MMitmFJMzHZ7FFDZkB2ZR-l512-pajE952w7aIPwD6iNBqn8YMS0qQCz7sKqw3a501oAq-li4oHcKPZ6ntuPB1CDVXiwJA8azLb-0IRNdHhO2fcQObtwi9Ekn3ImVfKC6VJnoj7Kzxd9WcPmboIhHeD089ju4WinhvsHJkMMjPjqHVhogqceYGhIo6MvcRJ_6aw0DG0iFoKyXL8uozScimToTGCfSFInTZYTMLzZAJsA8TKJfkbXrDSOvTziaxldXSwrs5GQI3doPQqZhuUckN-rjTP3H-wpF6-qZt13GKoFD0HLeHYR_3WVyUPLesWxpP7KMOlg2mhIR3isvvT3gGMGSjyNq83QuZl0WjXb38-GAZNVKni-kTN4QVzU9FguAn_imWcMdmHPWPIvsdLE9yn_yvjXGEOQU-x9xNmqy2EoefwAWtM6udMIaqm_7ZYu5hloseZbPWqimo9u-ruU_NZ2Zb5Mp3Co11wjmu6epOEoE5BZ1TWEsQCt9U-3wD7zILn5qUsLC0cFhPBDq0dI6VsFO6gLCQFddlEXwiYzK29h_L_os2gUO1Sf72fv7lSsqjcRs3_tDl6Igyx1_bf-3KW8KGDHMFxXF5O39II05lH-cFAeLbYaw2mMIDP4bFoTtgZ7rmyrqo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marikpost.net.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 15:30:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rs Show response
ad4m.at/ Frame 5869 1 KB
2 KB 19ms
19ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2942b5fdffe461fc8f6057822d0a8ee15a8413ea751728b7f67ddfeccb00d0

Request headers

Referer: https://ad4m.at/ad/dr?ed=1h6cm66srf571gfj7jfs1x3y1a9vgzs6xrpbwr68jyrmtbq3ndy9wa39mt50mwpcwspe81skn099c338aq3dd4hsfwg4wkn7z3603knddy87yd4yf5fzwrb2ywgsmtxptebnz7q17tjmrdggy0zty7wa2xc2sm51f4b6e3n86r8ht3fye99yyqzxv5zycg5vm2yd8pb9j2cyrrjr8vx5dc4xjc5rzsnpadqq8r9j24tanty502dm7r5m4c5gda5d6e7j0excff6cymvf0z5jmb9484e3g9yfm311gsfrp4177pdnqadwf36qq882e12r5nnde87k79ezde4xk37bvpcjm396j1jtsf0rzd3nke8rh0cekb1rzr3fqexdw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%26num%3D1%26sig%3DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%26client%3Dca-pub-3595661822007825%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Mar 2021 15:30:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
x-backend-server: rs-v23g
cf-request-id: 09255aef46000005e9f9040000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WU8HOPAChYmvBSIAQu9AlupjwyDDcv0i94QrjXlUFRzLU2J5LEB2Q9mp4HUcx44rk8ArFjEH8aqjFl0imT%2FXtmO0YtWpUh5cxpKh3smGo1YnkdFb"}]}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 638260f86b3005e9-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 542E 9 KB
4 KB 23ms
21ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efe224cd432a8b1e8f4e761b9b572ab7534b91ffb236a42581fd27506020561b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:22 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5fcc74813012887a06b55a1d68d347881617118222; expires=Thu, 29-Apr-21 15:30:22 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09255aef5d000005e95b3d5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 638260f89b6705e9-FRA
content-encoding: br

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.3/one-ad/ Frame 542E 58 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.3/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:22 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 441039
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
cf-request-id: 09255aef77000005e93a3ef000000001
cf-ray: 638260f8bba305e9-FRA
expires: Tue, 30 Mar 2021 16:30:22 GMT

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 542E 18 KB
19 KB 27ms
25ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Tue, 30 Mar 2021 15:30:22 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 424838
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ABg5-UwnHcPY4fTLiGV9ljbSLHb3Cck-jIANTw-2grTOJxy1g-u1OFbMFtxKbEARvl308emVHKxzCJyiaWHHwo006fA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
cf-request-id: 09255aef79000005e95930e000000001
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DRKi3XJQmB8ZC0arzQJwCNv8xGMIwdyXPrJU%2B%2B1OqtQWEvubzaJXjLpEnYtRmy7eicaXTcuqUETSq5lVstbSeBnYdLwq2RMNnDis1G2zr3jFwtqyqZRDpzA3Vg%3D%3D"}]}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Wed, 31 Mar 2021 15:30:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 638260f8cbab05e9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 542E 2 KB
2 KB 21ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Tue, 30 Mar 2021 15:30:22 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 429057
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ABg5-Uyg-8EEmCw_FZWqXy1DjFCPrUZDc-jURet5x7tF0VlCNZH8IP9u5joVorM5CvgjlMRj1QpfLRcH4e3TpITaBBg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1598
cf-request-id: 09255aef7a000005e94a3ef000000001
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ry4G%2FsxWVo%2FIidRrw%2FkCdxW64Idjafa57mUR1skBVFxUAsAi72D5ID83vyDllSDumoXDd9ReiQX96D072BifSF1NuF3SmA1sFsB8Uy%2FLTIRZ4WBs4QofaePWw%3D%3D"}]}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Wed, 31 Mar 2021 15:30:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 638260f8cbad05e9-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 542E 43 B
703 B 170ms
72ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 542E 38 KB
39 KB 21ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Tue, 30 Mar 2021 15:30:22 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 429431
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-UwXe4GgF3I77E3EpNbSgY3MTaGfteZuvUnGNIMiz2HW_7081rBUav-oVHO1967B_MhZ-rWugPNKDCS21vfC0dg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 09255aef7a000005e9ff18a000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XQxProLpPSabo2PX3BPpRbIivoQOqz%2FpQaAeVGFj1v1cHYWKG5mSfw%2FPsVo2IXkitqYJgkSlrYZ9b4skgT9X0T18nkzqXk%2FlfIHwnlrgYaseJqRHfokvPbsrQw%3D%3D"}]}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Wed, 31 Mar 2021 15:30:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 638260f8cbb005e9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 542E 113 KB
113 KB 15ms
13ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Tue, 30 Mar 2021 15:30:22 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 666117
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-Ux6Saqq2mJJkwerXOInfdpw_yFLq7vVGg3xmI9QNMlLwkQVPnLeIeqgj2soWmM1p2JBZbVnkW60nHR9YgTmdgg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 09255aef7a000005e9703f1000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tC9OcBqV8pA%2BjWwBm8yB23ggXn4sGXp8ejAMglAlggxWcCApuflewmFRllJR2gQPKnwseYIpGRHnazzf%2FyOEAhm3jC18R2MPHHffgLDnXewVlYrFTLzmaJcDAg%3D%3D"}]}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Wed, 31 Mar 2021 15:30:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 638260f8cbb105e9-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 542E 43 B
704 B 171ms
74ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 542E 38 KB
38 KB 21ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Tue, 30 Mar 2021 15:30:22 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 423084
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-UwJZsI5BNY4TpWGhJn0yWrISTe0NC39MhCglJ4cIiaFC8hzhm7u99P0_l63LyCX8nWib50HC_zmv0aWH7fEfR4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 09255aef7b000005e9583b5000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UeUI64jlRjLkVKT0SwkBMiGoa36Q6ZzqYTmLnO1irh9X9iLfKWOGg3qLDFH0StooE2XM%2B9LFoCFhohYK3oYXxhPsQZn7In%2B3dUdUL3Yr3fP2Bp%2BYS2wUX%2BVfXw%3D%3D"}]}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Wed, 31 Mar 2021 15:30:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 638260f8cbb205e9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 542E 84 KB
84 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Tue, 30 Mar 2021 15:30:22 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1496855
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 09255aef7a000005e94701e000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MdI1s67vOnWbDwzwolvUr5Oikix1rtvC%2FOd4sw41MzdL1cf9QJJmPDKBW%2FxMqp%2FM0G%2FwFMDxaFSOHQrLdMTXEMfe%2FKeG42Q6zaNrRPIe2FrZDrT3ilhItounQA%3D%3D"}]}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Wed, 31 Mar 2021 15:30:22 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 638260f8cbb305e9-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 542E 12 KB
12 KB 318ms
131ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 3a547a0b8fe8db4e326ca2035629ad822fe7d63139c6ece5d22bd76e0d580cf4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:22 GMT
Last-Modified: Tue, 30 Mar 2021 15:30:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 542E 59 KB
60 KB 140ms
46ms Script
application/javascript 13.226.159.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-63.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9af867bc9375cd71edd46561c1bca358106a688494a72becb5125e41cf5bee94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 16:08:30 GMT
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 84113
etag: "18c1dfef830d61a2df6f2a6ba04e9d17"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 60911
x-amz-cf-id: UafiXXSTNuPOd_4vngVWis2b-lFniTNQbBsn3j2RoCfO_fU4y3n0Xg==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 542E 79 B
374 B 225ms
72ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0OH_ueJcrQhRhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtTpw.5B0KB8DI1Re4GSraUdWUeKvqCSFQ_01kKJA237lY5BSmVjMk.DjS&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221617118222%22%2C%22%22%2C%22%22%2C%22%22%2C%221772638222%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=b85ff72cb48d650ea4ee17d1811e029d&userIP=89.238.186.243&doAffectv=1&wgtime=1617118222
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__dc_reach_suite02wkz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 15:30:22 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 542E 85 KB
85 KB 152ms
53ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidYGpFrf3f85xFVH9HetQtRBqfZt1T4zoneid__asuidcwnhv3UlTcmi3V39IkCHu2EM6CztahwOasuid__adf_Netmix_Reach13_Single&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=&g=5cc4cc0cb6bd6b713ba23b88c4515c60%2F9292198995381708538&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22sk7tr27naamyfz6ppe66c0jjs67y711yck1epsncjjv3ggt38a34r59vj6gqf3sxbw8hz5gggwq6k6t4s3y6tf6km02q0k3hedahhz3bhz0sk60devhypj8yyn3hgvjnm664s6gpaw7vwxsnx327g9v9z224cm7hjg412vmac0qk0cgvge2q5qacq898shgzf2mdwsyhp8w2xmzad1rf3cy7as35mp3a9tv53jhmyb4ahxsmq5h3mkqf9ec%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253Dl%2526ai%253DCYCOjCkRjYOG9K8_IgAfFwpyIAZDhgYRctqjCivACwI23ARABIABglYq4gsgHggEXY2EtcHViLTM1OTU2NjE4MjIwMDc4MjWgAcKu6N0DyAEJqQLOnw1cYa6zPqgDAaoEwwFP0AUEkTsXlwHI_SPUOuB_H0t_-HhCdjSztCKtdPS7JcGhIamaNsq0MrdpHsUxiLltq-JyTDvU_Gaj_uZ_1abSzqiUAk4GUM6eTGLZw4l8nPwghwy7xqkcwTw4rz4uhEXVXsbyLn4U4uCkodihkFzGS5XX_TEYBueiWYCiNqoRYFzobfKXNgZoAIg8Ug78H_04j_EHBiEnaej57sxedRpVp5vVvrDs8KRHZAuH6ZPk3ME5Li6DPn7B4pQ4iC1cY_Rl-sWABqmzs7-d4u7k5QGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAewmLEC2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3uzJlA4hNwqEoX7riTo_lFo2095A%2526client%253Dca-pub-3595661822007825%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 15:30:22 GMT
Last-Modified: Tue, 30 Mar 2021 15:30:22 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 542E 63 B
270 B 254ms
66ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0OH_ueJeJrPtQVD_DJhCizgzH_y3EjNpmVWN9dPBSpMk.Nk4JkZtB8mcK4rTOya4ydMjNpp0iJ3A0KFgBFY5BNlr91xU..B7k
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 15:30:22 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 187ms
58ms Preflight 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Mar 2021 15:30:23 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 542E 16 B
232 B 97ms
96ms Fetch
application/json 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Mar 2021 15:30:23 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 542E 44 KB
45 KB 128ms
44ms Script
application/javascript 99.86.3.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-101.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 02:26:48 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 51806
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: yADH5JFtb_N9VLDDnGfOp1D3dpd7tANzhZLQigEtVab47ra4tzeCBw==

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 542E 18 B
205 B 61ms
27ms Script
application/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1617118223847
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:30:23 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 5dafe214d67cbdc0882547112ef94842
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame 542E 0
75 B 26ms
26ms Script
application/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16171182224433_95174dea47&programId=12607&expiry=1772638222&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 892e96f874ed04e51f96f799cc05f582
server: Google Frontend
date: Tue, 30 Mar 2021 15:30:23 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 17:12:01	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-20 02:33:34	Name: IDE Value: AHWqTUk6LOmRzHOe3UZ9cvMMc9FfwMTClO02lLGPx-Vj7SynDL1Rp2mrMqrJ3hzxnq0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ad4mat.net
adservice.google.com
adservice.google.de
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
diapi.webgains.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
marikpost.net.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform.twitter.com
platform.vine.co
prod-rtb.ad4mat.net
rtb.openx.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
w-it.m-t.io
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.marikpost.net.ua
104.111.239.217
104.244.42.8
13.226.159.63
142.250.186.162
142.250.186.98
185.230.89.42
185.64.189.115
2.18.234.21
2600:1901:0:76b9::
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:bd1
2606:4700:3032::ac43:aa7a
2606:4700::6810:125e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2013
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
3.126.239.96
3.212.69.80
35.227.252.103
35.244.174.68
46.236.13.147
52.39.207.175
54.72.18.9
69.173.144.139
79.137.69.120
81.29.72.47
99.86.3.101
004a437d7089840beee57c26d31bae4f4d5db320d0d4a8a1e66afaba98bcf27b
00d0f7ed2516f90e948a42996a2fbdb6eb5ccc2e607b7e9e542843156352ddd8
019f0d476f34f29b8c99ff3504862bf7a8f4c6a3321d97d57e99de60f9af7776
01db69cca8062a2c1def13f84d5a681ad07b5d046f5871d65856ef55ccf6973f
02103fe5f8781ce458e6e79eda33f044d7af146f906695f37929b96cec706783
03a63f41f8b9d354f860b945eb497bb5fdacd6098b55ca90b6579b7602928c9a
07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
12a8f9389ac1e17bd9fbb2d509eb59d046894e26cc1b35c4e49b6499741d98b4
134881b275ce7f315d7266f7aa7ba8b5c40bf6b49ab1585fe7d8bd3894439038
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b7590e7fdb0854f28c063b7ae0f54f6e39fea515d5e610af020e5ad0fb67ce6
1e9d90fec6306b4bb5669773fbbd6568a5b0fbcb2d10618f9d678a5074376f36
1eb84c5c797e84a595498a5b348eb9390e04edb202b3134b74117d2eee43a997
220542531fa701592adfee12f0f6b3fcdeaf7bb80292a646f0ed9704d90bbc37
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27fe0f3d7408ff7d7522bc77b8c1eeaa6c2b73587c069fa457adee24a35927c7
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5ae377f0f40ee0c56f840acd919c982c11947be3271fed74061063cc381ee5
2cf0ae87b5d44aaa8747534e74088aa41867ece468fbff3173bd541b7c0e9dae
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
31aa715f046536217cef97bf9d2741ff21fdfbe74474ed3e82568244a49ae894
3750585d3747a0e4fb65ca7dfc7f425849c388477e68631208f77562ec18ec92
3a547a0b8fe8db4e326ca2035629ad822fe7d63139c6ece5d22bd76e0d580cf4
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
3f7a0b739872f4ac674758dc15f2751b15bb6c11108336b67fb9b28b7a1b0e86
3fd498cc0ae566423ac60276950b945aec0f2dbd65e99e9fe5ebc0e1d525885a
42da09139a98c1ca5f89a5532b07dbe03f8f06415a2ea9d44df5ea8eb130691b
44d22fcbeac879b62d00d1dc838fcccfe3c2ecc797cad9831cba2ca4d926c7a5
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
480267a1eaa652ec531663e399c0a31abdd694795158c04b64bd5dc9cb4c7e90
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
491158614c16e4a767df0f1ddbb82a8462b6ba308b8774c698b82e850a425291
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c8db09d94619da9090cac5c5f5ef5450484ca3adc36f54f02d63d26a01c13b4
4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288
519d220012b4b23204d171c218ff9c288b424c4bf4c6c753ca471f4514b57787
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5b7c16a2634176ae1011cf12236608a573a5bfa50685e2e2884cf2da48e22769
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
677344a87e7abb166df42f9a2ceb8b02a66936840d76889e2506bc6524a8d2b4
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684ff092700c7b5f8852994d1795a7246c204d0f97e64f1dc34a4a07d1dc4d82
6a95713b3ded7bafb1d82e78474bc3cfbf5e98e08e7cc5ca0286410d5ae6b0de
6d2942b5fdffe461fc8f6057822d0a8ee15a8413ea751728b7f67ddfeccb00d0
6f31d0ffc99a940f01a7224fd04dbb23443dc327e46a7225781f84adacd9799d
6fe4d2c27229a0bc2e053342d8601c0c8d8ea6a9ca4c3937aa63aed501e9c257
704d9311a35ee969ab5fec086ee7c9beb0847c278b99296ad7eb60208f6416ff
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73f8849c1fbf8a9a7a6886c9efe3bcdae4627d1b08451b1424cada88232e5792
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7450b0ba109fa1ea0178cb9588dee185b644656eed6a4013a34b90f12cd9488f
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
83c131000f14a1d667b5116e5f182997489fbf82e6d790d0ee2737ddb765b56e
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
85bfcb0ce20c244365ded7b5381302cd4fa77cbdce9ae658b9e136e6f315cd18
85f5e9132388fab3aee2f05b2423cbfdca8d334433032c5727706bea28262f68
8687e90791df4582658ad44eb7a20b332e8593811f9ae96d5b1a37b6086953ce
88be7865697b18ad3611fe75af39ea43e86aac0c1e5b2ebdcd04a534c1e1d5d4
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
907eaddfe1772a81bfe66583c75a2f70f55175dc984cd314dcb209bc84d28e81
90e5850c4cb46fb439478f28c17ddf112115180914a0e4394d07bbb2dc7f71e1
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
974d7aa7ffb871b7207ddeb6ca6918be83ed8fa15f16666895801a5f04124992
97693337cd1dc42d5cf5cb2d6fb75958f9074ba746904f8d25b542cc4cd5e2c6
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
97d4436dc6b96cb1da16005f77fd69a3fd05cad38ab283411cb2437a7dbcc9b8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af867bc9375cd71edd46561c1bca358106a688494a72becb5125e41cf5bee94
9c1fe012e845505c4c0bf412b4d1185513d88dfe4cbadcaffed7c191f835515a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9de61d49cd1fb868e020d41adcce38e783b2835504ba4e5ed87b15f1f300ce20
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b0ff4684daca946ed282213f63599bbfcd02c656de7934f8f583a1a042aa6ca8
b2a0d90b1e8b4dbd727013172d0b837c198facf1ac3e2ad1ab06d09158659573
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b5bfa02fd3c35c755623ac6b9bc3cd412beac4f4c2ffa05bf181ff2a2f1ef2e6
b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb
b814f9ed4996878a3f280e7b6c1ac40112da40dd89aad1335d02440991597aff
bb51d2e4ca8afb54c4d1927453e2021e9b2bb0da4e50fdc7209ad9ab0e03c124
bd2d99e6e5124043d247cc2cdf999365ee5b7c914726a18901604f3f5095abe9
bd564036612969ce6c3d8464cb59cefd79be4dab161c358f251c0f637f34da17
c2c8bdb473fb37e4f60e33dd3eb5969758e8d61412cebb662bd76bd596b74ec9
c2e7f5ae424534e76b21e9bed217cf989125356ba6178a5d52e18d73a41bb462
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d08fcbc9d1ecf0c0f6b8010051686678bcea576791223500ebd2ec8926165776
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d2719085c9677e9d497fd20aa546f872a161ab5d63690aa99b0555640ff2acb5
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7dabf6ed2991db97570d496fc9fccaea699d6f4fed6b77b1c18a4a93b93f01e
d842df61112542a09a4b9ab985a9805c5479c67ab6c17922e282fbf3fa9904a0
d86657b0a31fde86d20a1d347746f11242e1a8335d59759baa94a226a1dba655
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dce93bce75edb01d2fdebfba166067193065d06e9362d4e39b6ab0c1c1d3384c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e411c8ff7e5d0c5fce8b53806c39c4f303a9617463bf271be02c31e80950075f
e420b75154a5c28ca63c56ece9af5dfa5186c072b766510ec7e8cddaa42cea6b
e43baab93b8d659337bcc2401b1990d7b1a8a0a2d9bf23ec8969a88969150883
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e6bbcc62f3b6a3ada1215006f0f6c04dbcc035efe815caf60e6a26eafc335b7f
e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf
e975153c7c730161ea9e0225810815140afd7bfeeaf1515db8a0d06a45a2142f
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
ec0c5f7a8de37a02414756f98e8e57a5b396961226b912f832c1c2b1590fb73b
ed1fd799bb2a05880924e2ef9f7e2be8de07f9cde01c4b8d6111c00c0d626107
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef99180c20d75a06ecc10268de1f4049251d23b1743f55369dd5a8d55e4cf1b1
efe224cd432a8b1e8f4e761b9b572ab7534b91ffb236a42581fd27506020561b
f34c5577b0ee593ee87043955c8f34568edcfc1a81e0c0aa712638328515735c
f8d4c5649419ac70b9c08454afe5a7897c61f19b356135d888e97a17543805ef
f8e7e777ab2c510a548bec6e1e8b9a3fbceb986ba8603686a64f7d11ed3e8805
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
fa18fcf82fc981fc03e4189755d61169f04e08a6b0a2418fef70c2ecf01556e9
fbdcd25ed66bfc1e83de87d605e819be98ca3acc5665bfc8e64f68d3c89c87c5
fc09fb5de9c704bd45cb90515ca5897304f87fe8f4293059f94aa2de482d62f5
fdb2ddc55b7bd8231d8ff1ef9f0092a2300696786ccb40adaaa0bc8b393d624e
feea6127a153da9ba9d4553649cbc353d8d3e504a0406d59e2828b1d506147c0

marikpost.net.ua Open in urlscan Pro 185.230.89.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

100 %HTTPS

47 %IPv6

29 Domains

42 Subdomains

30 IPs

6 Countries

4538 kBTransfer

6078 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

marikpost.net.ua Open in urlscan Pro
185.230.89.42 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

100 %
HTTPS

47 %
IPv6

29
Domains

42
Subdomains

30
IPs

6
Countries

4538 kB
Transfer

6078 kB
Size

2
Cookies

210 HTTP transactions
6 data transactions