www.aviation.com.ua Open in urlscan Pro
2a00:7a60:0:106e::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.aviation.com.ua/
Submission: On May 16 via manual (May 16th 2023, 11:40:46 am UTC) from CH — Scanned from DE

Summary HTTP 174 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 19 domains to perform 174 HTTP transactions. The main IP is 2a00:7a60:0:106e::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is www.aviation.com.ua.

This is the only time www.aviation.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2a00:7a60:0:1... 2a00:7a60:0:106e::1	200000 (UKRAINE-AS) (UKRAINE-AS)
38	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:20:... 2606:4700:20::ac43:4453	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:607	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.2.81 104.18.2.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5 6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	52.212.231.135 52.212.231.135	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
8	2600:9000:223... 2600:9000:223f:4c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd	14618 (AMAZON-AES) (AMAZON-AES)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
174	26

22 2a00:7a60:0:106e::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)

www.aviation.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4453 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:607 (United States)

ASN13335 (CLOUDFLARENET, US)

finance.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.2.81 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

f.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.231.135 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-231-135.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223f:4c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	694 KB
27	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357	240 KB
22	aviation.com.ua www.aviation.com.ua	78 KB
20	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 950 static.adsafeprotected.com — Cisco Umbrella Rank: 631 dt.adsafeprotected.com — Cisco Umbrella Rank: 579	210 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	115 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	316 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	4 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	3 KB
4	finance.ua 2 redirects finance.ua — Cisco Umbrella Rank: 492527	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7680	818 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1347	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 472	418 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	75 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	17 KB
2	i.ua 1 redirects f.i.ua	6 KB
1	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 220456	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	607 B
174	19

	Domain	Requested by
36	pagead2.googlesyndication.com	www.aviation.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
32	tpc.googlesyndication.com	googleads.g.doubleclick.net www.aviation.com.ua tpc.googlesyndication.com pagead2.googlesyndication.com
22	www.aviation.com.ua	www.aviation.com.ua
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.aviation.com.ua
8	dt.adsafeprotected.com	googleads.g.doubleclick.net www.aviation.com.ua
8	static.adsafeprotected.com	googleads.g.doubleclick.net srcdoc static.adsafeprotected.com
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	www.aviation.com.ua
4	fw.adsafeprotected.com	2 redirects www.aviation.com.ua
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	finance.ua	2 redirects www.aviation.com.ua
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	s0.2mdn.net	www.aviation.com.ua s0.2mdn.net
2	www.google-analytics.com	www.aviation.com.ua
2	f.i.ua	1 redirects www.aviation.com.ua
1	c.bigmir.net	www.aviation.com.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
174	26

This site contains links to these domains. Also see Links.

Domain
www.ucoil.com.ua
finance.ua
weather.i.ua
avia.meteonovosti.ru
top.bigmir.net
www.facebook.com
twitter.com
www.instagram.com
t.me

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 27 frames:

Primary Page: http://www.aviation.com.ua/
Frame ID: 6AF201B7FE50E3988844864209641E8E
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: FEC665A73B027CBCBD19658D388F9CBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&adk=1812271804&adf=3025194257&lmt=1684237241&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.aviation.com.ua%2F&ea=0&pra=5&wgl=1&dt=1684237241095&bpp=7&bdt=288&idt=258&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4317124151456&frm=20&pv=2&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=279
Frame ID: AD815EE9D71EDA747DEA742E1CD5DD18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
Frame ID: DF000019F8C1EFB2D795E1AC92871D0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
Frame ID: E955ACA540607B7668DA3B8DF2777CD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3
Frame ID: 319F9BE067E33BF7547429580122E598
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=125&slotname=7281877548&adk=455889613&adf=53902614&pi=t.ma~as.7281877548&w=125&lmt=1684237241&format=125x125&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241574&bpp=3&bdt=766&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1463&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=322AakOcy2&p=http%3A//www.aviation.com.ua&dtd=6
Frame ID: 0F56208DF84965957BC06CB508600B62
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVKTOxfN2GsRTjTTc1cQtsYnYJxeF74h_fPMvQXjPLB0-i_U80he1fb1_EP5YkDANvRN8HLcBDTUP_9B8CJLeYEbgyhsxgylVVgLkK8Vdgsh_F1zkEMK22_yf5zaf-8D5RPPaiP_X_2AF9mTLjFWFSiPQjWn0UMXmH8G5RjckZHOzuRmmk
Frame ID: 7B3460E83AD74F9D31ADE3E961BAF84F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 97DC6FEDC2B6804DDBC7E053D7384C4F
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 55508FDDC75C209CF466B9FD0AE0A475
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E4A26AF0F42ED41C9108E621139DB9B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVZxYy7sfRrKK2VmVkI43m5Cnjo9PYMtRAAexxJ7ycppEZvqpofS8TLbF0sENffgQzoNM8RHtpSTHTni5iAC3gwGUoODZT4DBSRMQsArtSypSVJ76ahIMyQz24Q4hYm2TxY8kh86YGsZcj-Rq8UGF6bzCU9B_WKAYZEdGbFeZTCZRpiUbA
Frame ID: A90FD46AAD5D7C40ABDD900F5E2AB9C2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7EA3C97036B366B4A5D8B573A9162E2B
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 65922250715A37C8DF1CA54DB43B907A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: ABC7A73BF7FFBAB45A8BF2D1FF2678A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: FED25283B437F2FDF7F4E5DB50497EAB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5B01D747ECB341D83A9586335C689B78
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3C715ECCBA26C8D935D5E15169A5169F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html
Frame ID: 45DED35F096E00CD50DD5591832E891D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9AE52F4FFBE90ADC9D775A91025BB613
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_320x50.js
Frame ID: A5205761CC553FD9EBC3DFA7374BE9BE
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_320x50.js
Frame ID: 347C8B607EA9CB8882E9A05760E24CC7
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F804E6BC9E2778F7B7A61A55C6FB28F2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 7D8C56CBFEC670C27670652D3AFC45BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js
Frame ID: 5FFE9DE38BD7F71750798AC91E7FEC07
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67280F3F6D1B6A8B5612EA0571F6897B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30EB06BB7EC85FC44CAD17E618BF2581
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Український Авiацiйний Портал

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

174
Requests

78 %
HTTPS

65 %
IPv6

19
Domains

26
Subdomains

26
IPs

6
Countries

1763 kB
Transfer

4824 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ucoil.com.ua/

Search URL Search Domain Scan URL

URL: http://finance.ua/

Search URL Search Domain Scan URL

URL: http://weather.i.ua/kiev/

Search URL Search Domain Scan URL

URL: http://avia.meteonovosti.ru/index.php?index=2&iso=UA
Title: Авіа (METAR, TAF)

Search URL Search Domain Scan URL

URL: http://top.bigmir.net/report/64300/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/UAP00/posts/?ref=page_internal

Search URL Search Domain Scan URL

URL: https://twitter.com/Aviation_ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/aviation_ua/

Search URL Search Domain Scan URL

URL: https://t.me/uap_aviation/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://finance.ua/cgi-bin/fip.cgi?currency=USD/UAH&source=NBU&lang=ru HTTP 301
https://finance.ua/cgi-bin/fip.cgi?currency=USD/UAH&source=NBU&lang=ru

Request Chain 15

http://finance.ua/cgi-bin/fip.cgi?currency=eur/uah&source=nbu&lang=ru HTTP 301
https://finance.ua/cgi-bin/fip.cgi?currency=eur/uah&source=nbu&lang=ru

Request Chain 16

http://f.i.ua/ip3_c10101_l1.png HTTP 301
https://f.i.ua/ip3_c10101_l1.png

Request Chain 22

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 25

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1576767712&utmhn=www.aviation.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%90%D0%B2i%D0%B0%D1%86i%D0%B9%D0%BD%D0%B8%D0%B9%20%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB&utmhid=1848465750&utmr=-&utmp=%2F&utmht=1684237241142&utmac=UA-37898379-1&utmcc=__utma%3D46918775.52828483.1684237241.1684237241.1684237241.1%3B%2B__utmz%3D46918775.1684237241.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1136318023&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1576767712&utmhn=www.aviation.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%90%D0%B2i%D0%B0%D1%86i%D0%B9%D0%BD%D0%B8%D0%B9%20%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB&utmhid=1848465750&utmr=-&utmp=%2F&utmht=1684237241142&utmac=UA-37898379-1&utmcc=__utma%3D46918775.52828483.1684237241.1684237241.1684237241.1%3B%2B__utmz%3D46918775.1684237241.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1136318023&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGNrun9m9VeNTcpfOXQELAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA3p_ukLa1Voz5u51XWHwWc&google_cver=1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDQyMzQ0ODE2NDc3ODg3Nw%3D%3D

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3295809207588976&ias_chanId=1&ias_placementId=19422215943&bidurl=http://www.aviation.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gLitAbNCLMgzFCt0f7N8yc&adContainerId=brand_safety_umtjZPL7GpK49u8P1IWDsAo&cbFunctionName=goog_wrapCb_umtjZPL7GpK49u8P1IWDsAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.aviation.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.aviation.com.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3295809207588976%26output%3Dhtml%26h%3D60%26slotname%3D9486923046%26adk%3D3031713297%26adf%3D3613349930%26pi%3Dt.ma~as.9486923046%26w%3D468%26lmt%3D1684237241%26format%3D468x60%26url%3Dhttp%253A%252F%252Fwww.aviation.com.ua%252F%26wgl%3D1%26dt%3D1684237241529%26bpp%3D8%26bdt%3D721%26idt%3D8%26shv%3Dr20230510%26mjsv%3Dm202305090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Df4a31ad7a96b6885-224bd1d8d6dd000b%253AT%253D1684237241%253ART%253D1684237241%253AS%253DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg%26gpic%3DUID%253D00000bf8541cd024%253AT%253D1684237241%253ART%253D1684237241%253AS%253DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D4317124151456%26frm%3D20%26pv%3D1%26ga_vid%3D52828483.1684237241%26ga_sid%3D1684237241%26ga_hid%3D1848465750%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D641%26ady%3D182%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44773810%252C44759837%252C44759876%252C31074345%252C44788441%252C44789779%252C21065725%26oid%3D2%26pvsid%3D3763570045505922%26tmod%3D1301093316%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DC2qjI5AVxj%26p%3Dhttp%253A%2F%2Fwww.aviation.com.ua%26dtd%3D15&adsafe_type=bed&adsafe_jsinfo=,id:8d5194b5-4710-a8b9-8909-28c99c2526e7,c:cMdmsX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-dlvcn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tEq3Ps7+11%7C12%7C131*.990511-61634094%7C1311%7C1312%7C1411%7C151%7C161,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:16,oid:7d28849d-f3de-11ed-83f7-a6c5f6eface7,v:19.8.411,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELh-ULceWzwVpJSdXrByYMI&google_cver=1

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJlVnOjFNqFQeFix52TKB_M&google_cver=1

Request Chain 123

https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3295809207588976&ias_chanId=1&ias_placementId=19422215925&bidurl=http://www.aviation.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i8-XxjI3iCKLsTcE9ZdBtS&adContainerId=brand_safety_umtjZKnwK8OJjuwP5Ii1wAw&cbFunctionName=goog_wrapCb_umtjZKnwK8OJjuwP5Ii1wAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.aviation.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.aviation.com.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3295809207588976%26output%3Dhtml%26h%3D60%26slotname%3D9486923046%26adk%3D1813526727%26adf%3D591729439%26pi%3Dt.ma~as.9486923046%26w%3D468%26lmt%3D1684237241%26format%3D468x60%26url%3Dhttp%253A%252F%252Fwww.aviation.com.ua%252F%26wgl%3D1%26dt%3D1684237241554%26bpp%3D4%26bdt%3D746%26idt%3D4%26shv%3Dr20230510%26mjsv%3Dm202305090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Df4a31ad7a96b6885-224bd1d8d6dd000b%253AT%253D1684237241%253ART%253D1684237241%253AS%253DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg%26gpic%3DUID%253D00000bf8541cd024%253AT%253D1684237241%253ART%253D1684237241%253AS%253DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw%26prev_fmts%3D0x0%252C468x60%26nras%3D1%26correlator%3D4317124151456%26frm%3D20%26pv%3D1%26ga_vid%3D52828483.1684237241%26ga_sid%3D1684237241%26ga_hid%3D1848465750%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D641%26ady%3D711%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44773810%252C44759837%252C44759876%252C31074345%252C44788441%252C44789779%252C21065725%26oid%3D2%26pvsid%3D3763570045505922%26tmod%3D985721560%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DhMmSYnLsP9%26p%3Dhttp%253A%2F%2Fwww.aviation.com.ua%26dtd%3D8&adsafe_type=bed&adsafe_jsinfo=,id:51e45adf-c8c3-106c-79cd-f30fb30877d2,c:cMdmx1,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-hk4d9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tEq3PvP+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141*.990511-61634094%7C1411%7C1412%7C1413%7C151%7C161%7C17%7C18,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:39,oid:7d475706-f3de-11ed-a2c8-4af5ef2e0c77,v:19.8.411,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

174 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.aviation.com.ua/ 29 KB
8 KB 392ms
250ms Document
text/html 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 66db703d88ccb45a06bdc059b14b910d66b8d19d039282ac74e259e778f184ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=CP1251
Date: Tue, 16 May 2023 11:40:40 GMT
Expires: Sun, 21 May 2023 11:40:40 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
x-ray: p15532:0.012/wn25568:0.010/wa25568:D=12315

GET
H/1.1 200
OK font.css
www.aviation.com.ua/ 2 KB
892 B 118ms
118ms Stylesheet
text/css 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.aviation.com.ua/font.css
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5e7e42afe7c469458756a329b198be81c3a3b2d93260ece4c06386a1aa878f06

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:40 GMT
x-ray: p15532:0.000/wn25568:0.000/
Content-Encoding: gzip
Last-Modified: Thu, 08 May 2014 13:15:13 GMT
Server: nginx
ETag: W/"536b8361-9bc"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 220ms
141ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3440b10b0ea93537e24e6cee754e7af0c448da217c075b6449d82d2c78c54b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47820
x-xss-protection: 0
server: cafe
etag: 992009294190509432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:40 GMT

GET
H/1.1 200
OK HM_Loader.js Show response
www.aviation.com.ua/menu/ 3 KB
2 KB 353ms
235ms Script
application/javascript 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.aviation.com.ua/menu/HM_Loader.js
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 60cbe5e043b48d624b2ce318c4fd80a25c9f319e0db0669dbaf731dce34b4776

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Content-Encoding: gzip
Last-Modified: Wed, 26 Sep 2012 07:31:26 GMT
Server: nginx
ETag: W/"5062af4e-d52"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK logoavia.gif
www.aviation.com.ua/images/ 3 KB
3 KB 355ms
237ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/logoavia.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a0a78e0bee749fe6c097d0d5d9a26e65ca91610a688ea23ae3cb3cf47b82d067

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.001/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:23 GMT
Server: nginx
ETag: "5061bd2f-b84"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2948

GET
H/1.1 200
OK aviation_2d.gif
www.aviation.com.ua/images/ 2 KB
2 KB 350ms
233ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/aviation_2d.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ef6af9e6968b1f74b5e1a481d8a00c6d5e3c90d909d983fc7697760017861a90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Tue, 05 Feb 2013 14:47:33 GMT
Server: nginx
ETag: "51111b85-68d"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1677

GET
H/1.1 200
OK logo.gif
www.aviation.com.ua/images/ 5 KB
5 KB 354ms
235ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/logo.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7b5789dd70860498220811c491325eb1f8d9eb2de37f28bac44c6b681a7dffbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:23 GMT
Server: nginx
ETag: "5061bd2f-12d6"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4822

GET
H/1.1 200
OK home.gif
www.aviation.com.ua/images/ 218 B
484 B 359ms
239ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/home.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a1510e99380bfedc48cdcc128dbd8b38fde82de1f5d0d8a0f70527ec0ac87319

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:22 GMT
Server: nginx
ETag: "5061bd2e-da"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 218

GET
H/1.1 200
OK rssmini.png
www.aviation.com.ua/img/icons/ 360 B
627 B 118ms
118ms Image
image/png 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/img/icons/rssmini.png
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bb8868f67070a3bad4857c1cd4879654be3ac170eae027df9da8783ca7d604dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:41 GMT
Server: nginx
ETag: "5061bd41-168"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 360

GET
H/1.1 200
OK 1_1.gif
www.aviation.com.ua/images/ 43 B
308 B 126ms
126ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/1_1.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.006/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:17 GMT
Server: nginx
ETag: "5061bd29-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK ucoil.gif
www.aviation.com.ua/banners/ 28 KB
28 KB 117ms
117ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/banners/ucoil.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c1febfd361ceac869438494a8514f6e670bfa640312a7a238d7ff72d7c1866df

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Thu, 07 Aug 2014 09:36:31 GMT
Server: nginx
ETag: "53e3489f-70be"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28862

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
50 KB 128ms
89ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e7217a67acab027dcaded2c89aff363388d0d5f4ec8060590ea4554780ff63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50526
X-XSS-Protection: 0
Server: cafe
ETag: 6767593167055186625
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 16 May 2023 11:40:41 GMT

GET
H/1.1 200
OK NEWS.JS Show response
www.aviation.com.ua/news/ 4 KB
2 KB 232ms
230ms Script
text/html 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.aviation.com.ua/news/NEWS.JS
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 836fe034ac81a9e91602ba90d5aae7bf2beaff32bb1307b55db52a9b4887f2dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.117/wn25568:0.110/wa25568:D=110377
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=CP1251
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Sun, 21 May 2023 11:40:41 GMT

GET
H/1.1 200
OK strelkaa.gif
www.aviation.com.ua/images/ 969 B
1 KB 126ms
126ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/strelkaa.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 476f291fdb08c55d6157a081b5a63c05e99004df25bdf624edd6827e53b0d013

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.006/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:33 GMT
Server: nginx
ETag: "5061bd39-3c9"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 969

GET
H/1.1 200
OK blank.gif
www.aviation.com.ua/images/ 43 B
308 B 118ms
118ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/blank.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:22 GMT
Server: nginx
ETag: "5061bd2e-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H2

200

fip.cgi
finance.ua/cgi-bin/
Redirect Chain

http://finance.ua/cgi-bin/fip.cgi?currency=USD/UAH&source=NBU&lang=ru
https://finance.ua/cgi-bin/fip.cgi?currency=USD/UAH&source=NBU&lang=ru

427 B
721 B

33ms
33ms

Image
image/png

2606:4700:20::681a:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/cgi-bin/fip.cgi?currency=USD/UAH&source=NBU&lang=ru

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Server

2606:4700:20::681a:607 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

286828d2ac6a8ebc51ba8258690c9b9ebd1ccd94a48fda64fd24e8e73c8069e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-type: sticker
date: Tue, 16 May 2023 11:40:41 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 427
x-xss-protection: 1; mode=block;
server: cloudflare
etag: "298a5eac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONDFlbu%2F0O6u16UgxuDLLKbuMi2xO1eI5QWDzB%2FXmdXyZ7N0GoSyuFRpaSMb10jbbMBhQGjsx8Pq3tL0N2YSjBOm5hTDBJOT49qXvQIjblShZbrU8oVPR3VdZH7VCN1KkFjY9VIuU8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7c8358e4f8d65c32-FRA

Redirect headers

Date: Tue, 16 May 2023 11:40:41 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qclv%2FA8MB2SeSDXbQo02VKKifANL1HWUdFX3PIBWg3pEy1lAC4zQH3K0NJ5u8DpXviAF0vYo5zVzOxP5%2FuVOk8H0jjpEynvTyNs%2F7i4LYn5YevOQOIQZKj7cW1MK8m%2FKu8vgzUmwod8%3D"}],"group":"cf-nel","max_age":604800}
Location: https://finance.ua/cgi-bin/fip.cgi?currency=USD/UAH&source=NBU&lang=ru
Connection: keep-alive
CF-RAY: 7c8358e40e52bb7f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

fip.cgi
finance.ua/cgi-bin/
Redirect Chain

http://finance.ua/cgi-bin/fip.cgi?currency=eur/uah&source=nbu&lang=ru
https://finance.ua/cgi-bin/fip.cgi?currency=eur/uah&source=nbu&lang=ru

454 B
999 B

54ms
35ms

Image
image/png

2606:4700:20::681a:607
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finance.ua/cgi-bin/fip.cgi?currency=eur/uah&source=nbu&lang=ru

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Server

2606:4700:20::681a:607 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

292bd5c172280e9a81d9fb4c2fada3807231116e72e86224c82e68bb03a82dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-type: sticker
date: Tue, 16 May 2023 11:40:41 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 454
x-xss-protection: 1; mode=block;
server: cloudflare
etag: "4ed1d563"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1iANKrh8dOKscN34%2B1tuwSx9%2Fr6%2BTevWhwNy8HxKzDZ%2FPty5mYZRiOre90nEIMSL2YI5D0vziXKTKwSzXKn61Oel8F8GpT5fdoEVzrp5tSRk0Ne1ZKTAIEfN4VKB0r%2Fo8NTvaE5p6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7c8358e488625c32-FRA

Redirect headers

Date: Tue, 16 May 2023 11:40:41 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sslh3VOLZ177jHKK6wlFjocUnsq9ObP90%2F7b%2F9ZlesUG5YHQtHPhesOHOc0W7FS5d44u3FFFs8IH2xQnoDrLMn4ok1UiaVcIpvrzg8M5KclFsjzYcAs9ySTFbj6n2pZOF4OyQVmDChU%3D"}],"group":"cf-nel","max_age":604800}
Location: https://finance.ua/cgi-bin/fip.cgi?currency=eur/uah&source=nbu&lang=ru
Connection: keep-alive
CF-RAY: 7c8358e41c8a3a73-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0

GET
H2

200

ip3_c10101_l1.png
f.i.ua/
Redirect Chain

http://f.i.ua/ip3_c10101_l1.png
https://f.i.ua/ip3_c10101_l1.png

5 KB
5 KB

194ms
173ms

Image
image/png

104.18.2.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f.i.ua/ip3_c10101_l1.png
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: H2
Server: 104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbfa80f389e9c4801b8bc095ba250f5747aa1073cf1cc0a08a5214ca976fa140

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:41 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 16 May 2023 07:47:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cf-ray: 7c8358e4cad0372c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Tue, 16 May 2023 11:40:41 GMT
CF-Cache-Status: EXPIRED
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Location: https://f.i.ua/ip3_c10101_l1.png
Connection: keep-alive
CF-RAY: 7c8358e40e2f37eb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK counter.php
www.aviation.com.ua/ 3 KB
3 KB 122ms
121ms Image
image/png 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/counter.php
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 14dedc3414d0a7094048f9a78e2f71388b2e6656f447394204d19a196dfcb83f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.003/wn25568:0.000/wa25568:D=2594
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK facebook.png
www.aviation.com.ua/img/icons/ 803 B
1 KB 118ms
118ms Image
image/png 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/img/icons/facebook.png
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b76488055b11640935f1bfe6c7d150c25122916733c920d04d3945a746986f21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Thu, 28 Nov 2019 21:03:44 GMT
Server: nginx
ETag: "5de03630-323"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 803

GET
H/1.1 200
OK twitter.png
www.aviation.com.ua/img/icons/ 1 KB
1 KB 119ms
119ms Image
image/png 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/img/icons/twitter.png
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 148c26bbfd92bf27fa6ee69b8c201b6eea76aeeae20fb73b642f28757ceed951

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.001/wn25568:0.000/
Last-Modified: Thu, 28 Nov 2019 21:03:44 GMT
Server: nginx
ETag: "5de03630-459"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1113

GET
H/1.1 200
OK instagram.png
www.aviation.com.ua/img/icons/ 2 KB
2 KB 118ms
118ms Image
image/png 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/img/icons/instagram.png
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 886e8e3326ebc5edf00b24f8a9b24c957ca3d9c273b58e3cc80c8ce18eab5cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Thu, 28 Nov 2019 21:48:31 GMT
Server: nginx
ETag: "5de040af-72b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1835

GET
H/1.1 200
OK telegram.png
www.aviation.com.ua/img/icons/ 1 KB
1 KB 119ms
119ms Image
image/png 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/img/icons/telegram.png
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6c9aaacf3146e27b3a2c4e59b369c5ba523127e66a3bf29bc21e3a5cc3437e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.001/wn25568:0.000/
Last-Modified: Thu, 28 Nov 2019 21:53:56 GMT
Server: nginx
ETag: "5de041f4-4ad"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1197

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

46ms
14ms

Script
text/javascript

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 May 2023 10:01:28 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5953
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 16 May 2023 12:01:28 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3295809207588976&plah=www.aviation.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a297797838a27eea8a4fa1d23ab204d357eb2422cdfa56c1e70efc3ad76e6bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122682
x-xss-protection: 0
server: cafe
etag: 15335030039944682831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame FEC6 10 KB
5 KB 123ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 10:44:58 GMT
etag: 15057649708203361565
expires: Tue, 30 May 2023 10:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1576767712&utmhn=www.aviation.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1576767712&utmhn=www.aviation.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-...

35 B
197 B

18ms
18ms

Image
image/gif

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1576767712&utmhn=www.aviation.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%90%D0%B2i%D0%B0%D1%86i%D0%B9%D0%BD%D0%B8%D0%B9%20%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB&utmhid=1848465750&utmr=-&utmp=%2F&utmht=1684237241142&utmac=UA-37898379-1&utmcc=__utma%3D46918775.52828483.1684237241.1684237241.1684237241.1%3B%2B__utmz%3D46918775.1684237241.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1136318023&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1576767712&utmhn=www.aviation.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D0%90%D0%B2i%D0%B0%D1%86i%D0%B9%D0%BD%D0%B8%D0%B9%20%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB&utmhid=1848465750&utmr=-&utmp=%2F&utmht=1684237241142&utmac=UA-37898379-1&utmcc=__utma%3D46918775.52828483.1684237241.1684237241.1684237241.1%3B%2B__utmz%3D46918775.1684237241.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1136318023&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK HM_Arrays.js Show response
www.aviation.com.ua/menu/ 21 KB
5 KB 128ms
118ms Script
application/javascript 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.aviation.com.ua/menu/HM_Arrays.js
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/menu/HM_Loader.js
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b40fea82eee616be86a8ecd08f5b01a2bceb6a00fa3f6cfce3bee19b785820af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Content-Encoding: gzip
Last-Modified: Sat, 16 Jul 2022 12:27:12 GMT
Server: nginx
ETag: W/"62d2aea0-5241"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK HM_ScriptDOM.js Show response
www.aviation.com.ua/menu/ 36 KB
8 KB 237ms
119ms Script
application/javascript 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.aviation.com.ua/menu/HM_ScriptDOM.js
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/menu/HM_Loader.js
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f2bbe26a00d68561e5de95e02227f179a46d79cc0c81e20d7c08a22804407b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Content-Encoding: gzip
Last-Modified: Wed, 26 Sep 2012 07:31:28 GMT
Server: nginx
ETag: W/"5062af50-91a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 127ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.aviation.com.ua&callback=_gfp_s_&client=ca-pub-3295809207588976

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3295809207588976&plah=www.aviation.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0b7719629ee3a96e555d98e527deb8f529d13571967d86efcaf189a2b8ca4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 135ms
50ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.aviation.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 133ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aviation.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD81 296 KB
73 KB 1162ms
1161ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&adk=1812271804&adf=3025194257&lmt=1684237241&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.aviation.com.ua%2F&ea=0&pra=5&wgl=1&dt=1684237241095&bpp=7&bdt=288&idt=258&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4317124151456&frm=20&pv=2&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=279

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1aa5293829def29d313f2750316e31c2f136a7e57aee6f7f4bb0c54454925c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 74127
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
expires: Tue, 16 May 2023 11:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.aviation.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aviation.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF00 19 KB
8 KB 728ms
728ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20fadccfad9bb344661e83214879a6a720d0390291178312684ed2861128fb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 7783
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
expires: Tue, 16 May 2023 11:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK planes.gif
www.aviation.com.ua/images/ 855 B
1 KB 119ms
119ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/images/planes.gif
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: b3d21cc1f230eb97220e77922d3f55be811e87cb4c4dabdcd5d7b316f3905989

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:41 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Tue, 25 Sep 2012 14:18:28 GMT
Server: nginx
ETag: "5061bd34-357"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 855

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E955 19 KB
8 KB 967ms
966ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96d7a90c1acb7f74f5a563bf104142fcbbba10ea3bc8da679588775841b38f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8048
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
expires: Tue, 16 May 2023 11:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 319F 86 KB
25 KB 883ms
882ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd9906f6561422c44c7ff7a5be8afc3eafce34c1b3fea53f4c9caadcde3d078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25984
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
expires: Tue, 16 May 2023 11:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F56 93 KB
33 KB 500ms
500ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=125&slotname=7281877548&adk=455889613&adf=53902614&pi=t.ma~as.7281877548&w=125&lmt=1684237241&format=125x125&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241574&bpp=3&bdt=766&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1463&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=322AakOcy2&p=http%3A//www.aviation.com.ua&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edada96a43826b9ea0321ad1911836979f0a5d69d371caeb2ed689986ce2ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34161
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
expires: Tue, 16 May 2023 11:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK /
c.bigmir.net/ 1 KB
2 KB 90ms
43ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.bigmir.net/?s64300&t18&c1&d24&r1600
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: e759d7bb155f7df75fa26fcb31c6079947c18b2532e720aab5bc994be78056f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 11:40:41 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0F56 6 KB
1 KB 129ms
50ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=125&slotname=7281877548&adk=455889613&adf=53902614&pi=t.ma~as.7281877548&w=125&lmt=1684237241&format=125x125&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241574&bpp=3&bdt=766&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1463&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=322AakOcy2&p=http%3A//www.aviation.com.ua&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 10:50:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 0F56 2 KB
818 B 131ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0F56 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CD1jtuWtjZLTlKZebtOUPrveW4AqUibrCcNbToqKKEcCNtwEQASCh_uklYJXikIKgB6ABvOX6qgHIAQmoAwHIA8sEqgTcAU_QlQ8vERS3rXS-Uezi5SB_SjgmFYHRZjQcZ2GB6X1CuYJKG6gvpAzwmxyGsAL-AuLuuH6dw4ub0STXREW-Q1t9EoA70uLwOXIwtfD8urSJHLTnG9n-KaHUqHLdvUqdXi0rcHcVVAeuuIO8Uxo2HrcATlPn80tK-3oH-IARqHU9N-5VT-lfAwcVfIIFOyJqkQ2l3lxlzZmWQIOwb0w5OiHDUazeB2aLpfth30jiKUxt53RSjWQwN2lPjybdcmTSEGsIB55Y2Wx3VGjCpv59DdrYpEyde-c1jL1VIQbABNfu_9isBJIFBAgEGAGSBQQIBRgEoAYugAesmoXVAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEL2ECNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTMyOTU4MDkyMDc1ODg5NzYYAA&sigh=HE9tO-Aw3f0&uach_m=[UACH]&cid=CAQSTABygQiDpNUwlwZ7oJ6Erp7Bs7RVzV72cpRQ3hwR1kpImjgoXFcwH6MCol8GWnb7o9dulopIu9ZS3j1HzWFtfRXBzV3Hy95iFsJkAR8YAQ&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=125&slotname=7281877548&adk=455889613&adf=53902614&pi=t.ma~as.7281877548&w=125&lmt=1684237241&format=125x125&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241574&bpp=3&bdt=766&idt=3&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1463&ady=3&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=322AakOcy2&p=http%3A//www.aviation.com.ua&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/ Frame 0F56 22 KB
9 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa3b72d5b1a5c9e14494cd7eb5119506fc3a7a85070fee3f1de13a146186969f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8824
x-xss-protection: 0
server: cafe
etag: 8026932446453101925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 0F56 3 KB
1 KB 128ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 0F56 19 KB
8 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F56 170 KB
53 KB 171ms
73ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 0F56 32 KB
14 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3481249413492769183/ Frame 0F56 19 KB
19 KB 143ms
68ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3481249413492769183/14763004658117789537?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e64e9c1be949f119dab742640309ef5ae5f32da77139630ccbe1bd16d9f3ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 20:22:43 GMT
x-content-type-options: nosniff
age: 227879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19576
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 20:29:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 20:22:43 GMT

GET
DATA 200
OK truncated
/ Frame 0F56 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5a32e84d16f3982d0a71bdb1d9f0beb125e6869f3b8734d0aa689d08af64078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0F56 15 KB
16 KB 120ms
36ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 278278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:22:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0F56 15 KB
15 KB 128ms
45ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 303990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 23:14:12 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B34 624 B
245 B 78ms
76ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVKTOxfN2GsRTjTTc1cQtsYnYJxeF74h_fPMvQXjPLB0-i_U80he1fb1_EP5YkDANvRN8HLcBDTUP_9B8CJLeYEbgyhsxgylVVgLkK8Vdgsh_F1zkEMK22_yf5zaf-8D5RPPaiP_X_2AF9mTLjFWFSiPQjWn0UMXmH8G5RjckZHOzuRmmk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
expires: Tue, 16 May 2023 11:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 97DC 78 KB
27 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 97DC 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 97DC 19 KB
8 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97DC 170 KB
53 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97DC 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_zX0LWi4CYqqFXh-CuSs6d2bgY5bBwGTRx0iZB2pyKC5HugBVqtkBTy8cVN7wxS_8gOjye84wo5-8rA3dPzwjbsYPj_IZoZSJX2PltZA_3fNTGzM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97DC 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18251500678870680727&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7B34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVKTOxfN2GsRTjTTc1cQtsYnYJxeF74h_fPMvQXjPLB0-i_U80he1fb1_EP5YkDANvRN8HLcBDTUP_9B8CJLeYEbgyhsxgylVVgLkK8Vdgsh_F1zkEMK22_yf5zaf-8D5RPPaiP_X_2AF9mTLjFWFSiPQjWn0UMXmH8G5RjckZHOzuRmmk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 11:40:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7B34
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGNrun9m9VeNTcpfOXQELAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1

43 B
766 B

14ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVKTOxfN2GsRTjTTc1cQtsYnYJxeF74h_fPMvQXjPLB0-i_U80he1fb1_EP5YkDANvRN8HLcBDTUP_9B8CJLeYEbgyhsxgylVVgLkK8Vdgsh_F1zkEMK22_yf5zaf-8D5RPPaiP_X_2AF9mTLjFWFSiPQjWn0UMXmH8G5RjckZHOzuRmmk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 11:40:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBmU1KS9MN00u8NWs4IRUq0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7B34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA3p_ukLa1Voz5u51XWHwWc&google_cver=1

43 B
1 KB

167ms
167ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA3p_ukLa1Voz5u51XWHwWc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVKTOxfN2GsRTjTTc1cQtsYnYJxeF74h_fPMvQXjPLB0-i_U80he1fb1_EP5YkDANvRN8HLcBDTUP_9B8CJLeYEbgyhsxgylVVgLkK8Vdgsh_F1zkEMK22_yf5zaf-8D5RPPaiP_X_2AF9mTLjFWFSiPQjWn0UMXmH8G5RjckZHOzuRmmk

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 11:40:42 GMT
AN-X-Request-Uuid: b0a58a6e-96e7-4f4f-87c8-7d7663aa585a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.131; 185.213.155.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA3p_ukLa1Voz5u51XWHwWc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7B34
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDQyMzQ0ODE2NDc3ODg3Nw%3D%3D

170 B
243 B

52ms
48ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDQyMzQ0ODE2NDc3ODg3Nw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 16 May 2023 11:40:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.131; 185.213.155.131; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 459ccf14-f698-41ef-801a-93e4e92170e2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyNDQyMzQ0ODE2NDc3ODg3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97DC 0
20 B 69ms
68ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5116857323977&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97DC 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5116857323977&version=m202301230201&ct=76&x=1&cor=18251500678870682000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 97DC 99 KB
38 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0zFUcoGBElXzFjy0mBnjFHP7yGMscJ6eznZ-Y_8qkjk7bT-A8jtE5bgzYR7AJtVk3_rd81D6Ras-zWW3APq34PO6BxThSV30Z2ZruW1Y7tsr-QfYb3NdjoX4hEBI3V2p0PwNz0cUzWKCX8YiSkF4k5_qWCupbdqbo4sqkmQU1IAxTgYc&dbm_d=AKAmf-D65HAxW-TihVZ3OXFLfZObFLdvL5cdUe6E_7b6vY3VU0Btow9qjg125_NdpG8Z8oUwbJTWAkdjHSJQhz6dmBr6-9EZ4uJxyrxTZSAhOzdxmCjyIUTUtIDxs2ImqqE3tqk383EbMwt1QRgM_grfyGtwgQWyby3FT978qs-P1fTqHiAJoraO5xJheUQlsSuzpXKaCS40TPb5jgyJdwQestBKtor19J9rgz0zD0z_hmXJ2vBpH8IR4FWAlnJtnaQDhczWLchGLWCPWTu-yJcQuGjpH7B2Mp4QD5FRcw8DJs_ZPAm4iSitmDJ0qsuYAB7RY8Y02t86agH1o6NC-aEZEwwRaqwT_4YYYAksPIlFK69-WDLtMiY26JZMyNwQp-NUcr56EuZhFXdy5p6oWEtGpCtH1qtcp-YI0iGPxJ3u21thYaDgp7FI0KlsRqacO7owHcBTOzvGUcj9489scuuP1r8OjboaSZaCM7hfvbuqgPdULlXzUILE8fompMpvj3r11VXhaxbjt2yRE6_Ib60ogDeBSaAdW36hJQGDPvMfs3m3iXzvEUtMGAmrIuI1QHKzYPCVmPKF4VC9w5mZbNtutKSdiv_TUnoiJJFu-Zh1YNdmLwVQbueNDhZREm3vglx9WDPlfkmgE6MzxA5mHwFl5KFySbZ_A4JXFyfFssFeZ80wQZDsfNV7oH6tycf4mMe069uXXh5Z1Gg20YTLkM27uF414QqlOM4gD7mBJgDBdxtZ0ADZGTSE3h7z_eAd7xIE6jMBeqJ3wl6Uzfw_Wp90scbxrQhptpJJVHWyh92bTozUmsy4PZYsRnhqwar8cXMyRE2Im4EYeO3Q_dA7pl7TdVaPIjPGvVlqDRrlvNDGPPKyj2-XR6SHrAZ9wrJkCv3aaJaxDHnnLGkbj6TWjE2yr6M64KTSDTlrxf2Pp7DE5AUf2miP8xThXFpaD6PeJOjwmTmVU9tAdXe1Cjb0SGkuaoU0cEueYxRDY-xCca-5K7BuIGlLmzQMDml4IrrQstkmbXhb5ZAaDDX-KkME2-BlTSjtmck3OKwCFki5UfOd61Rsvw89Ps-utzK3rxiI4U2QKBTByvENYLRWN3C7LGfAMKSg8duVwjWzSIiCzgsOLpkA9mJwU704Xb2ph53UQmIp2IhOjWVanMU0soghMoqSrpyRjRwXTl6rQlXbA5UK2mgUJGZo25OWQx96w45K6vaxZCmmJglgH4z5YipNffJWturW7YVB0y6Wlf_6BTlkFwUlihaX2985g-r0S_E1yoR9oAw8UfgWEQM6zySf_fVgsOC8G3WShuO0aLY2LUQiEC4S2r0j4jPHhg7jvo3HcSgBAomCz-wdkagnufggvFCLZ2uYSx5z127JlCCJcrFUz4MwGDOWR1dT5zscnEuvPZLhrV_q-ZQu7g6PsTFVqSP_yl4qCEGpnJTRO4Omh7Lc4tlVSP3Mf1FPXnyuHlWJa5Z4PIGYJxllRZV4DuX0OJjoKBR4tyWercydr9KNdAUtm8tlC7F_SZSKQ0filLJB-JSml7V8_FfL2RsH8pIlThMkwCuXrKHgIlS3aoYjBzT5-KT3eJO6J-KZ0c0BQs410-lQqJbErk0vjPRxC-MiA-DwObS9D4FIhYMfkYDIgnl4cWG1BL1KC776X1PeKi-FsqV1hVQ1S51JK7jYQS9nRanNGCEtyjexcC5sLqrtt6T94NF9prQjxYAhwsyymtfPp_mJELkRK1qibzjUXvcRg6rsbaWBLpY2ahMglR7mfk8O_fmfwBe9LvbHlT_V1eVgDNKhbewz7CBnuZMc27e_PKAC7EfJPalHoo9NHnRuU0yDqWVzo0SGet24TcrlkP-o_5v7uTFTV4dF8fQP4TLv5QLPbuAnuKkoo2Gy8dvrS772ok-v7qPxodppm_5OC8uiZl0gt9ti1lzwTVOEa-H37RrSaQpGnyrTdFdGjcRWyGKI6Ba70DsIGRqKRrW_nZfUX5jXiC2mdRTZxYi3FanCRNuROjbfre8NzgxHvhP-GSGIY3Ildve1HCTMiI40XRW48ww1r79kTP8qRUCDGz7B2tMHfop962T9sxH4ogU5rTe27jBDH3SlceIUSMco7_NP2Is_I1UKQTL8r7N7ej6PyGXGr0zALIK3xfq4_uhVRLL7GTtzWZVfDzHgT-l6jIf8RpcdRD6WtXgpZ-_AizDpEeNfeqtZzUDKjWV-6KxUNR4RqjK5aWs3mGu6kpB2fvzIs5W2SDUkSPsSLCnILKL0Mye-KVs4EwRdQzirW7KZGOOHP_KTfQ81ilECPrkf85dNTqdr3OBLYWzkIaStiGdznf1ONqcCHpkJ1ZDJywfsh2XPNuQfZliJ6jwjAsRI7lV1C4w3A68RF46N84jm_lPTqbmBLjr035rVKilnKpr06hZRJxNt1WvgsQop3PzfFD7VMc5Ncf3dYJ3YAHh0bdUWgtjLCCSLJSCH1IoJQOjeOH54qfi48a5CSSBqk4jG0LX-DFEpVFHMlkBZvHwuS154hwrj0y9MO8iFx5kJHp0pUq5CMR77_mN3OlrBVWxTlmZnoUZowEAf_SNNWoz-xySy_WYuBLCyMQ9OHhGnq03GtnASNden0HjYknI3IH3Wirq5PXMxCdCXt994frL2eUgQkUo8alpIw7J9iiTtiJehY7tWwk2nAW6xZ2ZFlR23cO4DVIsGOyftwJhByi0M89vcHKL9L8jCJQQEkZfMlx6KkHgzQAYW1KzuWkF9bxsYDevbwtxVSGkua7ssWrMs9YnjQniw3Y1-pajKVsqIRuu0PaBc_IOe4NxUhe2S03ASbWOtXcKmqwWHhYWSZ-Ihk6GmOQ3qR0WevY_OpZ4StOwrlr54wlduCLg7ZQ21SKzK0zpKKD9ogNfj7UHQGxiUzkUGvNG7UI3_oXQn-eESIs__iqPcY_CutgS7wqr5wjuvLYQOK2OCBqbyO42kiFlW9H1siGGM1G1KtuHqifsDkdSi0YlSYBwJkEG83SOlwtEMm1pAC8dlvX2y59ExwD26Pvk6CG4-Jq1hqUVQzR9_WnsDTWJEvXkJDACjRNiYdFllvmySDCbvDyfHzHDNn3_h24CTkslpVW0-CZceXUkDZjrGBSlQThZ6Gs8iI1tx_f-KmdRlF-HwB2YCcvz-Za44JIoe0c-iPBlWKyvMVlpnY8NIzX4Vs1cFEaIxH7eouFIWoA9r2AoknsDWs8_l0NPxmiRRCbZb4cY3xSPx7OPO-ge3lX82fNbDl_kH0V_XpLGuJbqktWq8X2JKJSY0WtT_gZ2NKLdzmdkSFb490TEI5bn3Q3Dx_UTnWq7K9IojBQtDFBjfX-LoencTKA-8npCkWdC1CTJzgX12nacCIWTKd4otpk2_oQbxJpQ8LwfZ2lC9qphiuifOy0c3UqJ7B_QoVo5h8clEmdv-LqBzdYgJZHgf3DzVFSevJbndMwLMvISYvlmAdj2dXMB7Nf_REDRECp3W5xX51w9rrD--VrE0063ry5LMvtrCQCwJXAor0H-JK2rk6TDWZXmZh-2C-gAo51ubU-J9pxQbfCeT6PlstxBgoBvcwiFtvzHi9-v9tSjm70QU4qzZA3FhZ_SGkNuTpEBxVDJR2glPz6nRs-b2wkhBuWaCb87keWLYywI&cid=CAQSTABygQiDrbPuSyTM9i5AXAJzP1SKTb_f9pbojtEH3kx3-33A86bNEtPZmtXK7jiIYvGWLJHV9YWxaWckqF39rr7GdKTPdOD4tdDrEn8YAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.aviation.com.ua%2F&ds=l&xdt=1&iif=1&cor=18251500678870682000&adk=2124396030&idt=123&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b96da14d46255d9efb84cc67e78c0bea9b1f47cac71f897ba83bac6405289ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5550 37 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 05:39:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 319F 9 KB
1005 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 10:30:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 319F 2 KB
765 B 35ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 319F 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsMWmuWtjZMyjKfS9tOUP4J-lkAWUibrCcNbToqKKEcCNtwEQASCh_uklYJXikIKgB6ABvOX6qgHIAQGoAwGqBNsBT9DjDUhwxcCY7pLzIHJFn7YAic2abmHPS-RL7bGmulGedb482gwI22YYefDIXQGbpy6DeblgX6EAWEKFynqlRdcgrz35-GAxu7RryAhSDYpUCJ12XySrrLtmjDdvAzraTO63KE_LrmdqlrmQ_q_FNGjBWcxoOydSnbQIhgJZBXUpsgFn2NJBMaV0jCupgqpSsjIfrgGmkakMRpr9uxax4XFM3zAv06KRT-3KJdkHoM95tXP5cKSKSy2z_R6R1NzO082wWKjyk3R-ssuEi456j1t0bdGlAoqPedfhwATX7v_YrASSBQQIBBgBkgUECAUYBIAHrJqF1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDgvQPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTMyOTU4MDkyMDc1ODg5NzYYAA&sigh=cs1jWhtXXAo&uach_m=[UACH]&cid=CAQSTABygQiDgjy4p_KuhQ-SMNofFfPy_fHgiHQN-4KvzO7AWAp_V_VRxMkruhHjFVUSAHE1QPhPA9CbOeHvY981IMka6m49pku1GuMvVf8YAQ&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/ Frame 319F 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa3b72d5b1a5c9e14494cd7eb5119506fc3a7a85070fee3f1de13a146186969f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8824
x-xss-protection: 0
server: cafe
etag: 8026932446453101925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 319F 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 319F 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 319F 170 KB
53 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H2 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 319F 32 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5249682578342448082/ Frame 319F 6 KB
6 KB 38ms
38ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5249682578342448082/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c6c821e9ef07b2c36da99b8146f919680e0e69d9d0aaa71e53827367b8c4c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 07:04:30 GMT
x-content-type-options: nosniff
age: 275772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5787
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 11:03:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 07:04:30 GMT

GET
DATA 200
OK truncated
/ Frame 319F 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E4A 143 B
166 B 36ms
35ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 10:51:54 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 319F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bec06bcab2d65abbde2b99f1d2b52c88005baac5cc619864ca015db7c46acab3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 319F 29 KB
29 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 220452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:26:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A90F 640 B
265 B 76ms
75ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVZxYy7sfRrKK2VmVkI43m5Cnjo9PYMtRAAexxJ7ycppEZvqpofS8TLbF0sENffgQzoNM8RHtpSTHTni5iAC3gwGUoODZT4DBSRMQsArtSypSVJ76ahIMyQz24Q4hYm2TxY8kh86YGsZcj-Rq8UGF6bzCU9B_WKAYZEdGbFeZTCZRpiUbA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
expires: Tue, 16 May 2023 11:40:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7EA3 78 KB
27 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 7EA3 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 7EA3 19 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EA3 170 KB
53 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EA3 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AG7YEvi4F6w1gGWJN530PQ7yVqw1oZFxOTAjZ0XKL8heR6nTK_69NtdASjfkfIJ-aKmcvDFVFBHj3lqrcBbkD4VhFUM1i32d40HUHjzV63VYqnUpY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EA3 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18281570885663949755&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634094/ Frame 97DC 245 KB
74 KB 100ms
30ms Script
application/javascript 52.212.231.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634094/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3295809207588976&ias_chanId=1&ias_placementId=19422215943&bidurl=http://www.aviation.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gLitAbNCLMgzFCt0f7N8yc
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.231.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-231-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 66f377debcd36555413d3a3a6e1ec2b1bfe78db2ac73f1433fd833983585f1ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 97DC 106 KB
37 KB 250ms
36ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 May 2023 09:20:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/elements/html/ Frame 97DC 11 KB
4 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0zFUcoGBElXzFjy0mBnjFHP7yGMscJ6eznZ-Y_8qkjk7bT-A8jtE5bgzYR7AJtVk3_rd81D6Ras-zWW3APq34PO6BxThSV30Z2ZruW1Y7tsr-QfYb3NdjoX4hEBI3V2p0PwNz0cUzWKCX8YiSkF4k5_qWCupbdqbo4sqkmQU1IAxTgYc&dbm_d=AKAmf-D65HAxW-TihVZ3OXFLfZObFLdvL5cdUe6E_7b6vY3VU0Btow9qjg125_NdpG8Z8oUwbJTWAkdjHSJQhz6dmBr6-9EZ4uJxyrxTZSAhOzdxmCjyIUTUtIDxs2ImqqE3tqk383EbMwt1QRgM_grfyGtwgQWyby3FT978qs-P1fTqHiAJoraO5xJheUQlsSuzpXKaCS40TPb5jgyJdwQestBKtor19J9rgz0zD0z_hmXJ2vBpH8IR4FWAlnJtnaQDhczWLchGLWCPWTu-yJcQuGjpH7B2Mp4QD5FRcw8DJs_ZPAm4iSitmDJ0qsuYAB7RY8Y02t86agH1o6NC-aEZEwwRaqwT_4YYYAksPIlFK69-WDLtMiY26JZMyNwQp-NUcr56EuZhFXdy5p6oWEtGpCtH1qtcp-YI0iGPxJ3u21thYaDgp7FI0KlsRqacO7owHcBTOzvGUcj9489scuuP1r8OjboaSZaCM7hfvbuqgPdULlXzUILE8fompMpvj3r11VXhaxbjt2yRE6_Ib60ogDeBSaAdW36hJQGDPvMfs3m3iXzvEUtMGAmrIuI1QHKzYPCVmPKF4VC9w5mZbNtutKSdiv_TUnoiJJFu-Zh1YNdmLwVQbueNDhZREm3vglx9WDPlfkmgE6MzxA5mHwFl5KFySbZ_A4JXFyfFssFeZ80wQZDsfNV7oH6tycf4mMe069uXXh5Z1Gg20YTLkM27uF414QqlOM4gD7mBJgDBdxtZ0ADZGTSE3h7z_eAd7xIE6jMBeqJ3wl6Uzfw_Wp90scbxrQhptpJJVHWyh92bTozUmsy4PZYsRnhqwar8cXMyRE2Im4EYeO3Q_dA7pl7TdVaPIjPGvVlqDRrlvNDGPPKyj2-XR6SHrAZ9wrJkCv3aaJaxDHnnLGkbj6TWjE2yr6M64KTSDTlrxf2Pp7DE5AUf2miP8xThXFpaD6PeJOjwmTmVU9tAdXe1Cjb0SGkuaoU0cEueYxRDY-xCca-5K7BuIGlLmzQMDml4IrrQstkmbXhb5ZAaDDX-KkME2-BlTSjtmck3OKwCFki5UfOd61Rsvw89Ps-utzK3rxiI4U2QKBTByvENYLRWN3C7LGfAMKSg8duVwjWzSIiCzgsOLpkA9mJwU704Xb2ph53UQmIp2IhOjWVanMU0soghMoqSrpyRjRwXTl6rQlXbA5UK2mgUJGZo25OWQx96w45K6vaxZCmmJglgH4z5YipNffJWturW7YVB0y6Wlf_6BTlkFwUlihaX2985g-r0S_E1yoR9oAw8UfgWEQM6zySf_fVgsOC8G3WShuO0aLY2LUQiEC4S2r0j4jPHhg7jvo3HcSgBAomCz-wdkagnufggvFCLZ2uYSx5z127JlCCJcrFUz4MwGDOWR1dT5zscnEuvPZLhrV_q-ZQu7g6PsTFVqSP_yl4qCEGpnJTRO4Omh7Lc4tlVSP3Mf1FPXnyuHlWJa5Z4PIGYJxllRZV4DuX0OJjoKBR4tyWercydr9KNdAUtm8tlC7F_SZSKQ0filLJB-JSml7V8_FfL2RsH8pIlThMkwCuXrKHgIlS3aoYjBzT5-KT3eJO6J-KZ0c0BQs410-lQqJbErk0vjPRxC-MiA-DwObS9D4FIhYMfkYDIgnl4cWG1BL1KC776X1PeKi-FsqV1hVQ1S51JK7jYQS9nRanNGCEtyjexcC5sLqrtt6T94NF9prQjxYAhwsyymtfPp_mJELkRK1qibzjUXvcRg6rsbaWBLpY2ahMglR7mfk8O_fmfwBe9LvbHlT_V1eVgDNKhbewz7CBnuZMc27e_PKAC7EfJPalHoo9NHnRuU0yDqWVzo0SGet24TcrlkP-o_5v7uTFTV4dF8fQP4TLv5QLPbuAnuKkoo2Gy8dvrS772ok-v7qPxodppm_5OC8uiZl0gt9ti1lzwTVOEa-H37RrSaQpGnyrTdFdGjcRWyGKI6Ba70DsIGRqKRrW_nZfUX5jXiC2mdRTZxYi3FanCRNuROjbfre8NzgxHvhP-GSGIY3Ildve1HCTMiI40XRW48ww1r79kTP8qRUCDGz7B2tMHfop962T9sxH4ogU5rTe27jBDH3SlceIUSMco7_NP2Is_I1UKQTL8r7N7ej6PyGXGr0zALIK3xfq4_uhVRLL7GTtzWZVfDzHgT-l6jIf8RpcdRD6WtXgpZ-_AizDpEeNfeqtZzUDKjWV-6KxUNR4RqjK5aWs3mGu6kpB2fvzIs5W2SDUkSPsSLCnILKL0Mye-KVs4EwRdQzirW7KZGOOHP_KTfQ81ilECPrkf85dNTqdr3OBLYWzkIaStiGdznf1ONqcCHpkJ1ZDJywfsh2XPNuQfZliJ6jwjAsRI7lV1C4w3A68RF46N84jm_lPTqbmBLjr035rVKilnKpr06hZRJxNt1WvgsQop3PzfFD7VMc5Ncf3dYJ3YAHh0bdUWgtjLCCSLJSCH1IoJQOjeOH54qfi48a5CSSBqk4jG0LX-DFEpVFHMlkBZvHwuS154hwrj0y9MO8iFx5kJHp0pUq5CMR77_mN3OlrBVWxTlmZnoUZowEAf_SNNWoz-xySy_WYuBLCyMQ9OHhGnq03GtnASNden0HjYknI3IH3Wirq5PXMxCdCXt994frL2eUgQkUo8alpIw7J9iiTtiJehY7tWwk2nAW6xZ2ZFlR23cO4DVIsGOyftwJhByi0M89vcHKL9L8jCJQQEkZfMlx6KkHgzQAYW1KzuWkF9bxsYDevbwtxVSGkua7ssWrMs9YnjQniw3Y1-pajKVsqIRuu0PaBc_IOe4NxUhe2S03ASbWOtXcKmqwWHhYWSZ-Ihk6GmOQ3qR0WevY_OpZ4StOwrlr54wlduCLg7ZQ21SKzK0zpKKD9ogNfj7UHQGxiUzkUGvNG7UI3_oXQn-eESIs__iqPcY_CutgS7wqr5wjuvLYQOK2OCBqbyO42kiFlW9H1siGGM1G1KtuHqifsDkdSi0YlSYBwJkEG83SOlwtEMm1pAC8dlvX2y59ExwD26Pvk6CG4-Jq1hqUVQzR9_WnsDTWJEvXkJDACjRNiYdFllvmySDCbvDyfHzHDNn3_h24CTkslpVW0-CZceXUkDZjrGBSlQThZ6Gs8iI1tx_f-KmdRlF-HwB2YCcvz-Za44JIoe0c-iPBlWKyvMVlpnY8NIzX4Vs1cFEaIxH7eouFIWoA9r2AoknsDWs8_l0NPxmiRRCbZb4cY3xSPx7OPO-ge3lX82fNbDl_kH0V_XpLGuJbqktWq8X2JKJSY0WtT_gZ2NKLdzmdkSFb490TEI5bn3Q3Dx_UTnWq7K9IojBQtDFBjfX-LoencTKA-8npCkWdC1CTJzgX12nacCIWTKd4otpk2_oQbxJpQ8LwfZ2lC9qphiuifOy0c3UqJ7B_QoVo5h8clEmdv-LqBzdYgJZHgf3DzVFSevJbndMwLMvISYvlmAdj2dXMB7Nf_REDRECp3W5xX51w9rrD--VrE0063ry5LMvtrCQCwJXAor0H-JK2rk6TDWZXmZh-2C-gAo51ubU-J9pxQbfCeT6PlstxBgoBvcwiFtvzHi9-v9tSjm70QU4qzZA3FhZ_SGkNuTpEBxVDJR2glPz6nRs-b2wkhBuWaCb87keWLYywI&cid=CAQSTABygQiDrbPuSyTM9i5AXAJzP1SKTb_f9pbojtEH3kx3-33A86bNEtPZmtXK7jiIYvGWLJHV9YWxaWckqF39rr7GdKTPdOD4tdDrEn8YAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.aviation.com.ua%2F&ds=l&xdt=1&iif=1&cor=18251500678870682000&adk=2124396030&idt=123&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 21:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 21:17:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/ Frame 97DC 28 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

848c9628e34f5e696c4e0482e8befd85145d139d717b018478d6b44f243e5729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 21:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11021
x-xss-protection: 0
server: cafe
etag: 1067780215036677322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 21:34:53 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 97DC 41 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 04:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 04:43:57 GMT

GET
DATA 200
OK truncated
/ Frame 97DC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 393d26d6326a1717297ca61345845a3db6a9fa148e14d955647639a0f4269b14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E4A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
47ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=2727232968&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241569&bpp=1&bdt=761&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=y70rrNFkcM&p=http%3A//www.aviation.com.ua&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:43 GMT
expires: Tue, 16 May 2023 11:40:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 151 KB
51 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25e507fa9c8208af61c3fd2213cbd537a2504b654ed1777cc6c84a9b2e10e835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52430
x-xss-protection: 0
server: cafe
etag: 1677407572736381591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:42 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6592 22 KB
8 KB 37ms
35ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 543405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 04:43:57 GMT
expires: Thu, 09 May 2024 04:43:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EA3 0
20 B 77ms
77ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9374370927937&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EA3 0
20 B 76ms
76ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9374370927937&version=m202301230201&ct=76&x=1&cor=18281570885663949000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7EA3 99 KB
38 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZI6_zANnHfbYE2ozNiA6EIAOG5gppVXn4Ai4XrG07uw0T9uEm_QzcHwTV0Z_6T7H1647Id7f_CE4wOLvVjpVPgI4tnIFyrWFy9is6bJAVzuhYfyyFAwwPhGfmHBD7-1jKf-8amUZlXZLiN82wn1ueHU2_1zOfxm4em1aFw1-SJGEJIi8&dbm_d=AKAmf-DsjP31OQY1EHPr-CX_9N57Lwx6infGTBwp-jm1JO-0fOvqnpu9M7A-kRf3aypBxWvMHhxU1dTNlyShfiFA3teaOv3v8kWqMtPlhuOWE9cs84g1pZ5Rmc2e6nkgqA5k1ZMnK8SryMr_rbve_9Ndy197oHzbCssObIPaEU4FtsR9OTqpnM2QzgfbMPww_P3SzUcKiCiGs-d7-gc34JkvGhaX30kGm4R31yar4Kh_0vJjMe_FEuViBYJ9Hxw1BsabVslOKuOxI-N-rotPKx1pgsxYk39KwQYv2_UlDVPpqPDR4BwADMIeIBjEoKMXYeEaegOUATbmi5afsRnMABP_I6jRiJkCcw7gtVU79Ks7e94wsX4OK2YCtXiIxV1nDurBucjgAUqdlwAtd_klFpHiYu9jwGMKGhn-_OiCXk6Q5D3kXCEUvfWSWtAlC2-z4W9xVp4a7b7uWq4EFN8gp5fq3vv08cNaSOwItLKgIk-Uw0Tf63OaDTfNhRYPhV_o2OM3qdGELIE7iEbR1XiLycfYpOISpdoIqytSITH73XE9bxeHNvTrXIwTLa08kTH_Ajt-yWRLthCLG9_V7o7PnhsOkHD-jB3Jt3aLcGe1qq0ErYUESdl3G1PsNvn8C3aJShoB4TO_K-rdRH1B_eXZgbzEswmlUqXFq1ci_Pykll85J0EaVihA4t1EaxCMLeC-kbAH7xh_U1b5xNexbXlznatPjPaIwRiLNLaxkct8pgXPHPHujSaPqkmaJiaMM6vXo6SRiTlM1JXcHhcu_n1uQQZDGNXr8-SwcJGGqp5bYYI0nGo44dTpJx3n-rZ7KlD8k_Nv-r4BierH8braxr9RtmE616nGStr-9BGAv75dh7OIMsMsHn5VDh5J1XECgUZ2kCHKubuebZoe0keAL3dwzcYRH9v_QCYYdLYp8uFLZimGu84EnXgm2ZbZ_LYrqfWZ2LJXl_DYkwjyqq4tKMPuALhbCDv_0jc4qfE_kmnid1PyLsqC4jRkDcYwJvFe_rMnh8rSrHP4Cj1nwTpaaFu12N1Pdto4i6DmmRtFMgK0lz4n4uj1wiHARmevcnYUsiZs9NzHHTf1jKULcCa1JVyV6LRcOIw2DuQJdzLEKlH8Q_BiINlI2x29JLf3p7n3L_Ry9Rpf5s2WRcJYQOAvs9guaLMtptNhxBsGAYt-2ld3lQX_qP4z6VpvTIW3Cf4vmZpoJJeIqZWzt4njTmZUkSiBcSQZTRMir8MqpRgVWSC6fGoEF7cwxmx8aUNcvLuvIz9HEEPyzngrLqqHuiH9z3FHSezOxh-toZhMMZJJX_rRIMIyi7RW9gLcnHXCjTixpc6CxlJZrTWywMtVQah7pp_spZ8nH-Yocz6v6MQ3h9mAY2B4wmpNmQ40-8elYQ2PozZtMD4o8AeQ4MtO7PxCJyKgaOgcDCCT6bhTJAVHb4w3eFaOGTeufduTuKEWrpGyM6oDCMmXkmCZlVF1smoepfjyEox9cT0GxpvDAJmjtlfh_cmXRMIdkG0UKy9V5w1MJsmfAsrkg-lL2bQGcVU5xO3b2han6n3ZYLWTBIMbSh1g0-R-S2wHmemW5Rn-NBKOhJn9bRjLdv_XqBB1IfxivVJ7vpGafjoMf57p7Cka8XqM4D9qQMTB_qoSifB9Puxbho064OTGCHvQKiZRmco9wSFG2nTiTeJ_Clt7mWjgdz1nHkREu0lUPxVNniK59qgIVfA2jgR5xj7c65TWHyy3Df_xYMD26DXiZO-_ILHS_FP5wGspwLEpcbQi874dRaLM7nRTJzMFLkt7pQgROBEAiDu6PAjkvIKUxi5qBkj86DzYmXWqUkMtfpp5iKUYWW0xr9V5Zoq_sMQVL-Z9FjlQjiYONFvA9DVC1P2PtZDXihp9zao42HbdMPt6ntHwnBzdXr8KTpDipX3LIb4yiU3d_IAUMEm_BcgzU15gZIVtO5jHiVxZBUqJHkkxN_QP6fY7zfv1FCetzuF5Pwz-TQJMVzUGsDwq0UKaCbb0QcJ9WRpG5TpR2Zl139hlB5Et3ToeP0wJ6W_WjCJRvfJYpnqBH0EPz6wB_d_0JX9O4dag67o3M-b8NzLii-M1KoAD-iRWvi0DLS1a5al5E42KKJYkZYibjGyscWn0iM2o6DR3hqYjZ3kQSWvX6XkP9f0R6xNqd_tNPJrUnoTvbB_dvk3n0CxuKKbcNAcXUNfMeiO6oB9GimJpuOT_kvN0b1DCK-S_loszZ9-1svnBO-O6ywC8YSylVuzF2P872h__83hGJUbEkdRQ1UzPOMOZGwv_OwZnD6tdhJbZb_3GzjKls_z71NG5OekBRLkP9gsAK8F2vl7xKvK_Ofjgn7sgsdaH4BdUnYbWhpMKurc9dpS9fLWOyx0SdgNPVDKHEz6JH7gPRro5OMKQNFJ13aR5aBe_110QuJJ1yYKKxz81OVL8jQujrL-wTBF5RMbtyuOmOrEiyPKuG0SNlEuk1hG7BGh3MJTPRhwON_yLpMYjcb4GYVHmN94kua4W59IhSk-xwARhPAD_hKfY0HhBptxA7WvvWU4zBWuny1wsIuJ9-0h9OiftUwBYQ8pMySwZUxDsxTwLzZ9OrTH_1BOuK3Ss2asmJAfZt4PlqI7VZSTfUZyzm3-MX1ig1RzkjyZ2NZIP0pno-iKxay8wwSDQI2ovY1YUKdTvbBPj5rs9aoTKqsEBRVxeYmRPeHdf_-5qZbwRc5ht1CD_XykOZ9ggEB1BlAXKIugzLB-B8F-14I59KP11PnIQiLnWoLID90QSo3fGcm3jbnG6rxNhaZv4X_hb-8Ky972bZh4jagGL-uiPxWd4aU4Arwb2DRsh9N337Vhp6U4hcn4FosgvpxbYnaRn_S55QDAArredfJWY-kkkgl3JJU9moXCBkZN8uQKOJRVb8IKSo2TyPepvT6PpAcZDmuQ33Vv1h0WJKisfUe3XKoRu3XfsgpAMDs78sbKKrE1KFdKZbXrg5FljJyHjPJkuOrGkwadIriE-cMvVypDYd_CBSywyPKNrlOfUIoz2y3U-sgND2h3xeUFhn5MROHqYMyCP4gGIj1BARWJZ7Z62_biH5PIBsJloj3XpQdY8itGOy0j1vC2Rkd9AtuGQ0DMasetWYVC6zuJEcwtXZl5bEzmeXbu7UKsPFQh5_nGuTo8AFeFmn6JhaSzvFrcu4elq46zCRbw7vrMj0eqaV6w0khLLXh5uTPTa4_EIi_Jb-hVdqq5GquE-aGKACGe-g1sf8cDlB8UxUubLzIOYclpqbS6kCnDhWRXEFQWzQF2Yhlp8moG41orhlkW2zlKb1D6180iH7MV-KEt3_Bxiuu9rf6ORNOOZn5FTDc5nIXTlrSVL_Tr-5WGEC9CCE9HMZw8d81o2kiSQz51SW-ncYowgTJzec3B0i4__CVwYDYe1jjTZSYD3Mu8D8swG1Ub3r2O1cNdpxFPK7CAFs9VGAaFHEP0j7Z7u0z5KvWKy_ZzVBHOSfpTWCeBONjgWtryT0CVvv2_GocxtQD1sYJVUjnqC00MY-VBnjgRg6sajbQWfMovlrtGL04s7SukJAk2TIYTHeMeGRhY6JeXRdwimllUymk2MPHVGKsUxpXh-Qk6_W8SvQDn7vh6PUls2Bjo3WSy7xPO68v3wT_IfrS3LV-UofN6pT-nb1j9Km9zcgG8REh0ndofz0K9Iex8_BZ3hI2g6g9shiGpUz1sK9kPLEDcTYWaCCMqjuwYsjs3YOLNpgNCncEpYG5bYVpwOUcaOz70jh6M5Y4kTFKGBlUc0gVP8O3Vs7FSF55sc5H-R6mhQ4WJnjkFR-VV3oSawGvLVAIhOujBPSUTyxboj-7wTD4zmYRt2sBUcI8ICLeF87jJy1jsNdPA4vG1jz16M8Wfpo9tVibu1eqruZIjNazp3pqnZviF6i7hfROj6JZ9jpRSkcvMG79FlbYj8lCxEPuvBO0dzoD6tGEO0NlDBmDKpxMipJCRVlrQndCHLQ4tfKyn94smolRhcxTfFwrHDq0qcM5FLlvs&cid=CAQSTABygQiDMVnmQ1cjeNwvLq-2EdOcpksogVPwqIzJxfBC6ZdGus18olwNQOTF-Eb26CUS7ZYokGv7y_FlUHMhUJJ3zfgUsk_pEikGjh4YAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.aviation.com.ua%2F&ds=l&xdt=1&iif=1&cor=18281570885663949000&adk=497053795&idt=134&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be05626dde9ddb82b30f6a67536788652eb2b0f2e6b4472c64ea9000663300d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39129
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 97DC
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3295809207588976&ias_chanId=1&ias_placementId=19422215943&bidurl=http://www.aviation.com.u...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

7ms
7ms

Script
application/javascript

2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
Protocol: H2
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: IA0CpADUJLi5mH3d4OqdtuHMxWhB6eh2
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 20:43:25 GMT
x-amz-cf-pop: FRA56-P5
age: 245438
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 08 May 2023 20:43:24 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: zIcAdNf06LbSEVOdm4j2PhYraCkFXTQQA8xyNUqGdm78uM7rbzIIBg==

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame ABC7 91 KB
23 KB 44ms
8ms Script
application/javascript 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20462666
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: iryAewIVolBbjxBMG-FkGO2dbHQLV8cVkIwPwQ4MJkK93AmWClX6VQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97DC 43 B
215 B 378ms
106ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8d5194b5-4710-a8b9-8909-28c99c2526e7&tv=%7Bc:cMdmtl,pingTime:-3,time:40,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEq3Ps7+11%7C12%7C131*.990511-61634094%7C1311%7C1312%7C1411%7C151%7C161,idMap:131*,rmeas:1,rend:0,renddet:svg.us,siq:17%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97DC 43 B
215 B 375ms
106ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8d5194b5-4710-a8b9-8909-28c99c2526e7&tv=%7Bc:cMdmtn,pingTime:-6,time:42,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEq3Ps7+11%7C12%7C131*.990511-61634094%7C1311%7C1312%7C1411%7C151%7C161,idMap:131*,rmeas:1,rend:0,renddet:svg.us,siq:17%7D&tpiLookup=ao:www.aviation.com.ua%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97DC 43 B
215 B 374ms
107ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8d5194b5-4710-a8b9-8909-28c99c2526e7&tv=%7Bc:cMdmtq,pingTime:-2,time:45,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:443,beZ:444,mfA:446,cmA:447,inA:447,inZ:450,prA:451,prZ:455,si:459,poA:460,poZ:480,cmZ:480,mfZ:480,loA:485,loZ:487,ltA:488,ltZ:488%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEq3Ps7+11%7C12%7C131*.990511-61634094%7C1311%7C1312%7C1411%7C151%7C161,idMap:131*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:17,sinceFw:27,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=3031713297&adf=3613349930&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241529&bpp=8&bdt=721&idt=8&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=1301093316&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=C2qjI5AVxj&p=http%3A//www.aviation.com.ua&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A90F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELh-ULceWzwVpJSdXrByYMI&google_cver=1

43 B
114 B

32ms
31ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELh-ULceWzwVpJSdXrByYMI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVZxYy7sfRrKK2VmVkI43m5Cnjo9PYMtRAAexxJ7ycppEZvqpofS8TLbF0sENffgQzoNM8RHtpSTHTni5iAC3gwGUoODZT4DBSRMQsArtSypSVJ76ahIMyQz24Q4hYm2TxY8kh86YGsZcj-Rq8UGF6bzCU9B_WKAYZEdGbFeZTCZRpiUbA
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELh-ULceWzwVpJSdXrByYMI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A90F 43 B
304 B 67ms
30ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVZxYy7sfRrKK2VmVkI43m5Cnjo9PYMtRAAexxJ7ycppEZvqpofS8TLbF0sENffgQzoNM8RHtpSTHTni5iAC3gwGUoODZT4DBSRMQsArtSypSVJ76ahIMyQz24Q4hYm2TxY8kh86YGsZcj-Rq8UGF6bzCU9B_WKAYZEdGbFeZTCZRpiUbA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A90F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJlVnOjFNqFQeFix52TKB_M&google_cver=1

23 B
172 B

41ms
41ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJlVnOjFNqFQeFix52TKB_M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVZxYy7sfRrKK2VmVkI43m5Cnjo9PYMtRAAexxJ7ycppEZvqpofS8TLbF0sENffgQzoNM8RHtpSTHTni5iAC3gwGUoODZT4DBSRMQsArtSypSVJ76ahIMyQz24Q4hYm2TxY8kh86YGsZcj-Rq8UGF6bzCU9B_WKAYZEdGbFeZTCZRpiUbA
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Tue, 16 May 2023 11:40:42 GMT
pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEJlVnOjFNqFQeFix52TKB_M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A90F 23 B
172 B 74ms
39ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNVZxYy7sfRrKK2VmVkI43m5Cnjo9PYMtRAAexxJ7ycppEZvqpofS8TLbF0sENffgQzoNM8RHtpSTHTni5iAC3gwGUoODZT4DBSRMQsArtSypSVJ76ahIMyQz24Q4hYm2TxY8kh86YGsZcj-Rq8UGF6bzCU9B_WKAYZEdGbFeZTCZRpiUbA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

expires: Tue, 16 May 2023 11:40:42 GMT
pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634094/ Frame 7EA3 245 KB
74 KB 31ms
31ms Script
application/javascript 52.212.231.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634094/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3295809207588976&ias_chanId=1&ias_placementId=19422215925&bidurl=http://www.aviation.com.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i8-XxjI3iCKLsTcE9ZdBtS
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.231.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-231-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bbef193bb636d9c04007c5ee5cb06177e42f17f1618cd50b7316dd48c1a1d674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7EA3 106 KB
37 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 May 2023 09:20:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/elements/html/ Frame 7EA3 11 KB
4 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZI6_zANnHfbYE2ozNiA6EIAOG5gppVXn4Ai4XrG07uw0T9uEm_QzcHwTV0Z_6T7H1647Id7f_CE4wOLvVjpVPgI4tnIFyrWFy9is6bJAVzuhYfyyFAwwPhGfmHBD7-1jKf-8amUZlXZLiN82wn1ueHU2_1zOfxm4em1aFw1-SJGEJIi8&dbm_d=AKAmf-DsjP31OQY1EHPr-CX_9N57Lwx6infGTBwp-jm1JO-0fOvqnpu9M7A-kRf3aypBxWvMHhxU1dTNlyShfiFA3teaOv3v8kWqMtPlhuOWE9cs84g1pZ5Rmc2e6nkgqA5k1ZMnK8SryMr_rbve_9Ndy197oHzbCssObIPaEU4FtsR9OTqpnM2QzgfbMPww_P3SzUcKiCiGs-d7-gc34JkvGhaX30kGm4R31yar4Kh_0vJjMe_FEuViBYJ9Hxw1BsabVslOKuOxI-N-rotPKx1pgsxYk39KwQYv2_UlDVPpqPDR4BwADMIeIBjEoKMXYeEaegOUATbmi5afsRnMABP_I6jRiJkCcw7gtVU79Ks7e94wsX4OK2YCtXiIxV1nDurBucjgAUqdlwAtd_klFpHiYu9jwGMKGhn-_OiCXk6Q5D3kXCEUvfWSWtAlC2-z4W9xVp4a7b7uWq4EFN8gp5fq3vv08cNaSOwItLKgIk-Uw0Tf63OaDTfNhRYPhV_o2OM3qdGELIE7iEbR1XiLycfYpOISpdoIqytSITH73XE9bxeHNvTrXIwTLa08kTH_Ajt-yWRLthCLG9_V7o7PnhsOkHD-jB3Jt3aLcGe1qq0ErYUESdl3G1PsNvn8C3aJShoB4TO_K-rdRH1B_eXZgbzEswmlUqXFq1ci_Pykll85J0EaVihA4t1EaxCMLeC-kbAH7xh_U1b5xNexbXlznatPjPaIwRiLNLaxkct8pgXPHPHujSaPqkmaJiaMM6vXo6SRiTlM1JXcHhcu_n1uQQZDGNXr8-SwcJGGqp5bYYI0nGo44dTpJx3n-rZ7KlD8k_Nv-r4BierH8braxr9RtmE616nGStr-9BGAv75dh7OIMsMsHn5VDh5J1XECgUZ2kCHKubuebZoe0keAL3dwzcYRH9v_QCYYdLYp8uFLZimGu84EnXgm2ZbZ_LYrqfWZ2LJXl_DYkwjyqq4tKMPuALhbCDv_0jc4qfE_kmnid1PyLsqC4jRkDcYwJvFe_rMnh8rSrHP4Cj1nwTpaaFu12N1Pdto4i6DmmRtFMgK0lz4n4uj1wiHARmevcnYUsiZs9NzHHTf1jKULcCa1JVyV6LRcOIw2DuQJdzLEKlH8Q_BiINlI2x29JLf3p7n3L_Ry9Rpf5s2WRcJYQOAvs9guaLMtptNhxBsGAYt-2ld3lQX_qP4z6VpvTIW3Cf4vmZpoJJeIqZWzt4njTmZUkSiBcSQZTRMir8MqpRgVWSC6fGoEF7cwxmx8aUNcvLuvIz9HEEPyzngrLqqHuiH9z3FHSezOxh-toZhMMZJJX_rRIMIyi7RW9gLcnHXCjTixpc6CxlJZrTWywMtVQah7pp_spZ8nH-Yocz6v6MQ3h9mAY2B4wmpNmQ40-8elYQ2PozZtMD4o8AeQ4MtO7PxCJyKgaOgcDCCT6bhTJAVHb4w3eFaOGTeufduTuKEWrpGyM6oDCMmXkmCZlVF1smoepfjyEox9cT0GxpvDAJmjtlfh_cmXRMIdkG0UKy9V5w1MJsmfAsrkg-lL2bQGcVU5xO3b2han6n3ZYLWTBIMbSh1g0-R-S2wHmemW5Rn-NBKOhJn9bRjLdv_XqBB1IfxivVJ7vpGafjoMf57p7Cka8XqM4D9qQMTB_qoSifB9Puxbho064OTGCHvQKiZRmco9wSFG2nTiTeJ_Clt7mWjgdz1nHkREu0lUPxVNniK59qgIVfA2jgR5xj7c65TWHyy3Df_xYMD26DXiZO-_ILHS_FP5wGspwLEpcbQi874dRaLM7nRTJzMFLkt7pQgROBEAiDu6PAjkvIKUxi5qBkj86DzYmXWqUkMtfpp5iKUYWW0xr9V5Zoq_sMQVL-Z9FjlQjiYONFvA9DVC1P2PtZDXihp9zao42HbdMPt6ntHwnBzdXr8KTpDipX3LIb4yiU3d_IAUMEm_BcgzU15gZIVtO5jHiVxZBUqJHkkxN_QP6fY7zfv1FCetzuF5Pwz-TQJMVzUGsDwq0UKaCbb0QcJ9WRpG5TpR2Zl139hlB5Et3ToeP0wJ6W_WjCJRvfJYpnqBH0EPz6wB_d_0JX9O4dag67o3M-b8NzLii-M1KoAD-iRWvi0DLS1a5al5E42KKJYkZYibjGyscWn0iM2o6DR3hqYjZ3kQSWvX6XkP9f0R6xNqd_tNPJrUnoTvbB_dvk3n0CxuKKbcNAcXUNfMeiO6oB9GimJpuOT_kvN0b1DCK-S_loszZ9-1svnBO-O6ywC8YSylVuzF2P872h__83hGJUbEkdRQ1UzPOMOZGwv_OwZnD6tdhJbZb_3GzjKls_z71NG5OekBRLkP9gsAK8F2vl7xKvK_Ofjgn7sgsdaH4BdUnYbWhpMKurc9dpS9fLWOyx0SdgNPVDKHEz6JH7gPRro5OMKQNFJ13aR5aBe_110QuJJ1yYKKxz81OVL8jQujrL-wTBF5RMbtyuOmOrEiyPKuG0SNlEuk1hG7BGh3MJTPRhwON_yLpMYjcb4GYVHmN94kua4W59IhSk-xwARhPAD_hKfY0HhBptxA7WvvWU4zBWuny1wsIuJ9-0h9OiftUwBYQ8pMySwZUxDsxTwLzZ9OrTH_1BOuK3Ss2asmJAfZt4PlqI7VZSTfUZyzm3-MX1ig1RzkjyZ2NZIP0pno-iKxay8wwSDQI2ovY1YUKdTvbBPj5rs9aoTKqsEBRVxeYmRPeHdf_-5qZbwRc5ht1CD_XykOZ9ggEB1BlAXKIugzLB-B8F-14I59KP11PnIQiLnWoLID90QSo3fGcm3jbnG6rxNhaZv4X_hb-8Ky972bZh4jagGL-uiPxWd4aU4Arwb2DRsh9N337Vhp6U4hcn4FosgvpxbYnaRn_S55QDAArredfJWY-kkkgl3JJU9moXCBkZN8uQKOJRVb8IKSo2TyPepvT6PpAcZDmuQ33Vv1h0WJKisfUe3XKoRu3XfsgpAMDs78sbKKrE1KFdKZbXrg5FljJyHjPJkuOrGkwadIriE-cMvVypDYd_CBSywyPKNrlOfUIoz2y3U-sgND2h3xeUFhn5MROHqYMyCP4gGIj1BARWJZ7Z62_biH5PIBsJloj3XpQdY8itGOy0j1vC2Rkd9AtuGQ0DMasetWYVC6zuJEcwtXZl5bEzmeXbu7UKsPFQh5_nGuTo8AFeFmn6JhaSzvFrcu4elq46zCRbw7vrMj0eqaV6w0khLLXh5uTPTa4_EIi_Jb-hVdqq5GquE-aGKACGe-g1sf8cDlB8UxUubLzIOYclpqbS6kCnDhWRXEFQWzQF2Yhlp8moG41orhlkW2zlKb1D6180iH7MV-KEt3_Bxiuu9rf6ORNOOZn5FTDc5nIXTlrSVL_Tr-5WGEC9CCE9HMZw8d81o2kiSQz51SW-ncYowgTJzec3B0i4__CVwYDYe1jjTZSYD3Mu8D8swG1Ub3r2O1cNdpxFPK7CAFs9VGAaFHEP0j7Z7u0z5KvWKy_ZzVBHOSfpTWCeBONjgWtryT0CVvv2_GocxtQD1sYJVUjnqC00MY-VBnjgRg6sajbQWfMovlrtGL04s7SukJAk2TIYTHeMeGRhY6JeXRdwimllUymk2MPHVGKsUxpXh-Qk6_W8SvQDn7vh6PUls2Bjo3WSy7xPO68v3wT_IfrS3LV-UofN6pT-nb1j9Km9zcgG8REh0ndofz0K9Iex8_BZ3hI2g6g9shiGpUz1sK9kPLEDcTYWaCCMqjuwYsjs3YOLNpgNCncEpYG5bYVpwOUcaOz70jh6M5Y4kTFKGBlUc0gVP8O3Vs7FSF55sc5H-R6mhQ4WJnjkFR-VV3oSawGvLVAIhOujBPSUTyxboj-7wTD4zmYRt2sBUcI8ICLeF87jJy1jsNdPA4vG1jz16M8Wfpo9tVibu1eqruZIjNazp3pqnZviF6i7hfROj6JZ9jpRSkcvMG79FlbYj8lCxEPuvBO0dzoD6tGEO0NlDBmDKpxMipJCRVlrQndCHLQ4tfKyn94smolRhcxTfFwrHDq0qcM5FLlvs&cid=CAQSTABygQiDMVnmQ1cjeNwvLq-2EdOcpksogVPwqIzJxfBC6ZdGus18olwNQOTF-Eb26CUS7ZYokGv7y_FlUHMhUJJ3zfgUsk_pEikGjh4YAQ&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.aviation.com.ua%2F&ds=l&xdt=1&iif=1&cor=18281570885663949000&adk=497053795&idt=134&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 21:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 21:17:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/ Frame 7EA3 28 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230511/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

848c9628e34f5e696c4e0482e8befd85145d139d717b018478d6b44f243e5729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 21:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11021
x-xss-protection: 0
server: cafe
etag: 1067780215036677322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 21:34:53 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7EA3 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 04:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 04:43:57 GMT

GET
DATA 200
OK truncated
/ Frame 7EA3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 891790f9429a105408c4e752a5beab5da85f26f5ce99009462100cc917b2b618

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
56ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.aviation.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
46ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.aviation.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame FED2 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Mon, 29 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 5B01 10 KB
4 KB 57ms
37ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:19:11 GMT
etag: 15057649708203361565
expires: Mon, 29 May 2023 20:19:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6592 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 05:39:02 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 97DC 0
482 B 184ms
73ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvg6d7TFjdEOZC_P0cWoBW39UWGqqT_TmGWS31gzmBEw7FCLgPI497j_P-oMw6GSq6NQouyNjIH8qGnibZrdqYRn9GYd9re0peVDRAnG9r2CsXLRQLXZj73Ycv46oOz6LOUX-jS_0OGwiAeYnZLpylD1N1SKXFMLWDI5DqoKd4&sai=AMfl-YToryF0IsaTw0KRJ-s29aERv0c0WimiUadw6RE4ai8WF9k66ldPtUJgVVtWN3MXcwxE913-tyt8o7c1EQTWdOwvjkGSq1KM6NdaQ8YPlypjuWggW1aNS7unKF2xebs&sig=Cg0ArKJSzGtJKwTwZ4-GEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3C71 22 KB
8 KB 42ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 543406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 04:43:57 GMT
expires: Thu, 09 May 2024 04:43:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET index.html
s0.2mdn.net/sadbundle/17033400417514298334/ Frame 45DE 0
0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7EA3 0
0 166ms
80ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4YtrqIxe0s9Bhj7LQHZMNLU5pBdo5LGhR_B7M4pKbe5xq3mn8zGFNeALQ41b2J4vfDa-EqItr3WDdl-wbu4cv3yY31pXQ3ztwFmYMS4zQX_pI5x8oq2iz_WCUEYJLZHzRJDeERlVxJlaGqcvaFL25Go1zCXs1SlTo-Ht_NKr32To20JyJpUHd_AWLAaucf7XVSQRa4XA3CsL3DkLZsvRZaKeippz9Qnwhqyj0V6gwKi3GlWZo2-IGnOu7PaRko0AU474FQcRw533iggUkUJjUmK0sBN91FC35e83pr2HjBaqwUAGN7W-jYi9sek6pDwnKqNd-OMfIzG95zwfeebITb2ayUVSLsHh4W4k-3b1ByOJb06ZY1ZVEUXH56ucFuZVTLItwyfk5G2h9QUFlZ_SFsgeQG3LnMUCWat_X8s5luVu_72i_tEWasfjsdFy7eLdbz90cTJcJeaY1qxpUzVBZ95-3kK8k57hVn7qFId63iR71FEeBM-YGhN4IV_jOosEYKB3OQpdcZlS7MkK7-1vUL3HZildJsUY66-NmdPnntJlLQq4eKM7qR9HE0wla69RZOQ8QXg1tvdnCWN0H5Wp5QK_xDfZtttSkQN6TI3T4XCJ2A8TSiPekJz7-29w9Eu1JBP3Ty9-2X7xtLE-MIS5BpCUE1tyZdDGhNMjBLw45wqwLpXRQt-ux6CXEM-nBB_ZszxSiwHjsJkOfwwCjOMnWfbVtBIgMa0WZ-I9WsHic0N8bvfDZBcE7Vp7fCiSwncBP3rV-9i_wKHEVCcs5xGYqvfWtP6822BuTiYUHL4ZYu8KlX5_2BePLJnx_cnO-hXdSvJaLVQWgCidoFNnUCfIbWmEu-n4eSeOYQy0vUznOQ0WZniJcp5JTo7ESmLB3Zpnj2AdpwASC8Ch55rhuKIhbiiwwLUvkeL96FUPCfc23ugvG9Vw1lLF72WjMLn-Ik2FSMVzdtNxmxgSVLlKP5759HNrOwMuWbKAPN6VedrJ9dc53b7yKz1540dtwT9SpHOOhXbbHdvej0xNEAu7SBJN_E9daPineHUHuNllOMjlLEvzGDFExSZ7ndx9dO4yw94Pi2m8Z81ZTOxDFf1KNiqINcwdBhQYW2Nw5j8RAYyEUqsfkNJLrSCxnAqfbUIcmgNtOxs1RBamdvT1-_h_7k74MXE7lx43SjStRsIiVbafjV1IkLdRR6bLiIcJgrLU3slQXiihnZ53qBfUxYqtEF9Lz264qG6WmuCmhX0EuR7CF1zjtCh0rGfQDBSITFNhBFTgyue-PxyYl0We8bb2XVYwNDnnzbHQcvDRRVZUp4whQ5j5ZHx_I7g&sai=AMfl-YTrf87N-vq01PJDN5_XCvMi95uYVumLzUFPqBUohKeon0s7kSHBesohE-OvHJiK7G42_6NOXdrCRXLs8Wind8QQ1FE9it8OrIb0FhU2j3g7NHOAno_R55OVX809XHgGEB8bJAhStLzDyNjDRYfM2EIF_J-yupAmfA9bvMxlrm9QHfGR-758Ml4B1VFvLk0bYh4zpTmPFHnvj0gFO2vjhyY015_jtas3U0hbPDEd0mtYZ9ZG44bvcmbkvrYEZCjFRO4Jg1pK_sxtsUzKAAoWGSS59ZnunVQW9xxL&sig=Cg0ArKJSzEDCfbuTf8d5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=106&cisv=r20230511.80002&arae=0&ftch=1&adurl=

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 7EA3
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-3295809207588976&ias_chanId=1&ias_placementId=19422215925&bidurl=http://www.aviation.com.u...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

7ms
7ms

Script
application/javascript

2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
Protocol: H2
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: IA0CpADUJLi5mH3d4OqdtuHMxWhB6eh2
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 20:43:25 GMT
x-amz-cf-pop: FRA56-P5
age: 245439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 08 May 2023 20:43:24 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: G5-q_GukFHdZ3fZSlBCp0r2AF81-5AQLMGnz6edYxmq61_RPxluS5Q==

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9AE5 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20462667
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: -KZN3mwi4-ccZEqNrwPLXcycSDxfcUlaOc6A-m2Zyb3-shJFsbW2Kw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7EA3 43 B
216 B 110ms
105ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=51e45adf-c8c3-106c-79cd-f30fb30877d2&tv=%7Bc:cMdmxF,pingTime:-3,time:78,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEq3PvP+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141*.990511-61634094%7C1411%7C1412%7C1413%7C151%7C161%7C17%7C18,idMap:141*,rmeas:1,rend:0,renddet:DIV,siq:39%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7EA3 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=51e45adf-c8c3-106c-79cd-f30fb30877d2&tv=%7Bc:cMdmxG,pingTime:-6,time:79,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:79,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEq3PvP+11%7C12%7C1311%7C1312%7C1313%7C1314%7C141*.990511-61634094%7C1411%7C1412%7C1413%7C151%7C161%7C17%7C18,idMap:141*,rmeas:1,rend:0,renddet:DIV,siq:39%7D&tpiLookup=ao:www.aviation.com.ua%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 passback_320x50.js Show response
static.adsafeprotected.com/ Frame A520 3 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_320x50.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42ead8cc1210f1220cae1f70e354f4d259a3c9d03840ff835164ca6b88d5b67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OqGNRLqe8PfZhkfzN_UrBUWLOfWw_KEh
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 02:09:11 GMT
x-amz-cf-pop: FRA56-P5
age: 120693
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:45 GMT
server: AmazonS3
etag: W/"aa53aba862f14fb5c1675b2887e7a083"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: wKAJSzi2l0gLN-4HKPDpSQibZCLSA2w-BXc85piq6NvtUWvZCeNldw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7EA3 43 B
215 B 194ms
194ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=51e45adf-c8c3-106c-79cd-f30fb30877d2&tv=%7Bc:cMdmxX,pingTime:-2,time:96,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:401,beZ:402,mfA:404,cmA:406,inA:406,inZ:410,prA:411,prZ:433,si:439,poA:441,poZ:463,cmZ:463,mfZ:463,loA:480,loZ:482,ltA:497,ltZ:497%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B90~0%5D,as:%5B90~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEq3Ps7+11%7C12%7C131.990511-61634094%7C1311%7C1312%7C1313%7C1314%7C141*.990511-61634094%7C1411%7C1412%7C1413%7C151%7C161%7C17%7C18,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:39,sinceFw:56,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3295809207588976&output=html&h=60&slotname=9486923046&adk=1813526727&adf=591729439&pi=t.ma~as.9486923046&w=468&lmt=1684237241&format=468x60&url=http%3A%2F%2Fwww.aviation.com.ua%2F&wgl=1&dt=1684237241554&bpp=4&bdt=746&idt=4&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df4a31ad7a96b6885-224bd1d8d6dd000b%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbXqJAiURvedkU1vngSx92pUXzQOg&gpic=UID%3D00000bf8541cd024%3AT%3D1684237241%3ART%3D1684237241%3AS%3DALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw&prev_fmts=0x0%2C468x60&nras=1&correlator=4317124151456&frm=20&pv=1&ga_vid=52828483.1684237241&ga_sid=1684237241&ga_hid=1848465750&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=641&ady=711&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44773810%2C44759837%2C44759876%2C31074345%2C44788441%2C44789779%2C21065725&oid=2&pvsid=3763570045505922&tmod=985721560&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=hMmSYnLsP9&p=http%3A//www.aviation.com.ua&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 css2
fonts.googleapis.com/ Frame FED2 4 KB
671 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 11:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 10:32:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FED2 205 B
229 B 35ms
35ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 17:15:46 GMT
x-content-type-options: nosniff
age: 66297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 May 2024 17:15:46 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FED2 604 B
628 B 37ms
36ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:24:38 GMT
x-content-type-options: nosniff
age: 4565
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 May 2024 10:24:38 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/elements/html/ Frame FED2 20 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8271
x-xss-protection: 0
server: cafe
etag: 10419244916965318868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 02:19:09 GMT

GET
H2 200 IAS_PassbackAds_320x50.png
static.adsafeprotected.com/ Frame A520 4 KB
4 KB 7ms
7ms Image
image/png 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_320x50.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f2c1e6c435859c72a29e9ef74e1c1b263dd8277521e6d5820204cc806adf661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: _G4Ds6azo55r1BbSN3OW63JDFhqwSJRZ
date: Sat, 13 May 2023 04:23:57 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 584430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 3772
last-modified: Fri, 18 Feb 2022 23:29:06 GMT
server: AmazonS3
etag: "7e6023f5e5568cc0026af9a88738418e"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: U2dQI2rEk2ayUW9bUslZl6Vq3ASRgKB-hd9TMbLJHL7-PTFRFjTIMQ==

GET
H3 200 css
fonts.googleapis.com/ Frame 5B01 4 KB
655 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 11:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 10:30:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 5B01 2 KB
765 B 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5B01 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDfikuWtjZL2CHYOi9APu_o-ADfzMh8Bw1dW-jNIQ8M6E7doTEAEgof7pJWCV4pCCoAegAcH8wuAoyAEJqQK4Sb-1M2eyPqgDAcgDywSqBOYBT9Cj-jraFQ5ePxGxRhcIzuatyP2MuIueJ63RSOhnTjuoOOC2Mzu5hweMi3bBEpEldyjCqJxbcXCypn8vBceRWvCjypcdAn3WkpTJXwQY_cOVzPeKVDSzP5ridK-u_mBJ8RtEU76pQlylsdFcRlgsTcDz05QNk7ldXRl1WZfysLSLOUTyVdT-cDxhL27d87mOOvojL7dweUcHOPzSZKN5wTdx5F0Jrt2Ypk7npCt_RNVLM72KaVvYVq7MxgDCLiNnYEVV27xHj8NfeRwbUH2bp7bleHzRl7oIxcUpvzdxjYeKUATeNULABOuU_vSYBJIFBAgEGAGSBQQIBRgEoAYugAfBtJPAA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENekCNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTMyOTU4MDkyMDc1ODg5NzYYAA&sigh=1Ts5S_A8lXw&uach_m=[UACH]&cid=CAQSGwBygQiDZSUUJHfAE6Un0CNCidkT1x8xfBzOURgB&template_id=484

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/ Frame 5B01 22 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa3b72d5b1a5c9e14494cd7eb5119506fc3a7a85070fee3f1de13a146186969f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8824
x-xss-protection: 0
server: cafe
etag: 8026932446453101925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 5B01 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 5B01 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B01 170 KB
53 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame 5B01 32 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/1809314668812461967/ Frame 5B01 49 KB
49 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1809314668812461967/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17f9294b87d1e3a7887dfd3b8ab8662bfc867defb0254274dba7dbc0ecabd54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 19:19:33 GMT
x-content-type-options: nosniff
age: 318070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50579
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 14:23:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 May 2024 19:19:33 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5569248882082790905/ Frame 5B01 10 KB
10 KB 48ms
47ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5569248882082790905/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:43:26 GMT
x-content-type-options: nosniff
age: 237437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10673
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 20:32:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 17:43:26 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7EA3 0
63 B 74ms
73ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufZWBeZ9xMCUgbdo7guMFJaW90nWoIDafleRrOJjQsByS13x3MP5tJ-VyG_hgUzZKtRA05IqNrRxJuNLKPXdF_6R5E_kJr6rfnFh6DvYjyNJA9in7T43TZ6z3RCG1-3Hu5zUBaPJK7TvfDh-O12o7z1w7X2ZKrVyyijRccong&sai=AMfl-YSLlhP5kQ5e1leJEBBcFZvch8mN2RbkhGiRWEUDjfCKmNMmTPG0X1V3ZrYzxm59X4x-2uazV6L-wE0sqwWEbW5CDQk1H1tPS98AQ0gStv_CFhGQ9JwOSwO1vNr2blI&sig=Cg0ArKJSzIpEN8kXQHuzEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_320x50.js Show response
static.adsafeprotected.com/ Frame 347C 3 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_320x50.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42ead8cc1210f1220cae1f70e354f4d259a3c9d03840ff835164ca6b88d5b67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: OqGNRLqe8PfZhkfzN_UrBUWLOfWw_KEh
content-encoding: gzip
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
date: Mon, 15 May 2023 02:09:11 GMT
x-amz-cf-pop: FRA56-P5
age: 120693
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:45 GMT
server: AmazonS3
etag: W/"aa53aba862f14fb5c1675b2887e7a083"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: -EOsf01XxlnBXvLDTYn8wV_0hpgSrfOYRFFmHMLilSMKFCTGXCUCzw==

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C71 37 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 05:39:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F804 9 KB
932 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 May 2023 11:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 May 2023 10:31:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame F804 2 KB
765 B 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/ Frame F804 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa3b72d5b1a5c9e14494cd7eb5119506fc3a7a85070fee3f1de13a146186969f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8824
x-xss-protection: 0
server: cafe
etag: 8026932446453101925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame F804 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame F804 19 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:45:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F804 170 KB
53 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H3 200 a0d8c68f3de0718362c8759993c4ce7f.js Show response
www.gstatic.com/mysidia/ Frame F804 32 KB
13 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a0d8c68f3de0718362c8759993c4ce7f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Fri, 12 May 2023 20:16:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 10:45:03 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 97DC 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=8d5194b5-4710-a8b9-8909-28c99c2526e7&tv=%7Bc:cMdmAG,pingTime:-10,time:495,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1684237243218%7C%7Cfd76aa81ef2f0d37e15abf631b69f88a%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7Ccd6a150f4edd827c8b5f933cabad6662%7C%7Cbaf70c01848308cfcb37dce00f9ff047%7C%7C24b761ae99f0d3c007d010cc11d8be5a%7C%7C1b9ea66a15e407c5e58fbb7c9863de17%7C%7Cea59f97ef99ca736a60c0321a53bfcc2%7C%7C1663701684%7D
Requested by: Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 IAS_PassbackAds_320x50.png
static.adsafeprotected.com/ Frame 347C 4 KB
4 KB 7ms
7ms Image
image/png 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_320x50.png
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/passback_320x50.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f2c1e6c435859c72a29e9ef74e1c1b263dd8277521e6d5820204cc806adf661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: _G4Ds6azo55r1BbSN3OW63JDFhqwSJRZ
date: Sat, 13 May 2023 04:23:57 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 584430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 3772
last-modified: Fri, 18 Feb 2022 23:29:06 GMT
server: AmazonS3
etag: "7e6023f5e5568cc0026af9a88738418e"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: TElXg0yI3hQHSvEO2U1mRBYtIqjk24YEp_tCp3sZOOMBjW9J6XpeUA==

GET
DATA 200
OK truncated
/ Frame 5B01 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9c345745e80eac30fad6a0475d31cf23a800e0d8943431c8c65d84f3a188695

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7EA3 0
0 74ms
73ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4YtrqIxe0s9Bhj7LQHZMNLU5pBdo5LGhR_B7M4pKbe5xq3mn8zGFNeALQ41b2J4vfDa-EqItr3WDdl-wbu4cv3yY31pXQ3ztwFmYMS4zQX_pI5x8oq2iz_WCUEYJLZHzRJDeERlVxJlaGqcvaFL25Go1zCXs1SlTo-Ht_NKr32To20JyJpUHd_AWLAaucf7XVSQRa4XA3CsL3DkLZsvRZaKeippz9Qnwhqyj0V6gwKi3GlWZo2-IGnOu7PaRko0AU474FQcRw533iggUkUJjUmK0sBN91FC35e83pr2HjBaqwUAGN7W-jYi9sek6pDwnKqNd-OMfIzG95zwfeebITb2ayUVSLsHh4W4k-3b1ByOJb06ZY1ZVEUXH56ucFuZVTLItwyfk5G2h9QUFlZ_SFsgeQG3LnMUCWat_X8s5luVu_72i_tEWasfjsdFy7eLdbz90cTJcJeaY1qxpUzVBZ95-3kK8k57hVn7qFId63iR71FEeBM-YGhN4IV_jOosEYKB3OQpdcZlS7MkK7-1vUL3HZildJsUY66-NmdPnntJlLQq4eKM7qR9HE0wla69RZOQ8QXg1tvdnCWN0H5Wp5QK_xDfZtttSkQN6TI3T4XCJ2A8TSiPekJz7-29w9Eu1JBP3Ty9-2X7xtLE-MIS5BpCUE1tyZdDGhNMjBLw45wqwLpXRQt-ux6CXEM-nBB_ZszxSiwHjsJkOfwwCjOMnWfbVtBIgMa0WZ-I9WsHic0N8bvfDZBcE7Vp7fCiSwncBP3rV-9i_wKHEVCcs5xGYqvfWtP6822BuTiYUHL4ZYu8KlX5_2BePLJnx_cnO-hXdSvJaLVQWgCidoFNnUCfIbWmEu-n4eSeOYQy0vUznOQ0WZniJcp5JTo7ESmLB3Zpnj2AdpwASC8Ch55rhuKIhbiiwwLUvkeL96FUPCfc23ugvG9Vw1lLF72WjMLn-Ik2FSMVzdtNxmxgSVLlKP5759HNrOwMuWbKAPN6VedrJ9dc53b7yKz1540dtwT9SpHOOhXbbHdvej0xNEAu7SBJN_E9daPineHUHuNllOMjlLEvzGDFExSZ7ndx9dO4yw94Pi2m8Z81ZTOxDFf1KNiqINcwdBhQYW2Nw5j8RAYyEUqsfkNJLrSCxnAqfbUIcmgNtOxs1RBamdvT1-_h_7k74MXE7lx43SjStRsIiVbafjV1IkLdRR6bLiIcJgrLU3slQXiihnZ53qBfUxYqtEF9Lz264qG6WmuCmhX0EuR7CF1zjtCh0rGfQDBSITFNhBFTgyue-PxyYl0We8bb2XVYwNDnnzbHQcvDRRVZUp4whQ5j5ZHx_I7g&sai=AMfl-YTrf87N-vq01PJDN5_XCvMi95uYVumLzUFPqBUohKeon0s7kSHBesohE-OvHJiK7G42_6NOXdrCRXLs8Wind8QQ1FE9it8OrIb0FhU2j3g7NHOAno_R55OVX809XHgGEB8bJAhStLzDyNjDRYfM2EIF_J-yupAmfA9bvMxlrm9QHfGR-758Ml4B1VFvLk0bYh4zpTmPFHnvj0gFO2vjhyY015_jtas3U0hbPDEd0mtYZ9ZG44bvcmbkvrYEZCjFRO4Jg1pK_sxtsUzKAAoWGSS59ZnunVQW9xxL&sig=Cg0ArKJSzEDCfbuTf8d5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=456&vt=11&dtpt=347&dett=4&cstd=106&cisv=r20230511.80002&vwbs=2&arae=0&ftch=1&adurl=

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D8C 37 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 05:39:02 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 158ms
86ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e70982f7ec0befdb184f64d9f2b0b977bc9647fbb79e24db338c3968b3da982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11044
x-xss-protection: 0

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FFE 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: www.aviation.com.ua
URL: http://www.aviation.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 05:39:02 GMT

GET
H/1.1 200
OK HM_More_black_right.gif
www.aviation.com.ua/menu/ 53 B
318 B 119ms
119ms Image
image/gif 2a00:7a60:0:106e::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.aviation.com.ua/menu/HM_More_black_right.gif
Protocol: HTTP/1.1
Server: 2a00:7a60:0:106e::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 60acad305c2fc4989a834f2c21156c8f04acba4cd889b2675f8e0d557ef121c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 11:40:43 GMT
x-ray: p15532:0.000/wn25568:0.000/
Last-Modified: Wed, 26 Sep 2012 07:31:26 GMT
Server: nginx
ETag: "5062af4e-35"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7EA3 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=51e45adf-c8c3-106c-79cd-f30fb30877d2&tv=%7Bc:cMdmDT,pingTime:-10,time:464,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1684237243416%7C%7Ccf428d9914d34109c799adb844dc6c56%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7C073b323f0cee4080f5b2e3a32ad5c303%7C%7C43861355275e2e05ee92730cd077d77e%7C%7C2629531791b4caf8b73a22bed3319744%7C%7C03949cf5f71c7b2a31528259c169b21f%7C%7C5b54d5b09c33875f5e5435a4a4e92744%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0F56 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvPzqTcTphcGdwI0-GR5XI6pTX5R-p3fElFgB8Hbu2HiwyQjJv7VwNMtDcShF6XehJ_qu84LQemiod4hx0PauyHAqWgD22EU_JXH7QPQ9LesQgT1zRosB3IeNoYi1PddLYVLwn1g&sai=AMfl-YTCrvewLdAqzJ5Si3-6N5VyV5gQxolDUg2fRKSOcEFYpl5qiNLQraky3v7akfmTxBDSxCdkUthVpDYMDZUonGbZsDT-n19U5KXVjs85_JxXLcpT9ToMmsBRAuoRsqlz-IETexEdPIHqprYyqA&sig=Cg0ArKJSzH9XNvKLO3D2EAE&cid=CAQSTABygQiDpNUwlwZ7oJ6Erp7Bs7RVzV72cpRQ3hwR1kpImjgoXFcwH6MCol8GWnb7o9dulopIu9ZS3j1HzWFtfRXBzV3Hy95iFsJkAR8YAQ&id=lidar2&mcvt=1040&p=0,0,125,125&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=455889613&rs=2&la=0&cr=0&vs=4&r=v&rst=1684237241581&rpt=851&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6592 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B__6OumtjZPL7GpK49u8P1IWDsAoAAAAAOAHgBAI&bg=!V1SlVADNAAYldGN0BXQ7ADkAdvg8Wlyj672mYmzKt2kFDfldOUlg2QLcmxkgry7GbTGCo15V0rkg9yi_2LQN_uGBt1yQvri2d-4CAAABX1IAAAACaAEHCgAbgYFO55NfRcy0j-bypDaPfkIPiG0_otYaXwrMmQL0VEbgc09GBQ_ELMd0_gHekiRd0YRFIUrLEc_6OKAP8OeZM1ZPL9QCYyUM9X4z-rUKjmCOcAUgelVIW0FIYdTxQFAqNRXd2tCCBy6fMiGIbcVBtpzzCumSHWUBrZaLuD-uM6Lr2hj_i9xbUg3mWfFmO40LEYw4nwGfDqbTp72n9XYn2NylrPJDQ6Q2AvXcUShdQbObZnmwm2a9WdxG8bIluADgHeRqnc8gCXSXM0qHV2zEkYOvMjrn__mb7IZALWnvaUiM0AUOV9GnbRSi-spzrj_ijtUeB8TTiRnY_Qal1ItMlohPh13rnxMrz2KltGPit3vnLohWqPBpoqsjDmSTOdj94zIqGLYxfCkThV1rXDpePkSkRpuZhBSaFuThiu8lqmURd04YSurYaDTV3gPbxrTF7fehsNRflwFA5LEaKKFbPWbv5iUSaKgwc5gTrGJEgtPBz5gWNxc5uoJu4gb5kdvsYd_LQLVLAS47ME0mpaZsX5o8A92Qt88coJXj7ikLotilkXwN2oVcUARWQr5NfroqLua-OQKdaoMIqL6DypeUFmlmZ2jeud5Uwr3CanjDrtK2tvIWFlvTJ9pYQT2oT6oXdAj4dhrfeQ06_Tlsadjmejws1n1Kz-7pqWcoYiEmemM8Y9mkWNK4IjshOGXLqpI4uII-dVZS97aGOEQK81oAJLA_M4z1EEeS_7-GuBcq6s2FL0_907cB8zwz0l8tv5vCqjvZulgvC92VT-RcTKeLQPj2QA3LenzOfwn4OWmgEmJyCKK9wR-CCSGiPwR6ICJf1_VF5Di4cu2kuQpwvQGiBexCWKdfwRue9V9wAeAp-oN_56sZwbhrOGgAULE4v8FVmcOxLSIj9uFmU2mCE16MuKmMUq-HKQerMoKlcZ1s_PAGRtUzr5rVIFI_tUQRiciXl20xRiIBFj6ThGAjFsnMaSqOrnMQ8k6GU4HwialTs5JTBhMoj7hEJUFjP1TursXMaCXXiRRvN5K-Uurk_5kXo0kU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 11:40:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C71 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYxEdumtjZKnwK8OJjuwP5Ii1wAwAAAAAOAHgBAI&bg=!eHuley_NAAYldGN0BXQ7ADkAdvg8WtoZQRxS9w4R7mifhnb_XFXDaKCHgC_jV8HgXj555k6mgIsp-yAexafPichGECOGsgncqS0CAAABE1IAAAADaAEHCgBzKsBZ4va4ufEvS9mfZqeMt1j0zGFEPvITr3Ui8N0NG4KUcRjpLkoFDj22NOwJmIstHXRYvX545Am8MuKu-UHOJmrjOdSRGosdwc1JpMCz51GZXmuzAE-A8Xi0rBMNsTeh_pPNpBc4GoZyoox9RMM7QEQAiJkC74cBJLCiWRtf54xNRVNDNY37WZRTX0JZPEQ37corP6tKeRpID6Gmht-F3lc_SoKRJXHDhnx1HQ6tCbwf5o3jJLItVbFDu2fCmG7BakrBY8U5aYroMfUSYuw9wsOhoLpxnU_E_rH6SIiHWBCuCd1WA_SqIwy0oH_M22p2Hum5DSokTDCwfuuml-n2IwebUs2WeygaVTN1Zxy5l8AudF4nIGi4xkE8b2Zntq7z5HntIvg5xUSurgfaoJC87mcQNEjn7Iif5A8_LRXfKlEyNfOzHmThD8KxyNDR5SV1cleLRQ1uYmRmaEjd-AWqdEOyA8zV87DcC9BAQYFWX6KzQMoxxqVW9fLxrJ-Qj9Ta7iYzTEixUzptNZRlULCSgocFrYgESr-xoyITj413EYOgsBE9-DplfxEXulvvFVDowghtzoqrFE8WZrPrYQ7mdK-BaW5B02TYS3eNGu1M_5jYfxdtC95KtrtZB7Lf1t8W2Mi0vVmmsYgs0jMTdwxYaVjEGhmaDd_TNaSgKOBg4rp_fXftWI_X52WbcT3oUzYmdWgkvAXFBs8W1udq4gxo41O8WLvYbexSh-7-6qQu8STS3LOI4hI3Ej_1-Ql6DFLMyJg3jo5qIUkmY8KjnlZTC9cBCb-Yx6t84iuBM3OZI_9eZvikYNfrOZkIOfFUo0Di8SlD77mPjQuziR8iLhILKhskLZM3tpp6F0cNSO6c49YFka6CA0NcHcQTSekIlVs7SEcT8UzEmUoJNjhCWxRTeN56jb8JQ3n_X91CkcqsV6XqqftUVUDazoKKGZqb73Z4szSUlHYNpu_j49QMQIgx_zK26-DV10o0kYlk031sfNLZEgyJK_198czeWFqtsWJgWufg3vJ3EoasuAbI4xyTl9uTpXXCJre1PO5bh6SdTIV2SJHKh7T9eIlXtZP1yWWB9NCnJQsm0kfGegDkdEUj_V3R-tYBQFdMWWuTEDOahDHAF7A0Fp8vgECmuYUdVvUCKWBBe6E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6728 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 10:45:03 GMT
expires: Wed, 15 May 2024 10:45:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 30EB 783 B
973 B 49ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a0f1f0621608973d0a8eef253eaa196ba5dc24fda86b689c716d2956b3e5f7f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U4Mmvj65P-5QkOVNTY4Pzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.aviation.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-U4Mmvj65P-5QkOVNTY4Pzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 11:40:43 GMT
expires: Tue, 16 May 2023 11:40:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 319F 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0F0-3BrFq96vkNkyDUAHR7jqrCyxckqPqGxOh3o-fM5vux_NFB1jNjq2XQMpPZa5qr6A4u6ShiX9u8SGRLYp_BOX99WDbtouYQoQ9i_7a56CVSHtzq_iOnAbLSxdw-fbrdbrzMg&sai=AMfl-YTRpeCS1sNQp2u6NQty_IJQA7ZewV8zzT7Pmlto3FZQVWFGAgMIko9aU4T0wxeZSAhIczrBQX1-xdfqqPqYy0QyfCnHKotCXtbaIEhxMICYHJCAvdp_2HEkvq6ordY3mxH5qSiBGIAZQxkP7w&sig=Cg0ArKJSzDDsILyLFXrgEAE&cid=CAQSTABygQiDgjy4p_KuhQ-SMNofFfPy_fHgiHQN-4KvzO7AWAp_V_VRxMkruhHjFVUSAHE1QPhPA9CbOeHvY981IMka6m49pku1GuMvVf8YAQ&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1813526727&rs=2&la=0&cr=0&vs=4&r=v&rst=1684237241574&rpt=1052&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6728 37 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 05:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 05:39:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 30EB 0
0 69ms
69ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=3763570045505922&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 97DC 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst47Q24lIwD3mj650Ry0TpS6M155V71XdDztB10dDlYX1bffMfbdLustd8oNB_s5yda87Kxc0HXKvXGZCovGLF3cFkCOurUDiHGbn_Zrg5pH-fNwPE74gLDftTqtG92lqc-rhpZjA&sai=AMfl-YTjUfEF3Qx-zEEWXAZN_ctUBJz3_09DWKy-YqLP0Qac30HiAnJMHCYt9MVdHRxV_wmsYrK0ujenpY4gMT5fv60F4oyIrMW3J7xO1BDTwwtqvu-uzfhDWXZJysbTXoCMsfQlku8yLQ_4xAfP8g&sig=Cg0ArKJSzBAc0eY9HxWSEAE&cid=CAQSTABygQiDrbPuSyTM9i5AXAJzP1SKTb_f9pbojtEH3kx3-33A86bNEtPZmtXK7jiIYvGWLJHV9YWxaWckqF39rr7GdKTPdOD4tdDrEn8YAQ&id=lidar2&mcvt=1010&p=0,0,50,320&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3031713297&rs=2&la=0&cr=0&vs=4&r=v&rst=1684237242281&rpt=410&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6728 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3F1Atw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:40:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7EA3 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv3SA2SGKPcbq2funn6AvHH9g8gXQggHXA8p_1XpqFbFv2Ch0u7E6HH1UHZe8KsKiIrrqtj2RY73dPeiXbpQ9WHUvdIc6IfEew8bp4PbkIK3VolDuRz5lNQkjiIsD2cjg1mYkHYg&sai=AMfl-YSnR3xCZvRdg-GDovTeQEu3kA1X3KJHdaN2J695E7-6vDVLdhKUhLaiNH_KJQci3_iAivub3L2NNqHOKIgwVQ0pJmmEJ05ZBVCVRSrO2hfIJkzwD9pSMvk8fiQLJSIf-yHtKgZjvu-WPHYtIw&sig=Cg0ArKJSzFE6XhPA2TgZEAE&cid=CAQSTABygQiDMVnmQ1cjeNwvLq-2EdOcpksogVPwqIzJxfBC6ZdGus18olwNQOTF-Eb26CUS7ZYokGv7y_FlUHMhUJJ3zfgUsk_pEikGjh4YAQ&id=lidar2&mcvt=1001&p=0,0,54,320&mtos=101,1001,1001,1001,1001&tos=101,900,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1813526727&rs=2&la=0&cr=0&vs=4&r=v&rst=1684237242553&rpt=484&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97DC 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5116857323977&version=m202301230201&ct=76&x=1&cor=18251500678870682000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=3763570045505922&bg=!XF-lXwvNAAYldGN0BXQ7ADkAdvg8Wgak7JVK7n8_n8m96p8XBqzIZ-xyB_R6u08l_PsdJhKbqoFMRc7a7rN8ofBC0KyZo07527kCAAAASVIAAAADaAEHCgDNRlQfyOPrwzm7zqnn2HiuIAISl5ceAFn8cUfBmqOSL1Z65m_BShY25rk_J6Xz9XwFiNBEU7CxZjznHJjodBo6rb-6ICXBD4kBcq_lqBMYzK0bm6rnY9kBY9tzUFuMa2o6tR8Qv1Ik22GQx6MJICwj6JwjNZYxqRK34D5rDDbtmClCSDqZrzbpt15CetVLzUwtjH1dGK3FahAYkFkMurEXeM2KD_cohlcm0eDscFH3uz14lQQzQeHBeEDhvWvtpcnvTgCkN_OuWbfjAwEE7ZkCm9OC9s8Rjm7w7EijDDWDynVJ5d2eWic2cVJfRGHmk6Rj6KnTNnR2qd-ezePq0ew3FLsr_8p3R8ZtJHSNelG5KqWOvAfInMsQoXIDPAtnb6olzzQCuYIC001Ng5K_J69GDN33YYpkwZeMVKDUAymGEfgP2rqUy_1p_S1M0bR5HBiwrL5vVNJn9RqVaZIyw-IZuaMMnspJcrX0gyMN142baY-b9EtyhNJ_Xt9l6A2ul8KYp2wilhnvXlZE2FgCh7XtIEVta6XYhyNn46_Clg2H-PX4DNsY7UAksGJ-zyNzr7ALtVKHV_WlIqtN7cUOHlx_YZrCEAV-ZWH3UfXAD7_2vemwdcxoFCLNc3XsoNqEoVpbwxDACHIDaFkw6xWkXkeSu7HIe30DfzD3mcKgyEhekTrNGx-oYFPKzuMGWILs0_vukL2qIpSxkJn89F36Bpg47aX8PFEGV5x3rSm6tJSegD3ch1WhPx8XFUCzNwYRQXE0m3baSbNuyfz1SqbSrCwM1mX31w39Ty92C_GciqP1kwIarJEl_T8CeoFQaje1VRxmVly9CCPQBlgvEyNyuEQbOhqzTjtlCSEbsrv4UACCF56z5beBhByOroUKIuqtQNY1-37ARQtnyvVR5Qz8UXHdP4B7QQF_8xZeZt-XjZ6DgGJbSnYYW9zSIEeZDJBsmFdSIsyuOkXkCr1muQy2PTB0k09FxcWiT9kCyEr2vjIkZRayGeM2Jt0iZJJ19G776y8GO6EtuYiMZSeS0W82l1KsMjtEMPDqx0x3Gkh-qzTZSuaAWEiaE-L8jYC-6AnoAUNS0-yqC6Jz12ikFskVYl2-Q4WpyxfY9ioc_lH1LoIShcuVXKEF71nIO5-w65SAHht37iqYdUScWAGy9bM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.aviation.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EA3 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9374370927937&version=m202301230201&ct=76&x=1&cor=18281570885663949000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B01 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_p-s9-lJpoLxly90dbv0KgI6XBsD_2lJucc-zT8iF6E5Pg3EtsgFlK0LazYsHh0zhF1cQstdHwmn1GxbadFIWNvvkEiaT2d5Y0jAiTZcQvHd6dakqGBx4Ur8S5gmxJY1VnXaGLA&sai=AMfl-YTshIZCHndYOewhvhviiot0yAT4fAMjTtyJex5BMlABeOqVJCjfSCD71j1KKNUqrzzN7YUiBUpHuOkd&sig=Cg0ArKJSzLIWHTnJ6rlJEAE&cid=CAQSGwBygQiDZSUUJHfAE6Un0CNCidkT1x8xfBzOURgB&id=lidar2&mcvt=1011&p=0,0,124,1005&mtos=131,773,1011,1011,1011&tos=131,642,238,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1684237242895&rpt=411&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 11:40:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17033400417514298334/index.html

Verdicts & Comments Add Verdict or Comment

253 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.aviation.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: nfs42rc9ig1gme0dontbgsl7p4
.aviation.com.ua/	1970-01-20 21:26:37	Name: __utma Value: 46918775.52828483.1684237241.1684237241.1684237241.1
.aviation.com.ua/	1969-12-31 23:59:59	Name: __utmc Value: 46918775
.aviation.com.ua/	1970-01-20 16:13:25	Name: __utmz Value: 46918775.1684237241.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.aviation.com.ua/	1970-01-20 11:50:37	Name: __utmt Value: 1
.aviation.com.ua/	1970-01-20 11:50:39	Name: __utmb Value: 46918775.1.10.1684237241
.i.ua/	1970-01-20 11:50:39	Name: __cf_bm Value: 4k_P7.WYExFNv8tlKIO3aH4W_XVF2vi6gSCNmdrqZy0-1684237241-0-AbEpWfxoHsfw2Pgq3GuytoKa1Yc6REo0pFSkv9GUy2fghIn6gGPLpHOCV5zBKt9CDrSW5iB1t4mKmBxlRwax+mM=
.aviation.com.ua/	1970-01-20 21:12:13	Name: __gads Value: ID=f4a31ad7a96b6885-224bd1d8d6dd000b:T=1684237241:RT=1684237241:S=ALNI_MbXqJAiURvedkU1vngSx92pUXzQOg
.aviation.com.ua/	1970-01-20 21:12:13	Name: __gpi Value: UID=00000bf8541cd024:T=1684237241:RT=1684237241:S=ALNI_MbL_zjgjhiTOBzG-gYe6-t_MzM4fw
www.aviation.com.ua/	1969-12-31 23:59:59	Name: b Value: b
.doubleclick.net/	1970-01-20 21:12:13	Name: IDE Value: AHWqTUlnExYUffqwSB8LSm9jaO6wnbWZZ-3dgJv1zgOLOUXwodTq284jpLLQszNv-ws
.adnxs.com/	1970-01-20 14:00:13	Name: uuid2 Value: 6324423448164778877
.casalemedia.com/	1970-01-20 20:36:13	Name: CMID Value: ZGNrun9m9VeNTcpfOXQELAAA
.casalemedia.com/	1970-01-20 14:00:13	Name: CMPS Value: 1110
.casalemedia.com/	1970-01-20 14:00:13	Name: CMPRO Value: 1110
.adnxs.com/	1970-01-20 14:00:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilbm@a[9!]tbPl1M>e)ZlrFUfJ+tGXxp:IG#yi`WR[.AJURP[Qx?ta7>lm_K@]2bt4TmbpRzqF1`b`/m3usC
.doubleclick.net/	1970-01-20 11:50:40	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.bigmir.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f.i.ua
finance.ua
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
static.adsafeprotected.com
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.aviation.com.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
s0.2mdn.net
104.111.217.42
104.18.2.81
142.250.186.34
172.217.16.130
185.80.39.216
185.89.210.153
193.239.68.97
2001:4860:4802:38::178
2600:1f18:1aca:4281:84b2:6bc8:6fc1:78cd
2600:9000:223f:4c00:8:48e:53c0:93a1
2606:4700:20::681a:607
2606:4700:20::ac43:4453
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
2a00:7a60:0:106e::1
34.98.64.218
52.212.231.135
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
148c26bbfd92bf27fa6ee69b8c201b6eea76aeeae20fb73b642f28757ceed951
14dedc3414d0a7094048f9a78e2f71388b2e6656f447394204d19a196dfcb83f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e70982f7ec0befdb184f64d9f2b0b977bc9647fbb79e24db338c3968b3da982
1e7217a67acab027dcaded2c89aff363388d0d5f4ec8060590ea4554780ff63b
20fadccfad9bb344661e83214879a6a720d0390291178312684ed2861128fb96
243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899
25e507fa9c8208af61c3fd2213cbd537a2504b654ed1777cc6c84a9b2e10e835
286828d2ac6a8ebc51ba8258690c9b9ebd1ccd94a48fda64fd24e8e73c8069e1
292bd5c172280e9a81d9fb4c2fada3807231116e72e86224c82e68bb03a82dd1
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3440b10b0ea93537e24e6cee754e7af0c448da217c075b6449d82d2c78c54b64
393d26d6326a1717297ca61345845a3db6a9fa148e14d955647639a0f4269b14
3a0f1f0621608973d0a8eef253eaa196ba5dc24fda86b689c716d2956b3e5f7f
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3edada96a43826b9ea0321ad1911836979f0a5d69d371caeb2ed689986ce2ee9
42ead8cc1210f1220cae1f70e354f4d259a3c9d03840ff835164ca6b88d5b67e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
476f291fdb08c55d6157a081b5a63c05e99004df25bdf624edd6827e53b0d013
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6c821e9ef07b2c36da99b8146f919680e0e69d9d0aaa71e53827367b8c4c49
5e7e42afe7c469458756a329b198be81c3a3b2d93260ece4c06386a1aa878f06
60acad305c2fc4989a834f2c21156c8f04acba4cd889b2675f8e0d557ef121c9
60cbe5e043b48d624b2ce318c4fd80a25c9f319e0db0669dbaf731dce34b4776
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66db703d88ccb45a06bdc059b14b910d66b8d19d039282ac74e259e778f184ef
66f377debcd36555413d3a3a6e1ec2b1bfe78db2ac73f1433fd833983585f1ba
6c9aaacf3146e27b3a2c4e59b369c5ba523127e66a3bf29bc21e3a5cc3437e68
7b5789dd70860498220811c491325eb1f8d9eb2de37f28bac44c6b681a7dffbb
7cd9906f6561422c44c7ff7a5be8afc3eafce34c1b3fea53f4c9caadcde3d078
7f2c1e6c435859c72a29e9ef74e1c1b263dd8277521e6d5820204cc806adf661
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836fe034ac81a9e91602ba90d5aae7bf2beaff32bb1307b55db52a9b4887f2dc
848c9628e34f5e696c4e0482e8befd85145d139d717b018478d6b44f243e5729
886e8e3326ebc5edf00b24f8a9b24c957ca3d9c273b58e3cc80c8ce18eab5cfa
891790f9429a105408c4e752a5beab5da85f26f5ce99009462100cc917b2b618
8e64e9c1be949f119dab742640309ef5ae5f32da77139630ccbe1bd16d9f3ad9
96d7a90c1acb7f74f5a563bf104142fcbbba10ea3bc8da679588775841b38f05
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a78e0bee749fe6c097d0d5d9a26e65ca91610a688ea23ae3cb3cf47b82d067
a1510e99380bfedc48cdcc128dbd8b38fde82de1f5d0d8a0f70527ec0ac87319
a297797838a27eea8a4fa1d23ab204d357eb2422cdfa56c1e70efc3ad76e6bc7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
aa3b72d5b1a5c9e14494cd7eb5119506fc3a7a85070fee3f1de13a146186969f
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1aa5293829def29d313f2750316e31c2f136a7e57aee6f7f4bb0c54454925c7
b3d21cc1f230eb97220e77922d3f55be811e87cb4c4dabdcd5d7b316f3905989
b40fea82eee616be86a8ecd08f5b01a2bceb6a00fa3f6cfce3bee19b785820af
b76488055b11640935f1bfe6c7d150c25122916733c920d04d3945a746986f21
b96da14d46255d9efb84cc67e78c0bea9b1f47cac71f897ba83bac6405289ea8
b9c345745e80eac30fad6a0475d31cf23a800e0d8943431c8c65d84f3a188695
bb8868f67070a3bad4857c1cd4879654be3ac170eae027df9da8783ca7d604dd
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bbef193bb636d9c04007c5ee5cb06177e42f17f1618cd50b7316dd48c1a1d674
be05626dde9ddb82b30f6a67536788652eb2b0f2e6b4472c64ea9000663300d7
bec06bcab2d65abbde2b99f1d2b52c88005baac5cc619864ca015db7c46acab3
c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c
c17f9294b87d1e3a7887dfd3b8ab8662bfc867defb0254274dba7dbc0ecabd54
c1febfd361ceac869438494a8514f6e670bfa640312a7a238d7ff72d7c1866df
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d5a32e84d16f3982d0a71bdb1d9f0beb125e6869f3b8734d0aa689d08af64078
daf9dc6664474a6b01d9e293a39749d0e9b637629239cbe512dd4a0f0854a8eb
dbfa80f389e9c4801b8bc095ba250f5747aa1073cf1cc0a08a5214ca976fa140
e0b7719629ee3a96e555d98e527deb8f529d13571967d86efcaf189a2b8ca4e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e759d7bb155f7df75fa26fcb31c6079947c18b2532e720aab5bc994be78056f8
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6af9e6968b1f74b5e1a481d8a00c6d5e3c90d909d983fc7697760017861a90
f2bbe26a00d68561e5de95e02227f179a46d79cc0c81e20d7c08a22804407b3f
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd4f1c9d69a243c7240669fd0fedbe8a66953243d409f75ae02dc4824b17cf68

www.aviation.com.ua Open in urlscan Pro 2a00:7a60:0:106e::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

174 Requests

78 %HTTPS

65 %IPv6

19 Domains

26 Subdomains

26 IPs

6 Countries

1763 kBTransfer

4824 kBSize

17 Cookies

9 Outgoing links

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.aviation.com.ua Open in urlscan Pro
2a00:7a60:0:106e::1 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

78 %
HTTPS

65 %
IPv6

19
Domains

26
Subdomains

26
IPs

6
Countries

1763 kB
Transfer

4824 kB
Size

17
Cookies

174 HTTP transactions
6 data transactions