pogoda.ukraine-ru.net Open in urlscan Pro
91.218.214.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pogoda.ukraine-ru.net/
Effective URL:
https://pogoda.ukraine-ru.net/
Submission: On March 07 via api (March 7th 2022, 2:48:18 am UTC) from CA — Scanned from CA

Summary HTTP 180 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 27 domains to perform 180 HTTP transactions. The main IP is 91.218.214.81, located in Ukraine and belongs to QOS, UA. The main domain is pogoda.ukraine-ru.net.
TLS certificate: Issued by R3 on January 25th 2022. Valid for: 3 months.

This is the only time pogoda.ukraine-ru.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	91.218.214.81 91.218.214.81	42352 (QOS) (QOS)
27	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	91.218.214.82 91.218.214.82	42352 (QOS) (QOS)
1 3	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
17	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
11	95.163.114.203 95.163.114.203	12695 (DINET-AS) (DINET-AS)
1	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
9 12	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
5 11	23.52.162.21 23.52.162.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 7	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
3 6	34.227.203.141 34.227.203.141	14618 (AMAZON-AES) (AMAZON-AES)
6	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2006	15169 (GOOGLE) (GOOGLE)
9	2600:9000:202... 2600:9000:202c:c200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
22	34.205.1.191 34.205.1.191	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	62.109.14.161 62.109.14.161	29182 (THEFIRST-AS) (THEFIRST-AS)
1	92.63.105.49 92.63.105.49	29182 (THEFIRST-AS) (THEFIRST-AS)
1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
2	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	217.20.147.3 217.20.147.3	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	94.100.180.54 94.100.180.54	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2 3	96.6.28.196 96.6.28.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.5.239.194 23.5.239.194	16625 (AKAMAI-AS) (AKAMAI-AS)
180	34

10 91.218.214.81 (Ukraine) 1 redirects

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua

pogoda.ukraine-ru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f8b0:4006:80e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.218.214.82 (Ukraine)

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua

s.ukropen.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:817::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.163.114.203 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:81f::2001 (Queens, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2002 (Queens, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.65.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.52.162.21 (New York, United States) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.67.179.166 (Secaucus, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.227.203.141 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-203-141.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2006 (Queens, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:202c:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2004 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.205.1.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-1-191.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200a (Queens, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (Queens, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.14.161 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1007.ru

jaclick.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.105.49 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1010.ru

grsync.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

static.tnsis.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Moscow, Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.147.3 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip3.147.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.100.180.54 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.6.28.196 (Secaucus, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-6-28-196.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.239.194 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-239-194.deploy.static.akamaitechnologies.com

sale.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	542 KB
37	adsafeprotected.com 3 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 660 static.adsafeprotected.com — Cisco Umbrella Rank: 500 dt.adsafeprotected.com — Cisco Umbrella Rank: 458	288 KB
34	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	205 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	10 KB
11	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 115237	73 KB
10	ukraine-ru.net 1 redirects pogoda.ukraine-ru.net	84 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	7 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	191 KB
4	aliexpress.com 3 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 25735 sale.aliexpress.com — Cisco Umbrella Rank: 40001 www.aliexpress.com — Cisco Umbrella Rank: 21909 best.aliexpress.com — Cisco Umbrella Rank: 75224	6 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926	51 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	gstatic.com www.gstatic.com	13 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	188 KB
3	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7964	2 KB
2	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2710	488 B
2	mail.ru connect.mail.ru — Cisco Umbrella Rank: 49613	1 KB
2	ok.ru connect.ok.ru — Cisco Umbrella Rank: 19870	4 KB
2	vk.com vk.com — Cisco Umbrella Rank: 5382	957 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 13075	914 B
2	ukropen.net s.ukropen.net	90 KB
1	click.ru af.click.ru — Cisco Umbrella Rank: 150911	884 B
1	tnsis.ru static.tnsis.ru — Cisco Umbrella Rank: 139659	490 B
1	grsync.ru grsync.ru — Cisco Umbrella Rank: 149302	319 B
1	jaclick.ru jaclick.ru — Cisco Umbrella Rank: 150052	48 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	646 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
180	27

	Domain	Requested by
27	pagead2.googlesyndication.com	pogoda.ukraine-ru.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
25	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pogoda.ukraine-ru.net pagead2.googlesyndication.com
22	dt.adsafeprotected.com	pogoda.ukraine-ru.net googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net pogoda.ukraine-ru.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
11	w.uptolike.com	pogoda.ukraine-ru.net w.uptolike.com
10	pogoda.ukraine-ru.net	1 redirects pogoda.ukraine-ru.net
9	static.adsafeprotected.com	fw.adsafeprotected.com pogoda.ukraine-ru.net googleads.g.doubleclick.net
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
6	fw.adsafeprotected.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net pogoda.ukraine-ru.net
4	mc.yandex.ru	1 redirects w.uptolike.com pogoda.ukraine-ru.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	s0.2mdn.net	googleads.g.doubleclick.net
3	counter.yadro.ru	1 redirects pogoda.ukraine-ru.net
2	api.pinterest.com	w.uptolike.com
2	connect.mail.ru	w.uptolike.com
2	connect.ok.ru	w.uptolike.com
2	vk.com	w.uptolike.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
2	s.ukropen.net	pogoda.ukraine-ru.net
1	best.aliexpress.com	jaclick.ru
1	www.aliexpress.com	1 redirects
1	sale.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	af.click.ru	w.uptolike.com
1	static.tnsis.ru	w.uptolike.com
1	grsync.ru	w.uptolike.com
1	jaclick.ru	w.uptolike.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	pogoda.ukraine-ru.net
180	36

This site contains links to these domains. Also see Links.

Domain
ukraine-ru.net
tv.ukraine-ru.net
ukropen.net
www.liveinternet.ru
comissionka.net
medic.ukraine-ru.net
recept.ukraine-ru.net
uchil.net
games.ukraine-ru.net
uptolike.ru
promopult.ru

Subject Issuer	Validity	Valid
ukraine-ru.net R3	`2022-01-25` - `2022-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
ukropen.net R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
uptolike.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
jaclick.ru R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
grsync.ru R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
static.tnsis.ru R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
*.click.ru R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-04` - `2023-04-03`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2021-11-01` - `2022-12-02`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
ae01.alicdn.com DigiCert SHA2 Secure Server CA	`2022-02-10` - `2023-02-10`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://pogoda.ukraine-ru.net/
Frame ID: 1F92B062047AA85A5E8AE4C934E26BF6
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Frame ID: 531DB27EA15CD3834855951CF0D70D13
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&adk=1812271804&adf=3025194257&lmt=2145830155&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287458&bpp=2&bdt=622&idt=180&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2048367694771&frm=20&pv=2&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: 1855D4915622E51FE889CF333F599F26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=3588316316&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287460&bpp=2&bdt=624&idt=202&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EWLutgBaBk&p=https%3A//pogoda.ukraine-ru.net&dtd=207
Frame ID: FAA00AD6A5759A3EC213B00B83D02A0C
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187
Frame ID: 235F5DDDF1C19C144CC9AE0F28922B44
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=600&slotname=7967969422&adk=871599438&adf=3780727132&pi=t.ma~as.7967969422&w=260&fwrn=4&fwrnh=100&lmt=2145830155&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287495&bpp=3&bdt=659&idt=180&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=JiaTE4aCfh&p=https%3A//pogoda.ukraine-ru.net&dtd=183
Frame ID: EEF52B0F9D6CBDEEE1EA871E4E812EF3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUDsiC_4IiKdNKxaRj3wXSGW9K4PpfgKB1PT6pYeoBzvYJR1kA_R4rENUKxy3BhiLTERK2f4wZcPxhU1dBdFJ0TmlNQdw
Frame ID: ACC53BD1B158A0DEFCD200BF38E7BD36
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUGaV3ShCsZQLPfm_L3QTKUKZBPXbyG9BJZyZm37REs_2Fueqwsf-SwbFOrloC7OBfsvp1GD0l0JV0tO44MnIsruDhxkQ
Frame ID: D7D97A821975379BE7DF6AA8CF1465FC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4E35982DC33967445807C350438DA728
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 61D69E9823D877D8EE48BDE945E9F6EE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D40267F25C8E4309D1F6BE50D5E01DA2
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: DC183D3E451434F9C3AEC12FB1024834
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 14B126C677CB19AFFDD714CEC3FC1FE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2B9F5AFADDBB1A1D60DFC0112C98F508
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 66C8D538CB507020A616E24EB6520668
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUJ64oY5TvsPJbsCIFr05SaOfwE7Bik1e5WIW6W4qKrw3Dscw2tONdeuRmnkj_I3BiFABi418AGas2et2g1e53A83vBDQ
Frame ID: D355D6721491925603BDEDA4BF252C3B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUvBi_xPZX3ECAVT2w36okNambF_wl2IUYjouDs_qdEoZgTvPNGzgqB9g5TNYV4UGA7hoqsyuRzI6u0QHX8GN2Ls81VblaNBhyUJn7PQxYiAPQRgSMJsM8Y_yDArEDHVU5SxnDXvRGz6mT_wkNhtG-1FIkCg&dbm_d=AKAmf-B6nuLcyPDaFMBK26ZdDWQ4wDttHUTY3RAtgIn3TCHWTgVtrYokPJZqThLyVVWqaWqCwemBGPRNN9EpSE5socQ_eMb5MwW5CvLXw0CgcS0X1JFn_9oSeHoVsDdOXseweuA14w9NrZBD7ecUlAIecD09K415INL8pxpsnqVMtHqLFn93BFQYErKIXOqXNIUeRkxi6UAvUvNRz_44E5wbwA0-lqdw4Bhj0cUJNVeT3GL59IbttmZcf_TOrNyrsnGbQeV0QCaXpCKLaz7rA8oGO-mZnaUKfRL9G91GVarb2a7F0DDtT-VGz5NwiqaEAE32oLNyATdVA85U8rm_WhrC_66sPtI2xAy8HAomkOUWzRZ5mmqjo62os5wRl449kqGn08m1u_qxM0TD0uNXhdQ48amPsfQxfdamElXzEzJ6CNMUDupG1nThUyWw2f5HRL6U_6qEhKp9JletVwFsmhDXsQF7M-7Yo8aUmxvnepSXpvpNCb_hAfluE6rsHzp2xUN5AJSqeYEdGL_qok7v1uqM3n6gaGU0PPqgIrYaZfIgIy3HQ-WABmoOkyFMapfb7AArnrJ8jBtTJxu_x7ZUAvfDQ-l7wdUOM_UcaOYZwvP6F47enucXAuTh4Uhzyrn8xQAZSe0NhtrRlu-lE8KbhdcRi7UnyL-2X7nVXv3NuOgfJJ-Sy9pQb1XBFG6pclsvSIMpG7_aIr0lkYz0ngfKiMxI6PIeH66noV9_Ipwpru31gfNOZE8tnYNeez1Nw96TFEptZ2faCAYFE_oQ0byaW00OhV2_rLSCUQS1M8CPhIkhazheQVhDtzJ0Gf6Z04PQ1L9IbooQp0_1UXUOlfB_xqpvaxNA0KH6M9S-tml0ZzQayeSvRF0HeODjZjy0IReyEJB31t2BJbn4eQlBy8Q7VLawJLKhNu4LPukMtOmfQTakAvuGNmY9iAub54n97OIjpgcNWcLf7JHZJCyfzgbYqUdbDJcM-B1HaWiCpLczgX4gh86avTvsHkqv_nMtEj-nL959nk5VWVW9xDEm9V-sEWFj9OOd0H7olo_AbD2-99e-TVNUCtGzG0TTZxPD5dM_NgHUo7qcEFGM0dFim4nyjVKOuInJqK5pofCrTuaWqXgNkoRlRLlJIwo6bkpLaV9pBEySXW14ytlFgn3Ob-IV7O-cHyXEtvtIc6YRqM-EOeT2jvBqbPADCa-ToXoBWbOYD3uYDB3-ZaN4UihuRN_ne8RO5Kp4majbxWWD-s2qoTXu8UPlj7Q95EndY2CkKPLIiicg3BCEr1ePq_WVnOadyof1BbGG1I1fitOWYzeBF1TtHOWnPpV-Si9GwcJj33zdISXT_EPJqpW8XDK7_DojxlcIacSXL_WFHReDu4RotBWRioKB6RcwFZrmn--aVCSe8wZcNRBW4HRHDvu52grL3Pp8pqBqmsnooNOrTZTud6C9dTqOh1KvsKkSelZjw74UArZN45eezb9YQfZ0-gdppas8Bq_wOuKgW3UbKafLvoUEI1nizyuzTViYxXod6O6DwX4pFFGPgaQaIq2mBmqRq1p_SBpCz61rnRMv7it0m6cpJ_Q4l5nJt1hx63Leh_9gfkBJU4NPEoAunk4dYKOuP5aPSNnyLqZ2dTMAhVD515Ef0w9LDU82-DzfQ0GBkihzReiMhTxulOcaoezwM1Gy0gVnPP8yksk5f6GPmL8T-aomq68uwyNj36bsqMiLTJkpKOdPX9gcbI47ZPg3kYqqCHQAoSVE5w0Tv7dLesLeZvg_kMf469HyPfzDkyycwAqTA5lzkcoIHr_IcvTgssskjPzbaVAbka0rpW_CPAU2FKk_oYzFr05cmAuWyfsabIsH4bukFREEonol8qJggiIigTkhXKBoFGPUAGs8C2ZRXmiNH_sBGa6sNEXIZ6bNXW0S5NbHWQcJp4UxgDaKQrp1rVwQ8e62LzW3ri8du036X7tiOJg17c9BL3wmt0gyskq9LzBYvCXS9vr_L2BiQRKUuJQow4OpZKSGhXi7aFkea-KHupKlQ4fLPF2uwZmzGq189XpG-1sMEtDGIng5IHQ76y_uv57nkqmST5kQmhs3lsp5QcDKSXXHVhIzWmoALPY-vRc8M1Osg_eS-xQcfsFvFO9pHOAy6sOyL2ARq4uphyzDIhJKvD7CMnqgnXkJz-Xmv9iMp1quQfgsIm81WIgQcqddTBuyS1K13ONgDcjZpUdo6YSScj5K9vIaV5eq4zvuEi_2Ohc27MTV5YswN2xZ_uYdBgpwqu4WonQQHKzM2ghkn2TbaOtRhY5-pQq_0nuyHY7DrhqZoI9vCgovV3cVv7zYcPvkLwgyItwa0ITLg_HHH_P_MIQaF_D8SnT1cK4IchEBHQDL53MU-fTGBBw6HC908usPYGu7o85g4fiLua7mMWb1RcDf7FYTvbMG_NkY6FMPtOwm8AEYkTMcZbPOccR4Y1veM99zC9zGDjedicLx0l1tQWoRsRHhIrw0lkI_35_lYN1tBkoSyRzkIOD3VP9bjS6WKDRdIZXposdZvJS9FgJwT8TykhfZVhz9nY5z1Nrkc729oJ-lGiNoC12Op4wtzofTYGY-pIB5xwegNE_7hWfoZ6nejPJQfYUZkc4fCFZ131Yth6Z2kJsz45kgqbjeBqxwY5OxdsIt3tCDKAzprxWYEY3c6zXt7Hfg6F2eokZF5glFo1zD36gyIUhTqaxWtWPamwEtBIrsv3VNYTtQo_t-2tREh5m35LmSbqZ7fuJMHAza5ffI-hfOKYzSt5xNKW26u6j6zAhxpoIeigfsigNEsNt9Q2S7jVFT8absePzNafVeMslSjsHEg0qrq5dJaLT76B2oY8ZVmrWEonXpyPWiElKUQZttFUt9Vmll1KAVBAxheDwv9uZS77zhnH-bX4p83XI9bxd--sF7bpJo2VlU-Dgtv3878Z-xzH7_umI-cdsvdrff2LYNhxSqxmAOO4tURX0aTxlODh3IFhkc_aSmiogjWcp7yM9er2kYPkYOX0xP6ohy&cid=CAASBORoJHk&rfl=2%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240
Frame ID: C78CF2F4D8D7F75F4C027013047430FA
Requests: 25 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Frame ID: 9E53B1EC16C991678C5D1CB9FED7F9E8
Requests: 11 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
Frame ID: AF2F8906C02F5D0CA554E4FA5287FCA1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: A65524FD8B2C9FA194135DCC28B65634
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 624ED2126FA0D8EB1B822FEB5FD33428
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA1613AF02246A2995E742A842E85EFB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 2C578068D510377B8860487489F2BE4D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 3EBB8E6F452751263EA04C7A85DC5223
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 1518F30DB65FBBC9B8469BBDEBEF0AE2
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?lan=en&aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&terminal_id=e970e18111804f63b601b05cf02bc3c3
Frame ID: A9A0E41A8BCC97459A4C6B320EC63D89
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CEE063D2FFD327883C25C883C1B5CD83
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9BEA2ED5D03AFF4E56B37A2CB7858DA2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Погода в Украине. Прогноз погоды на две недели. – Украина по-русски

Page URL History Show full URLs

http://pogoda.ukraine-ru.net/ HTTP 301
https://pogoda.ukraine-ru.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

180
Requests

91 %
HTTPS

38 %
IPv6

27
Domains

36
Subdomains

34
IPs

5
Countries

1823 kB
Transfer

4533 kB
Size

31
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://ukraine-ru.net/
Title: На главную

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=imeniny
Title: Именины

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=prazdnik
Title: Праздники

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=horoscope
Title: Гороскопы

Search URL Search Domain Scan URL

URL: https://tv.ukraine-ru.net/
Title: TV программа

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=login
Title: Войти

Search URL Search Domain Scan URL

URL: https://ukropen.net/reg1

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click;atlant

Search URL Search Domain Scan URL

URL: https://ukropen.net/share.php?url=https%3A//pogoda.ukraine-ru.net/

Search URL Search Domain Scan URL

URL: https://ukropen.net/
Title: Соц. сеть

Search URL Search Domain Scan URL

URL: http://comissionka.net/
Title: Объявления

Search URL Search Domain Scan URL

URL: https://medic.ukraine-ru.net/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://recept.ukraine-ru.net/
Title: Рецепты

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=curs
Title: Курсы валют

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=top
Title: Каталог сайтов

Search URL Search Domain Scan URL

URL: http://uchil.net/
Title: Рефераты

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=imena
Title: Тайна имени

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=dream
Title: Сонник

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=lady
Title: Девушка дня

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=test
Title: Тесты ON-Line

Search URL Search Domain Scan URL

URL: http://games.ukraine-ru.net/
Title: Игры

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=anekdot
Title: Анекдоты

Search URL Search Domain Scan URL

URL: https://ukraine-ru.net/?set=content&mc=category&ide=3
Title: Приколы

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=
Title: Uptolike

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=ru

Search URL Search Domain Scan URL

URL: https://promopult.ru/ref/9c0d1fe44f8f79c7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pogoda.ukraine-ru.net/ HTTP 301
https://pogoda.ukraine-ru.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://counter.yadro.ru/hit;atlant?r;s1600*1200*24;uhttps%3A//pogoda.ukraine-ru.net/;h%u041F%u043E%u0433%u043E%u0434%u0430%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435.%20%u041F%u0440%u043E%u0433%u043D%u043E%u0437%20%u043F%u043E%u0433%u043E%u0434%u044B%20%u043D%u0430%20%u0434%u0432%u0435%20%u043D%u0435%u0434%u0435%u043B%u0438.%20%u2013%20%u0423%u043A%u0440%u0430%u0438%u043D%u0430%20%u043F%u043E-%u0440%u0443%u0441%u0441%u043A%u0438;0.1265571102402001 HTTP 302
https://counter.yadro.ru/hit;atlant?q;r;s1600*1200*24;uhttps%3A//pogoda.ukraine-ru.net/;h%u041F%u043E%u0433%u043E%u0434%u0430%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435.%20%u041F%u0440%u043E%u0433%u043D%u043E%u0437%20%u043F%u043E%u0433%u043E%u0434%u044B%20%u043D%u0430%20%u0434%u0432%u0435%20%u043D%u0435%u0434%u0435%u043B%u0438.%20%u2013%20%u0423%u043A%u0440%u0430%u0438%u043D%u0430%20%u043F%u043E-%u0440%u0443%u0441%u0441%u043A%u0438;0.1265571102402001

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELCVzfetU1A2SXhS1IZtPvU&google_cver=1

Request Chain 32

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiVya8ATcPLTgKAB-G3PywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

Request Chain 33

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBU2T6SxNVl8G-yoLnHBnhI&google_cver=1

Request Chain 34

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

Request Chain 49

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiVyawJNHLDg3WUhrW0yUAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1

Request Chain 51

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://fw.adsafeprotected.com/rfw/st/775912/56026695/skeleton.js?adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9597361933989050%26output%3Dhtml%26h%3D90%26slotname%3D7878197618%26adk%3D3124643992%26adf%3D3588316316%26pi%3Dt.ma~as.7878197618%26w%3D728%26lmt%3D2145830155%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.%26dt%3D1646621287460%26bpp%3D2%26bdt%3D624%26idt%3D202%26shv%3Dr20220302%26mjsv%3Dm202202280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2048367694771%26frm%3D20%26pv%3D1%26ga_vid%3D1841803725.1646621288%26ga_sid%3D1646621288%26ga_hid%3D1263334512%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D300%26ady%3D78%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42531397%252C44750774%26oid%3D2%26pvsid%3D1756453267620691%26pem%3D804%26tmod%3D1633179037%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DEWLutgBaBk%26p%3Dhttps%253A%2F%2Fpogoda.ukraine-ru.net%26dtd%3D207&adsafe_type=d&adsafe_jsinfo=,id:9004f30d-f87f-ac22-8ae8-02fc56651199,c:68Kvpl,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-846bd6759f-mmkx6,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:172,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C141%7C142%7C151,idMap:13*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:188,oid:06f2156d-9dc1-11ec-a319-a6615d57a77a,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 81

https://fw.adsafeprotected.com/rfw/st/775912/56026695/skeleton.js?adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9597361933989050%26output%3Dhtml%26h%3D90%26slotname%3D7878197618%26adk%3D3124643992%26adf%3D223692363%26pi%3Dt.ma~as.7878197618%26w%3D728%26lmt%3D2145830155%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.%26dt%3D1646621287486%26bpp%3D8%26bdt%3D649%26idt%3D184%26shv%3Dr20220302%26mjsv%3Dm202202280101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C728x90%26nras%3D1%26correlator%3D2048367694771%26frm%3D20%26pv%3D1%26ga_vid%3D1841803725.1646621288%26ga_sid%3D1646621288%26ga_hid%3D1263334512%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D300%26ady%3D1568%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42531397%252C44750774%26oid%3D2%26pvsid%3D1756453267620691%26pem%3D804%26tmod%3D1633179037%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DTVO6gh0YBa%26p%3Dhttps%253A%2F%2Fpogoda.ukraine-ru.net%26dtd%3D187&adsafe_type=d&adsafe_jsinfo=,id:41a57368-a9d3-eaac-c931-59d4b78e8559,c:68KvpF,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-846bd6759f-7b2fb,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:126,fm:sZmn89G+11%7C12%7C131%7C132%7C133%7C14*.775912-56026695%7C141%7C142%7C151,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:132,oid:06f8a4f4-9dc1-11ec-8b4a-2616a6318b60,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiVyawJNHLDg3WUhrW0yUAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1

Request Chain 111

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

Request Chain 135

https://fw.adsafeprotected.com/rfw/st/775912/56026695/skeleton.js?adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220302%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220302%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-9597361933989050%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DbSPkTxdRfy%26p%3Dhttps%253A%2F%2Fpogoda.ukraine-ru.net&adsafe_type=b&adsafe_jsinfo=,id:1693bb3a-f066-3d09-884d-bcfdd8c5c8b9,c:68KvCi,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-846bd6759f-xtrh7,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:209,fm:sZmn8kX+11%7C12%7C131%7C132%7C133%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:216,oid:075989cc-9dc1-11ec-95ab-3e14c513b7eb,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 155

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A2235%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1476245222866%3Ahid%3A671692303%3Az%3A0%3Ai%3A20220307024813%3Aet%3A1646621293%3Ac%3A1%3Arn%3A555998305%3Arqn%3A1%3Au%3A1646621293817914484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646621285216%3Ads%3A0%2C398%2C165%2C1%2C1051%2C0%2C%2C685%2C1%2C%2C%2C%2C2302%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646621293%3At%3A%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%B4%D0%B2%D0%B5%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D0%B8.%20%E2%80%93%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%20%D0%BF%D0%BE-%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A2235%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1476245222866%3Ahid%3A671692303%3Az%3A0%3Ai%3A20220307024813%3Aet%3A1646621293%3Ac%3A1%3Arn%3A555998305%3Arqn%3A1%3Au%3A1646621293817914484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646621285216%3Ads%3A0%2C398%2C165%2C1%2C1051%2C0%2C%2C685%2C1%2C%2C%2C%2C2302%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646621293%3At%3A%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%B4%D0%B2%D0%B5%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D0%B8.%20%E2%80%93%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%20%D0%BF%D0%BE-%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 172

https://s.click.aliexpress.com/e/_9yIqiT HTTP 302
https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&terminal_id=e970e18111804f63b601b05cf02bc3c3 HTTP 302
https://www.aliexpress.com/?aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&terminal_id=e970e18111804f63b601b05cf02bc3c3 HTTP 302
https://best.aliexpress.com/?lan=en&aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&terminal_id=e970e18111804f63b601b05cf02bc3c3

180 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pogoda.ukraine-ru.net/
Redirect Chain

http://pogoda.ukraine-ru.net/
https://pogoda.ukraine-ru.net/

31 KB
7 KB

565ms
166ms

Document
text/html

91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to

Full URL

https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

562e49887f984651ee8ac896f68440161afb0b6adb9da48ca89d97650780fae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Server: nginx
Date: Mon, 07 Mar 2022 02:48:06 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: close
Pragma: no-cache
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 07 Mar 2022 02:48:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://pogoda.ukraine-ru.net/

GET
H/1.1 200
OK styleua.css
pogoda.ukraine-ru.net/templates/BezPaleva/ 34 KB
22 KB 557ms
294ms Stylesheet
text/css 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to

Full URL

https://pogoda.ukraine-ru.net/templates/BezPaleva/styleua.css

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

61e14583e403b97aef81bcbe30e37855608095b2da8c383382ab57ee7d9e08dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: W/"5cc9486f-888b"
Strict-Transport-Security: max-age=15768000
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK floating.js Show response
pogoda.ukraine-ru.net/ 7 KB
2 KB 404ms
135ms Script
application/javascript 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to

Full URL

https://pogoda.ukraine-ru.net/floating.js

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

6a8c39c9daa9b79fbab643763fc325527dc6d770270383d4dcacbb62e5fc08ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: W/"553a1e43-1b2b"
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 102ms
55ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ede2c95eb5708b915170060d3df0f8f740f4615bdfd457993a84550479b9c1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53889
x-xss-protection: 0
server: cafe
etag: 4875410328461510871
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Mar 2022 02:48:07 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 82ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1646621286.dop032.dc2.t,1646621286.cds074.dc2.hn,1646621286.cds164.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H/1.1 200
OK partly-cloudy-moon.png
pogoda.ukraine-ru.net/modules/weather/wimages/ 8 KB
9 KB 3362ms
3102ms Image
image/png 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pogoda.ukraine-ru.net/modules/weather/wimages/partly-cloudy-moon.png

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

724e2886a2225575c26b3bbbde05e0ebd91c639d35d9c02d235efa137ed9cbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:07 GMT
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: "51100bf6-21b6"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: close
Accept-Ranges: bytes
Content-Length: 8630
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cloudy.png
pogoda.ukraine-ru.net/modules/weather/wimages/ 8 KB
8 KB 3345ms
3088ms Image
image/png 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pogoda.ukraine-ru.net/modules/weather/wimages/cloudy.png

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

1b4fe3cd5fa87810dabeea8a2380244584b3c6e54bcf885fb70c4463fbc03b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:07 GMT
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: "51100bf6-1e04"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: close
Accept-Ranges: bytes
Content-Length: 7684
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK clear_moon.png
pogoda.ukraine-ru.net/modules/weather/wimages/ 6 KB
7 KB 3472ms
3213ms Image
image/png 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pogoda.ukraine-ru.net/modules/weather/wimages/clear_moon.png

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

725b6c74f4f40de28d5e53aeb25260a74874eed5dd4eb7ff67150f4947a97544

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:10 GMT
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: "51100bf5-18fd"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: close
Accept-Ranges: bytes
Content-Length: 6397
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 803_moon.png
pogoda.ukraine-ru.net/modules/weather/wimages/ 10 KB
10 KB 3471ms
3212ms Image
image/png 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pogoda.ukraine-ru.net/modules/weather/wimages/803_moon.png

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

9007a8bc1cb47cb28cd13d3fe49407570737d0593e1d433dea4efcc64835b3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:10 GMT
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: "51100bf4-2695"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: close
Accept-Ranges: bytes
Content-Length: 9877
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 802_moon.png
pogoda.ukraine-ru.net/modules/weather/wimages/ 11 KB
11 KB 3472ms
3211ms Image
image/png 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pogoda.ukraine-ru.net/modules/weather/wimages/802_moon.png

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

95db4f295cc191f122e95095cc4e5ff603a180dbc10a961a6b0396143e782d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:10 GMT
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: "51100bf4-2a10"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: close
Accept-Ranges: bytes
Content-Length: 10768
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.png
s.ukropen.net/rek_all/uo/ 78 KB
79 KB 3612ms
264ms Image
image/png 91.218.214.82
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ukropen.net/rek_all/uo/3.png
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.218.214.82 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 0c4e44f4ed1e73b204686e87a6bdfa7973b51a1ffdcc9237dfc979365fe396ab

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:10 GMT
last-modified: Wed, 11 Mar 2020 23:28:26 GMT
server: nginx
etag: "5e69741a-139c6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 80326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK goro.png
pogoda.ukraine-ru.net/images/ 9 KB
9 KB 3478ms
135ms Image
image/png 91.218.214.81
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pogoda.ukraine-ru.net/images/goro.png

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.214.81 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

f6fb48d7959c35e6b30c701a16a11f87faf6cc2eb60ac8ea670aac2335aee06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:10 GMT
Last-Modified: Thu, 31 Dec 2037 23:55:55 GMT
Server: nginx
ETag: "555c9cae-2331"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: close
Accept-Ranges: bytes
Content-Length: 9009
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo;atlant
counter.yadro.ru/ 130 B
406 B 3487ms
140ms Image
image/gif 88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo;atlant?39.6

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

ee6f303f28c9a4778ee3e6e0e8b640e0fc6aa526cfc877ba3cc7b0507bddc318

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:10 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Connection: keep-alive
Content-Length: 130
Expires: Mon, 06 Mar 2023 21:00:00 GMT

GET
H/1.1

200
OK

hit;atlant
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;atlant?r;s1600*1200*24;uhttps%3A//pogoda.ukraine-ru.net/;h%u041F%u043E%u0433%u043E%u0434%u0430%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435.%20%u041F%u0440%u04...
https://counter.yadro.ru/hit;atlant?q;r;s1600*1200*24;uhttps%3A//pogoda.ukraine-ru.net/;h%u041F%u043E%u0433%u043E%u0434%u0430%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435.%20%u041F%u0440%u...

43 B
528 B

143ms
143ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;atlant?q;r;s1600*1200*24;uhttps%3A//pogoda.ukraine-ru.net/;h%u041F%u043E%u0433%u043E%u0434%u0430%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435.%20%u041F%u0440%u043E%u0433%u043D%u043E%u0437%20%u043F%u043E%u0433%u043E%u0434%u044B%20%u043D%u0430%20%u0434%u0432%u0435%20%u043D%u0435%u0434%u0435%u043B%u0438.%20%u2013%20%u0423%u043A%u0440%u0430%u0438%u043D%u0430%20%u043F%u043E-%u0440%u0443%u0441%u0441%u043A%u0438;0.1265571102402001

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:10 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Mar 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:10 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;atlant?q;r;s1600*1200*24;uhttps%3A//pogoda.ukraine-ru.net/;h%u041F%u043E%u0433%u043E%u0434%u0430%20%u0432%20%u0423%u043A%u0440%u0430%u0438%u043D%u0435.%20%u041F%u0440%u043E%u0433%u043D%u043E%u0437%20%u043F%u043E%u0433%u043E%u0434%u044B%20%u043D%u0430%20%u0434%u0432%u0435%20%u043D%u0435%u0434%u0435%u043B%u0438.%20%u2013%20%u0423%u043A%u0440%u0430%u0438%u043D%u0430%20%u043F%u043E-%u0440%u0443%u0441%u0441%u043A%u0438;0.1265571102402001
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 06 Mar 2021 21:00:00 GMT

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea65eb116ce326317c6ee709d62eca7210bb1a55fbcb3bae852b780ba0bcc84f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/ 291 KB
105 KB 125ms
124ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6909829af9b2d4ca19892c63a50ad785f839b71c4c09d9917210f8b114f1c1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107215
x-xss-protection: 0
server: cafe
etag: 4681312452235604987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Mar 2022 02:48:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/ Frame 531D 10 KB
5 KB 64ms
18ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Mon, 07 Mar 2022 02:45:45 GMT
expires: Mon, 21 Mar 2022 02:45:45 GMT
cache-control: public, max-age=1209600
age: 142
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 apple-touch-icon.png
s.ukropen.net/ 11 KB
11 KB 3643ms
397ms Image
image/png 91.218.214.82
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ukropen.net/apple-touch-icon.png
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.218.214.82 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 628a4a945c6fa359b8f337c64d1c88b8fe7b3edcd0373df746766b17af15fc89

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:10 GMT
last-modified: Wed, 14 Feb 2018 09:58:06 GMT
server: nginx
etag: "5a84082e-2be8"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11240
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK uptolike.js Show response
w.uptolike.com/widgets/v1/ 21 KB
9 KB 3634ms
137ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/uptolike.js
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:11 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Mon, 07 Mar 2022 03:18:11 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 3153ms
34ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pogoda.ukraine-ru.net&callback=_gfp_s_&client=ca-pub-9597361933989050

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

89295c08df7922a9818830d7fd14a253bce6e20525f51a8df7e07bec9dd55916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 3176ms
36ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=pogoda.ukraine-ru.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 3148ms
34ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pogoda.ukraine-ru.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1855 173 KB
50 KB 3583ms
3281ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&adk=1812271804&adf=3025194257&lmt=2145830155&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287458&bpp=2&bdt=622&idt=180&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2048367694771&frm=20&pv=2&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bab2b0ef58b0be011f0ddb9b8d3f539beb09d32222280e88c731d767b33ccc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
content-length: 51056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Mar 2022 02:48:11 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAA0 14 KB
8 KB 3386ms
3085ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=3588316316&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287460&bpp=2&bdt=624&idt=202&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EWLutgBaBk&p=https%3A//pogoda.ukraine-ru.net&dtd=207

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccd08d7f9535fb61b813fe10ee1e7050b508114c38bde7ddc02809f90803b68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
content-length: 7556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Mar 2022 02:48:11 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 235F 14 KB
8 KB 3460ms
3159ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd805653ca70db53ab380c2d9d98bd8b97dfe76f545b37c5ac50c7dd4757ef92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
content-length: 7536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Mar 2022 02:48:11 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EEF5 77 KB
30 KB 3581ms
3280ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=600&slotname=7967969422&adk=871599438&adf=3780727132&pi=t.ma~as.7967969422&w=260&fwrn=4&fwrnh=100&lmt=2145830155&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287495&bpp=3&bdt=659&idt=180&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=JiaTE4aCfh&p=https%3A//pogoda.ukraine-ru.net&dtd=183

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e845e1831b8bbd16bbb4f7a9156ae16f3cf598b9a8b75e851462e9db124c7441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
content-length: 30401
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Mar 2022 02:48:11 GMT
cache-control: private

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAA0 42 B
63 B 78ms
78ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7Qi9sTHofrMBiWngFjA1kf7ZyE9XJwKt6l5qoYIoZ26BBqpWd7LNYOljE3YAKkpttbDFnbz6Ys36P5Ac8wMi2ofMmae7xCmkikbqr99x9_FXZR7w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=3588316316&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287460&bpp=2&bdt=624&idt=202&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EWLutgBaBk&p=https%3A//pogoda.ukraine-ru.net&dtd=207

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame FAA0 2 KB
2 KB 68ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame FAA0 15 KB
6 KB 68ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAA0 124 KB
39 KB 96ms
49ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ACC5 624 B
300 B 40ms
39ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUDsiC_4IiKdNKxaRj3wXSGW9K4PpfgKB1PT6pYeoBzvYJR1kA_R4rENUKxy3BhiLTERK2f4wZcPxhU1dBdFJ0TmlNQdw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=3588316316&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287460&bpp=2&bdt=624&idt=202&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EWLutgBaBk&p=https%3A//pogoda.ukraine-ru.net&dtd=207

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FAA0 68 KB
31 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiV1fgezhW6aDUWTrMEpo2w4MWOvPDHM_MYUkweydJjADHp4OVD-Fy8-C8t3_rLOI91r51dNr09loRte_BMrvexmwlYNoV5Tf7QXEl_oGhVLo3j74r-6W-bE5lwB36sNZjJGny8tASOJZ6lmU8Ylt3jQWIag&dbm_d=AKAmf-Bkyc4u5XqGJjKB7wT4GtmM62CdLj44UNFH63YCHV9w9HNeBaSsDN_Z5yBB1UC2XIX8KE5ai0ICdjo1VvaDxzIgceLO9bucBhc-dPaSiHzYLGO7HicWaFBbtMFicOX1FWKJjtar9LOag4MnCX_RIr8Q_Sk-yJx0h59YigwD6ffAn_xP8EZ22jlvLyJSLdUoaqVtp2FURsB1T5c6FbQfI8OrmzCzPOS7YeAmOSr6yx8JOwirYLRHe4hM6Hyfsbi0F4HlrNd2xR2QaAJpKxX6uHU8z9Izt15PiN575al5XTd3dZfs57BheVKhrMJP5GEf73Uqo95Dz_eKXPUwlQfJiS2D3y9sH2jpGT82bHAhD0E8AZDmOitHdbd43r_SZJZOsNefDV1leez0ybZCzNPznpLvOkwohoNkh-wV9dNRMrX1OkIZ-qtKA9HyrN16oBdnbb0f4eN5Kudq9F9_B9mjkEQX2hHj1xgDH-MmIPZBUcut2Z2-H0cKEJ0cB1cA2TLc6cZJabLupFFahYf76ErG_zrIzSJ4qqf0T5tZGS1sUA-7WDofW8GO79z0deXi-6R1xFu8a8FujtVCNVFFpwPwGHoFPZIaruOpR6Wp2YLzzc8bYLALpzOcjdSUbq10BSz__AGyL9Mr4dPtO9sdfHemy-lDZxsVumOyLUF5gfItQl87e2PDNgaSh9h5hJLC11k1yDxTGkfsMXLK40zOPEvZVy37d4ODkrd7MC7ub_mwFm0maZd7AeOzlbJ2NnTdrybnD997EkvBXeS2PVK3ccBMg7PhAImc1MhAhPBzW2Zg2ADktp9i0SA2lYg_64mQ3A74SHXXs3ZpqRSq82gQBKc2bGBxYhY3ZCcslpcyDprX52hZkvL3VL_QjZQt62D7WFoaunA1F3h9xV2XRxdgSZ633uTrWgDGNCsZDY99ftYMr8liJW3JadE9K-bv4iZAC8NeOYtjpAja48iKQkOnzmZYFz6Ymzwxh8K6pXTdyias2FhnAnfWfKAEgN-_Hvr77a2rmj42KRZ3Os2QnXM5GQqblMomnTIIhRrCuzr0CFiNGuhvdxOhCXZU3tNrh-j5iGvZjJOEVqM0z7Ge2M5ziAcivJEZyiVGks2TFaNnMxYXPtmr5mNy9OmaqaUu51y63HHve-eQip_UOIiw2T-9v4CgvjIPhUsbFQ8DXSM02xNVEiy-X9oaUb9G3zzi4DV9HPp6nWefMEtEk1_XzfyvT46PBs0AdBdURf3s5_H8o1xPQNsbQ2-2AaCAV9BmEFF6HldcInbdTzD0IqnN0F0YH8r7A7EY3z-nY6r-f9D-T-f8qUZIiUlN4G1SuU4CsuPuLlZMA_o3Wu2bDEa1kEG3pRtZHMi0ROU0uoCKtIn_0sMwnmnouoS93pG-wzdoJLKYI5dXqwjheTu2phZT6fUqgP8Iit8_hunCad-E7aYG3KEe3ftwIW50gjf0cUt9FTfqFbrmb23cFQQEf1j_l0MiavEIyw59gWFFEpAbC5mR8bk3zE1cWL0JiBGzOBj5JR60f5i1HAkGCotQ8t1-vjBX-kS5XKz4LF1C1-d7593I5Nh-EH1YPYVaT5ujMSvRlM1oDq2iK9WJLF8z26TKIqNd0hK1lRwoTuMBiPey6c6VIvbnllpTCFG8gueV5e9ORpkuzAH_Fv0V30gRtsODgLgzzZZ4rE4ixOBmGRRPiyupUrH3Qf84z8_ne00-tIA9-rSGYiVZdc8GA7LWBr_-ztXXLRLIVhYi-67MgUTkLNhYYaASr5oUdluqR7nYQtetoDGn0C-KJmmA7Uo8NPdvKfOY0IeUSqrSkizc1tWdDbJckajUe2eqxjyhmBaqDe6DwmHO7CXMav_m_3e5zkwxfWZ8ltyEWkGOe_HXDU2oItSeP0RRmWMtMJr2RE9x8i1TinspfREZ8z6wceZwcD1bI_REKH2hIdSF7WOtvA6OQeecLjm2rncPhGRuAPvXIxJyw47YFa-UHeCTYFeNgXzRFHjfPey9qnLX_wgqnXGQ9mIHG5GtIemifUedvvTEo8qr-tetujKc0gyjOkcLSVb4RwZeY9yn8pwtTFEktwbANU8IwuGWcrmF_G3ePs3iHwKAAnuTkVExAqnEgUlWQd6a_4vmNxQjHjleB7KeZjYdq-2X66D9QzWGhiTo70FfoCBVvkGwtLrxDW5OJRY1ba0moS825ZHLzu66vQl25Q7BmzeiklsHZPaOx0ntryjgvum3D4qXPZQQPVtYcEv8uzXJbRW7ghd4m6YeE4iMmb5ofHSYx3N3_oz2jDq3cVuf8HEc5zqWKek6Ao-RfitJAQPrFmEni2ZmfoUq6ne6pWhNZqRqyQ9bL9niw4HGSX2psdCYPiSsit11Nhw9gGKUqiVB1saoKIYKyUfbwjXPd6vf8u5tDnbPfN_hNyyaOuU4yjgFsfy7nMCKeQIbT-g3pdZ7Vdwb-S-KcCilB9SHL1PgD5tMwUPyj4qaNEqK1JX5eCNGeNlZyXG9XBP68z1bmgRKGzx-33Q4b4bKzE2nEAKfUVyIaEY6WIDHFPUwOPa3xsWO-pFcW7P6n9cetOw_x626HyjQJ4BnFw770Sy60c9UnTLVgbErVrhzn69HzPMTIW7e8Ll90GSMWMWlZx6synTL54ULemDaeoaBSEW4qEtvtfIOc7S2IANZxaT7HSZ04uBkIo6zlTEMqD-vJTTIel4bDcaABVP8mYSGUp_7hZ228k5gHpg68nmg89sFfdRqp3f6oAwyAFplyWpu4PRF2Vv9BcNRRR2FaQqczC7nV5bptNlXOHm8cvDuTHK4U7rK9G_NfDQE7aJ3-O-SIgQeN4BN_eWz47fDVagNyy-vG18SLwdC29c0_xTZp8AtbIy5rlq1mcD0i--Y6GLOJxdDR3bUXc6pIi_oWyhcjahwtf94WpgODKNpqwTqOmRYKkqbzgMYQ6NPJuHg0Vj0rpKBnPc9H-taW5Asv72705pOojh4i1_Yx2MPgfwz582h1SXyh9dzIk1Pq5wxvdbpJMBr&cid=CAASBORoLbE&rfl=1%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd663b12134013ce944dbc161fc1f5803ba66027372ba1dc6894a83748692a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=3588316316&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287460&bpp=2&bdt=624&idt=202&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EWLutgBaBk&p=https%3A//pogoda.ukraine-ru.net&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31673
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ACC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELCVzfetU1A2SXhS1IZtPvU&google_cver=1

43 B
1012 B

53ms
43ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELCVzfetU1A2SXhS1IZtPvU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUDsiC_4IiKdNKxaRj3wXSGW9K4PpfgKB1PT6pYeoBzvYJR1kA_R4rENUKxy3BhiLTERK2f4wZcPxhU1dBdFJ0TmlNQdw
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Mar 2022 02:48:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELCVzfetU1A2SXhS1IZtPvU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ACC5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiVya8ATcPLTgKAB-G3PywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

43 B
892 B

27ms
27ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUDsiC_4IiKdNKxaRj3wXSGW9K4PpfgKB1PT6pYeoBzvYJR1kA_R4rENUKxy3BhiLTERK2f4wZcPxhU1dBdFJ0TmlNQdw
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Mar 2022 02:48:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ACC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBU2T6SxNVl8G-yoLnHBnhI&google_cver=1

43 B
1006 B

47ms
40ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBU2T6SxNVl8G-yoLnHBnhI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUDsiC_4IiKdNKxaRj3wXSGW9K4PpfgKB1PT6pYeoBzvYJR1kA_R4rENUKxy3BhiLTERK2f4wZcPxhU1dBdFJ0TmlNQdw

Protocol

HTTP/1.1

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: b11a6629-46d2-4a1c-a986-b15ebf0e5a90
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBU2T6SxNVl8G-yoLnHBnhI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ACC5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

170 B
188 B

38ms
37ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 36aed2b5-1375-457c-8168-c624da2a3d3b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 235F 42 B
63 B 78ms
77ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACC8rLVdBNLQLeGOdyL1kp6jn33Jn4LuySa1w8bLd247CToeS3TvKCXt4QzBLdo07s2i1DTB0LrLXrK0CPUrccl_Kulo4vOsmCP35Pd_CWPo9y42M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 235F 2 KB
1 KB 50ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 235F 124 KB
38 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 235F 15 KB
6 KB 45ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D7D9 624 B
299 B 40ms
39ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUGaV3ShCsZQLPfm_L3QTKUKZBPXbyG9BJZyZm37REs_2Fueqwsf-SwbFOrloC7OBfsvp1GD0l0JV0tO44MnIsruDhxkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 235F 67 KB
31 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANXSR1SeFpWBmq0-k7UBLNe2g0eZVMxeGjyl1u10RzshT3wY4e7q3c-vNbtTgbH5Of1Mu7kO966tfTFZSTZQJ6sH5PIt0BwzjWb641MugIZuZBox-2zKooBi6t1DKjXNx5JSBAzp_7bZaZjwNfCO9r3to4JA&dbm_d=AKAmf-CX25TbnbsPBgD73dZURffRTMSvgec3yiVGelkM9V_z7zlrq6GV2o_IU995zAeIdYB2mw66sYuEHYTcVJB1jePDKH4NfyGAL499SMWHukxGnOnSsDeF-si2BqmWWvI6NsGQI896WA7A7rgoTFyTL3RDL_nORrtFFcECbdZA90BrgtQUBj1blDV3mzZg9rVqMom2tYR3k2mAEA7s1GjXVjKOygNFxA4JTkk_QcuxlAiEWso94IdkX58LBSKp3EvWapkOaQsn1_dB4EnEdrUcfwGS-Z2fh09qQJtmGt-ynuajVfnMNgxyYbirS6sohdaqKNEL2ey-85mo8CgziL4DW5QTEjbuU8HczgnPQWeNjVRkCOP30xUL61VyV9nmrKs5S-kH3rGSp38KWTBRmBw02_gD6aq8hauTFoYYIhsgx2Rk7WGcVCpc9JkZcvsyQxk1rURzEHUP5PD6TJwJedE00nKIgDjuCZoJTjtTvtXeqa5RvUEEM2IH5WcXVs2SabLOC-NuKv_aSy7zTIkQtj7nEWNGiCs5nylYlCZvAYHXdU4utn49jbg04DN4mH0jfpXnvApMLDMZJcoh5IY0aaC0gFByD_4Dr8-CHwrh3g_KXy2pPzKL2Hpx58q46QnP7iDt3ZDjJIyk88ul9EZY6pggOnVq3U7WFwz-lYBRu5IJ61NaZm1q3p3CxvhcjClejWOcyLPgH50ZqapEwwkC2XJWJD7I8tUHZWN6IZ52CTwQWvsJ77HXnTKLOwSpGpWMAmyA4ICxqL1ISYEMb2ZWokqqYG-kBBiX2NEBwfLlUBYzAh4BAg-5ESWxquZUgevNCifWXubeO5f3pMneYq4aXrGTSAehF2iU4QdjRvYdbhqQyYnR_zqUEPPQbbwpUo-8ns9rPLC2c72pyPoofzFTUWAAq4JcXzN6Jab6XCXcw8CrONPTDivbZ8vvdS8XNFCtBfrI2o1UK1uuC8j-vj3mmPUzxDj2sOBiUIPvgZ5YEsNYt2pBzg9K7DPLL0l8feOJessCY6TmN-b-VSy0Rr71x0I0T7NdtnNHEjlpmlqLe9gx2dbvc15JM6juFJKfJpcIFPNvik-YHQv2afbHFYzeIgQ-l_fAO5zXb6ygKtKdh6LYB2T7OfAE5is4yff0W86Spp1P__9EtRSXyOA5MX5R9grS4lIQT36yOnR3rWjlKDgdJDWCv9vK4LQcZSrPrb43f9l_eEGagQr8nVYhfo-NsHsBHT4UItfKZYcJEGSiQX2jm5w8PMFYGv82kTBrwAUeiX9MlpY4chzkFySJ-5sgkBViatLfx7VpX6Iy1pd7s9ISP9o6mOtlh8CvwzrmesL9GDrgimkkDfliEKzn-M87kAJ55TJUOyFZaiCnUgbRtoQe1bd745iDpwPzwn2hhd3ZHZlNOUF5ENO4yhWtF2VeFW9WMIJDRc3bhvbb0hYeEJxMNfo8lnJvjHfuzKWLU64pGBJZLgd4YlltJrd6OYzRL9Y-pbK6vk-gEF3wVcRou6SvsTuH0a8frmeYbz7yzfKkAoGB6m490FmtCv05ygGv1yA444c4CLVXxrRWOhMXV69FKgqauqm8Tko2X5sHfKTbhqUpzMtEgcwHkCAu0aRkbV8Kt3ozKg-TRb4XmHGJjNxKDjWz-TXP9hqhRiqbJWlkSSsYNYbk8cMP-D10XV2qgTVwYeHbfstZ27elJI58HHjvLGn8BqJeYrpsCFc__8iI1U9D9t17bxH_uei-86Cwg3ZhEDPQCmnlpgphRyy37_5ImXntkIL2nQlqXjLXUzUv6z2MVPf80PVxoRWCk9Q1W73_PG_SC3w4WWG1uwBqFGdyl5ig_eNEhfByvA6UFKvJFrkA4vwOKwoqemV2EsCzuut4_E6X2XgsAv-Se9WpEF6xSXPBf2f45AqC6hWYwZQOe49Ms3SGSfNxFGEMlWVIv4iE4czRFPfCMQFnJzfhmjGzkwMd2avkLGUqGlfPtQbSRCnGWyRE3Kw5ZyFbnVp1DSpcMvvxdVZBDwl8Cc57H4akJ_NHOZAELVVm1EI6YKL8Dk6caAekjJzqo7i2drKVQb6fe5O7DlTf2zTPBZEAs0fxNLnSuMKruTs5ZbzQ3zPX9rAgpngSJuCDOfqGXCeYCy1FoVmPB-MONBrZLMlINbtJTfFUmGpCtBb1Rm5YMRee7hS-byv6-EYDBCwV9uu46CpzHuxYpzq6XaO14zQfYTKeqeGDJPB9IhoHtZZUU8Ee87MW7IV1vMW7iUpKC5uNqnqncWyf5HqNobbLKBfe1gFmLoYI9CO1jobd_x2V9wHIt1pnzwdnA3wXN6keK_LNUTMAoFSwk6y5aaigDgQFhHPQ8XfALa9r3h0CEyH_t00JIpVQCxTpLA0VgBQmHuh2ffrapvvDLVQygnx4RQlDuWa02VC5FWRbcgvGbOJnHtTrdOkGoU99u3VgtCuvLynVCi7AFrHJO-gGUpFbJB9fEbETcIZjtA4ojCAM2XkHlLIkTE1PZvyQCNdRjzqD37nqLpLyZt7sU2-xYrsISLnPtvXqMC4o8gTf4Mi-od1b5Rx5fSP8C3s3yV-VM2IJrtlZOayEy3eH--b1cZxVOGY8CnOzCTq1veoKWjTUqiJXgfrq3Bg1G3TZSoWHzN9JSb4Tb0Ho4hb9G3hv6kMKFD-26c2Yek1r9N9HzOn7yM2rJNGehr59p49ZF7XTAIz-SWgTnGSa2ijFy5xt6hh5f5JrM-AQMbbuW9xggWEA4thxGVpcnJOdBiNepQOIxsH0NMBzYZV6Jr2rw8k6z-Ecz-6_Af_ig_FDqCHMg87QHbNehyihZESGl-WLRemH1aA4ye8yoYNwyDUe486PrPKHBxLObZvXfKMgrQlBSHVdwksb7Pk7zBq5fDzq-rOb7cfC6dAPnsQjOFHxI1V1qaGzDyye4KhY6n52_aAWBNFW6IU9Jqj3_pwZBpFcBAvW_OSXg33IqVo7nAlw8tvRhRiTBmpyqIhc8gHX43bkuJM&cid=CAASBORo5mE&rfl=1%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9960fc1dc08725df5c68e46426ca6c301716b7f5875a1edbc181ebebe003cd98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
844 B 136ms
135ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1646621291155982
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 00f4346a262eb819f3caed7af1ca442cc434a21a2e23c3c8ffe42bee5feb304c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Fri, 28 Jan 2022 08:03:17 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/775912/56026695/ Frame FAA0 46 KB
12 KB 84ms
27ms Script
application/javascript 34.227.203.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/775912/56026695/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiV1fgezhW6aDUWTrMEpo2w4MWOvPDHM_MYUkweydJjADHp4OVD-Fy8-C8t3_rLOI91r51dNr09loRte_BMrvexmwlYNoV5Tf7QXEl_oGhVLo3j74r-6W-bE5lwB36sNZjJGny8tASOJZ6lmU8Ylt3jQWIag&dbm_d=AKAmf-Bkyc4u5XqGJjKB7wT4GtmM62CdLj44UNFH63YCHV9w9HNeBaSsDN_Z5yBB1UC2XIX8KE5ai0ICdjo1VvaDxzIgceLO9bucBhc-dPaSiHzYLGO7HicWaFBbtMFicOX1FWKJjtar9LOag4MnCX_RIr8Q_Sk-yJx0h59YigwD6ffAn_xP8EZ22jlvLyJSLdUoaqVtp2FURsB1T5c6FbQfI8OrmzCzPOS7YeAmOSr6yx8JOwirYLRHe4hM6Hyfsbi0F4HlrNd2xR2QaAJpKxX6uHU8z9Izt15PiN575al5XTd3dZfs57BheVKhrMJP5GEf73Uqo95Dz_eKXPUwlQfJiS2D3y9sH2jpGT82bHAhD0E8AZDmOitHdbd43r_SZJZOsNefDV1leez0ybZCzNPznpLvOkwohoNkh-wV9dNRMrX1OkIZ-qtKA9HyrN16oBdnbb0f4eN5Kudq9F9_B9mjkEQX2hHj1xgDH-MmIPZBUcut2Z2-H0cKEJ0cB1cA2TLc6cZJabLupFFahYf76ErG_zrIzSJ4qqf0T5tZGS1sUA-7WDofW8GO79z0deXi-6R1xFu8a8FujtVCNVFFpwPwGHoFPZIaruOpR6Wp2YLzzc8bYLALpzOcjdSUbq10BSz__AGyL9Mr4dPtO9sdfHemy-lDZxsVumOyLUF5gfItQl87e2PDNgaSh9h5hJLC11k1yDxTGkfsMXLK40zOPEvZVy37d4ODkrd7MC7ub_mwFm0maZd7AeOzlbJ2NnTdrybnD997EkvBXeS2PVK3ccBMg7PhAImc1MhAhPBzW2Zg2ADktp9i0SA2lYg_64mQ3A74SHXXs3ZpqRSq82gQBKc2bGBxYhY3ZCcslpcyDprX52hZkvL3VL_QjZQt62D7WFoaunA1F3h9xV2XRxdgSZ633uTrWgDGNCsZDY99ftYMr8liJW3JadE9K-bv4iZAC8NeOYtjpAja48iKQkOnzmZYFz6Ymzwxh8K6pXTdyias2FhnAnfWfKAEgN-_Hvr77a2rmj42KRZ3Os2QnXM5GQqblMomnTIIhRrCuzr0CFiNGuhvdxOhCXZU3tNrh-j5iGvZjJOEVqM0z7Ge2M5ziAcivJEZyiVGks2TFaNnMxYXPtmr5mNy9OmaqaUu51y63HHve-eQip_UOIiw2T-9v4CgvjIPhUsbFQ8DXSM02xNVEiy-X9oaUb9G3zzi4DV9HPp6nWefMEtEk1_XzfyvT46PBs0AdBdURf3s5_H8o1xPQNsbQ2-2AaCAV9BmEFF6HldcInbdTzD0IqnN0F0YH8r7A7EY3z-nY6r-f9D-T-f8qUZIiUlN4G1SuU4CsuPuLlZMA_o3Wu2bDEa1kEG3pRtZHMi0ROU0uoCKtIn_0sMwnmnouoS93pG-wzdoJLKYI5dXqwjheTu2phZT6fUqgP8Iit8_hunCad-E7aYG3KEe3ftwIW50gjf0cUt9FTfqFbrmb23cFQQEf1j_l0MiavEIyw59gWFFEpAbC5mR8bk3zE1cWL0JiBGzOBj5JR60f5i1HAkGCotQ8t1-vjBX-kS5XKz4LF1C1-d7593I5Nh-EH1YPYVaT5ujMSvRlM1oDq2iK9WJLF8z26TKIqNd0hK1lRwoTuMBiPey6c6VIvbnllpTCFG8gueV5e9ORpkuzAH_Fv0V30gRtsODgLgzzZZ4rE4ixOBmGRRPiyupUrH3Qf84z8_ne00-tIA9-rSGYiVZdc8GA7LWBr_-ztXXLRLIVhYi-67MgUTkLNhYYaASr5oUdluqR7nYQtetoDGn0C-KJmmA7Uo8NPdvKfOY0IeUSqrSkizc1tWdDbJckajUe2eqxjyhmBaqDe6DwmHO7CXMav_m_3e5zkwxfWZ8ltyEWkGOe_HXDU2oItSeP0RRmWMtMJr2RE9x8i1TinspfREZ8z6wceZwcD1bI_REKH2hIdSF7WOtvA6OQeecLjm2rncPhGRuAPvXIxJyw47YFa-UHeCTYFeNgXzRFHjfPey9qnLX_wgqnXGQ9mIHG5GtIemifUedvvTEo8qr-tetujKc0gyjOkcLSVb4RwZeY9yn8pwtTFEktwbANU8IwuGWcrmF_G3ePs3iHwKAAnuTkVExAqnEgUlWQd6a_4vmNxQjHjleB7KeZjYdq-2X66D9QzWGhiTo70FfoCBVvkGwtLrxDW5OJRY1ba0moS825ZHLzu66vQl25Q7BmzeiklsHZPaOx0ntryjgvum3D4qXPZQQPVtYcEv8uzXJbRW7ghd4m6YeE4iMmb5ofHSYx3N3_oz2jDq3cVuf8HEc5zqWKek6Ao-RfitJAQPrFmEni2ZmfoUq6ne6pWhNZqRqyQ9bL9niw4HGSX2psdCYPiSsit11Nhw9gGKUqiVB1saoKIYKyUfbwjXPd6vf8u5tDnbPfN_hNyyaOuU4yjgFsfy7nMCKeQIbT-g3pdZ7Vdwb-S-KcCilB9SHL1PgD5tMwUPyj4qaNEqK1JX5eCNGeNlZyXG9XBP68z1bmgRKGzx-33Q4b4bKzE2nEAKfUVyIaEY6WIDHFPUwOPa3xsWO-pFcW7P6n9cetOw_x626HyjQJ4BnFw770Sy60c9UnTLVgbErVrhzn69HzPMTIW7e8Ll90GSMWMWlZx6synTL54ULemDaeoaBSEW4qEtvtfIOc7S2IANZxaT7HSZ04uBkIo6zlTEMqD-vJTTIel4bDcaABVP8mYSGUp_7hZ228k5gHpg68nmg89sFfdRqp3f6oAwyAFplyWpu4PRF2Vv9BcNRRR2FaQqczC7nV5bptNlXOHm8cvDuTHK4U7rK9G_NfDQE7aJ3-O-SIgQeN4BN_eWz47fDVagNyy-vG18SLwdC29c0_xTZp8AtbIy5rlq1mcD0i--Y6GLOJxdDR3bUXc6pIi_oWyhcjahwtf94WpgODKNpqwTqOmRYKkqbzgMYQ6NPJuHg0Vj0rpKBnPc9H-taW5Asv72705pOojh4i1_Yx2MPgfwz582h1SXyh9dzIk1Pq5wxvdbpJMBr&cid=CAASBORoLbE&rfl=1%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.203.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-203-141.compute-1.amazonaws.com
Software: /
Resource Hash: e3cc26f27ffcf3bc671a9bb90da504b7ed5a215d8f81af0e17d5ec4765c28072

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame FAA0 25 KB
9 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiV1fgezhW6aDUWTrMEpo2w4MWOvPDHM_MYUkweydJjADHp4OVD-Fy8-C8t3_rLOI91r51dNr09loRte_BMrvexmwlYNoV5Tf7QXEl_oGhVLo3j74r-6W-bE5lwB36sNZjJGny8tASOJZ6lmU8Ylt3jQWIag&dbm_d=AKAmf-Bkyc4u5XqGJjKB7wT4GtmM62CdLj44UNFH63YCHV9w9HNeBaSsDN_Z5yBB1UC2XIX8KE5ai0ICdjo1VvaDxzIgceLO9bucBhc-dPaSiHzYLGO7HicWaFBbtMFicOX1FWKJjtar9LOag4MnCX_RIr8Q_Sk-yJx0h59YigwD6ffAn_xP8EZ22jlvLyJSLdUoaqVtp2FURsB1T5c6FbQfI8OrmzCzPOS7YeAmOSr6yx8JOwirYLRHe4hM6Hyfsbi0F4HlrNd2xR2QaAJpKxX6uHU8z9Izt15PiN575al5XTd3dZfs57BheVKhrMJP5GEf73Uqo95Dz_eKXPUwlQfJiS2D3y9sH2jpGT82bHAhD0E8AZDmOitHdbd43r_SZJZOsNefDV1leez0ybZCzNPznpLvOkwohoNkh-wV9dNRMrX1OkIZ-qtKA9HyrN16oBdnbb0f4eN5Kudq9F9_B9mjkEQX2hHj1xgDH-MmIPZBUcut2Z2-H0cKEJ0cB1cA2TLc6cZJabLupFFahYf76ErG_zrIzSJ4qqf0T5tZGS1sUA-7WDofW8GO79z0deXi-6R1xFu8a8FujtVCNVFFpwPwGHoFPZIaruOpR6Wp2YLzzc8bYLALpzOcjdSUbq10BSz__AGyL9Mr4dPtO9sdfHemy-lDZxsVumOyLUF5gfItQl87e2PDNgaSh9h5hJLC11k1yDxTGkfsMXLK40zOPEvZVy37d4ODkrd7MC7ub_mwFm0maZd7AeOzlbJ2NnTdrybnD997EkvBXeS2PVK3ccBMg7PhAImc1MhAhPBzW2Zg2ADktp9i0SA2lYg_64mQ3A74SHXXs3ZpqRSq82gQBKc2bGBxYhY3ZCcslpcyDprX52hZkvL3VL_QjZQt62D7WFoaunA1F3h9xV2XRxdgSZ633uTrWgDGNCsZDY99ftYMr8liJW3JadE9K-bv4iZAC8NeOYtjpAja48iKQkOnzmZYFz6Ymzwxh8K6pXTdyias2FhnAnfWfKAEgN-_Hvr77a2rmj42KRZ3Os2QnXM5GQqblMomnTIIhRrCuzr0CFiNGuhvdxOhCXZU3tNrh-j5iGvZjJOEVqM0z7Ge2M5ziAcivJEZyiVGks2TFaNnMxYXPtmr5mNy9OmaqaUu51y63HHve-eQip_UOIiw2T-9v4CgvjIPhUsbFQ8DXSM02xNVEiy-X9oaUb9G3zzi4DV9HPp6nWefMEtEk1_XzfyvT46PBs0AdBdURf3s5_H8o1xPQNsbQ2-2AaCAV9BmEFF6HldcInbdTzD0IqnN0F0YH8r7A7EY3z-nY6r-f9D-T-f8qUZIiUlN4G1SuU4CsuPuLlZMA_o3Wu2bDEa1kEG3pRtZHMi0ROU0uoCKtIn_0sMwnmnouoS93pG-wzdoJLKYI5dXqwjheTu2phZT6fUqgP8Iit8_hunCad-E7aYG3KEe3ftwIW50gjf0cUt9FTfqFbrmb23cFQQEf1j_l0MiavEIyw59gWFFEpAbC5mR8bk3zE1cWL0JiBGzOBj5JR60f5i1HAkGCotQ8t1-vjBX-kS5XKz4LF1C1-d7593I5Nh-EH1YPYVaT5ujMSvRlM1oDq2iK9WJLF8z26TKIqNd0hK1lRwoTuMBiPey6c6VIvbnllpTCFG8gueV5e9ORpkuzAH_Fv0V30gRtsODgLgzzZZ4rE4ixOBmGRRPiyupUrH3Qf84z8_ne00-tIA9-rSGYiVZdc8GA7LWBr_-ztXXLRLIVhYi-67MgUTkLNhYYaASr5oUdluqR7nYQtetoDGn0C-KJmmA7Uo8NPdvKfOY0IeUSqrSkizc1tWdDbJckajUe2eqxjyhmBaqDe6DwmHO7CXMav_m_3e5zkwxfWZ8ltyEWkGOe_HXDU2oItSeP0RRmWMtMJr2RE9x8i1TinspfREZ8z6wceZwcD1bI_REKH2hIdSF7WOtvA6OQeecLjm2rncPhGRuAPvXIxJyw47YFa-UHeCTYFeNgXzRFHjfPey9qnLX_wgqnXGQ9mIHG5GtIemifUedvvTEo8qr-tetujKc0gyjOkcLSVb4RwZeY9yn8pwtTFEktwbANU8IwuGWcrmF_G3ePs3iHwKAAnuTkVExAqnEgUlWQd6a_4vmNxQjHjleB7KeZjYdq-2X66D9QzWGhiTo70FfoCBVvkGwtLrxDW5OJRY1ba0moS825ZHLzu66vQl25Q7BmzeiklsHZPaOx0ntryjgvum3D4qXPZQQPVtYcEv8uzXJbRW7ghd4m6YeE4iMmb5ofHSYx3N3_oz2jDq3cVuf8HEc5zqWKek6Ao-RfitJAQPrFmEni2ZmfoUq6ne6pWhNZqRqyQ9bL9niw4HGSX2psdCYPiSsit11Nhw9gGKUqiVB1saoKIYKyUfbwjXPd6vf8u5tDnbPfN_hNyyaOuU4yjgFsfy7nMCKeQIbT-g3pdZ7Vdwb-S-KcCilB9SHL1PgD5tMwUPyj4qaNEqK1JX5eCNGeNlZyXG9XBP68z1bmgRKGzx-33Q4b4bKzE2nEAKfUVyIaEY6WIDHFPUwOPa3xsWO-pFcW7P6n9cetOw_x626HyjQJ4BnFw770Sy60c9UnTLVgbErVrhzn69HzPMTIW7e8Ll90GSMWMWlZx6synTL54ULemDaeoaBSEW4qEtvtfIOc7S2IANZxaT7HSZ04uBkIo6zlTEMqD-vJTTIel4bDcaABVP8mYSGUp_7hZ228k5gHpg68nmg89sFfdRqp3f6oAwyAFplyWpu4PRF2Vv9BcNRRR2FaQqczC7nV5bptNlXOHm8cvDuTHK4U7rK9G_NfDQE7aJ3-O-SIgQeN4BN_eWz47fDVagNyy-vG18SLwdC29c0_xTZp8AtbIy5rlq1mcD0i--Y6GLOJxdDR3bUXc6pIi_oWyhcjahwtf94WpgODKNpqwTqOmRYKkqbzgMYQ6NPJuHg0Vj0rpKBnPc9H-taW5Asv72705pOojh4i1_Yx2MPgfwz582h1SXyh9dzIk1Pq5wxvdbpJMBr&cid=CAASBORoLbE&rfl=1%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:42:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame FAA0 8 KB
3 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:46:04 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FAA0 0
571 B 141ms
86ms Ping
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuR3DkthuhvWsTM4mkRjnIzBpo5cMVugSJzD2C-y4yZYBFIzgV6U0CrtKmYVJLZimCvSVuIEaiXtgTXzQnXRg2N8M6an38aK8J915sAwCwtkJAT7DzJ9_oQNksmTwB21rB8WgBlTLX3GlhHubAgOug7Gp_n1W47CZe6mQYGZ9cf4fZqyGkpHCM15pm4dXL75v3c_q-H8AKcTshljbtWVHzOe3oU_BWJPo8k5PKtgYNyRzV4juz8LtyRGuq3S-kHGG7u_rX99VB3L-qLIJ-SpPruVuU8YoVBcjLYOuk3M-Tf3VfF3qYCqNxRNL2-NfgGKiixRI8EVbJvXHTRcPMOp92y3cIppmWY29bQJZ13W2OGpU1bPu4IuycO2wLvsW1LC4HgqV5jUv4N1P4UbGXw2xmdI3EO10N9HuzEytGoE4dThtiDyiR-G_U--BhYHWjvM_oKK2qQAirl30WmchQBbpnbhxmUBZ_tyOvVq9hrr8Y4fk4bdel-Tm720ibPn4BZ6UVrkTHazdrnJbRUsbtA68RuZvco_kypzhGM3udgbXp49d_N94-A5GnQgug398jDZBIHqRGvea-bWOZX9k5wPjceHlhvE_yPBKRip4DhI0WagDr70I6z_WARulkV9zFgAngoYfM1Bmak_PGR6sc4nMuI1wKuM827ZiX0Nk915Nixvkv_mCgsWrr0DBsTMrvTy5UhTOBZyyLPw9bzX60KO-GiNl_2d6RJK3M-6MnqhBjzkcuDI2MhCgAltJe9VGBUIwCWcYKjMNuaO35KvuxLOf0n5OMyxXUQFJeCl1zec7g3Cegq7nNcpcVdrIdMYKUlo6RC1fSgF3XmfC6dy9kWf45I2Uk2Ndje3kSbDLXqvMtgOwidjtUNDoPOZST1rm0GilICEVN0gHIVxxFzcy77LeVPdnDbKM3TfxrNLZuucRl3K-3bLluPIoLmWn2xSmjzfrs77zH-HYfusUbcQTBRtkiAUrp1Kqj_bPA9867RU4EwHpJJv13QM8SJ0Aox4YD7bBWnk2puG2YtG0o29OO6QuB6wNUcWRioEwcnhRhYtbK7IEHpUMEq9-eAzr_VhVuiKMNAohlC6p0LkpzVUjXy7VoVpJd4YXQxTThhdvqAukGZMWga7OpWLjr1hpRHQOkvPLAclS4233GuKg&sai=AMfl-YQjPE5YMX2i-BV2AyHK6Ggb499wO9sVFjJeNiRfnOPRS5JlDE-SWcuiG9kQG5YDqIy-lCgObrLPf5oppGRk3QA8lO84u3M-FOI5w6H5jmYCVX_XsLsVzoA9izd1YwgjG6uS&sig=Cg0ArKJSzCjhGdIx25ryEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220302.82423&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 07 Mar 2022 02:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FAA0 41 KB
15 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 06:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 06:10:58 GMT

GET
H2 200 02112022-061643401-Diversity-in-Law-FY22_Ad1_728x90.png
s0.2mdn.net/10563084/ Frame FAA0 62 KB
63 KB 86ms
20ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10563084/02112022-061643401-Diversity-in-Law-FY22_Ad1_728x90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8c6f72e1e80233ca6a77818f68a9be4e8c56c33e6893bfdc570d85cbad73d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 01:38:30 GMT
x-content-type-options: nosniff
age: 4181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63998
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 14:16:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Mar 2022 01:38:30 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D7D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

43 B
1012 B

44ms
26ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUGaV3ShCsZQLPfm_L3QTKUKZBPXbyG9BJZyZm37REs_2Fueqwsf-SwbFOrloC7OBfsvp1GD0l0JV0tO44MnIsruDhxkQ
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Mar 2022 02:48:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D7D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiVyawJNHLDg3WUhrW0yUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

43 B
892 B

45ms
36ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUGaV3ShCsZQLPfm_L3QTKUKZBPXbyG9BJZyZm37REs_2Fueqwsf-SwbFOrloC7OBfsvp1GD0l0JV0tO44MnIsruDhxkQ
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Mar 2022 02:48:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D7D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1

43 B
1006 B

47ms
47ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUGaV3ShCsZQLPfm_L3QTKUKZBPXbyG9BJZyZm37REs_2Fueqwsf-SwbFOrloC7OBfsvp1GD0l0JV0tO44MnIsruDhxkQ

Protocol

HTTP/1.1

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 11364f30-181b-4b53-9b50-4ea3756b1740
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

170 B
188 B

37ms
36ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 63d1624e-e409-47b3-af44-82c92933bd3a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FAA0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c3df1ca966c475d13c1b6f36ffe6ad8b17622b856f2f26aa474b155a1234de2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4E35 22 KB
8 KB 19ms
19ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Mar 2022 06:10:58 GMT
expires: Wed, 01 Mar 2023 06:10:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 506233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/775912/56026695/ Frame 235F 46 KB
12 KB 28ms
26ms Script
application/javascript 34.227.203.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/775912/56026695/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANXSR1SeFpWBmq0-k7UBLNe2g0eZVMxeGjyl1u10RzshT3wY4e7q3c-vNbtTgbH5Of1Mu7kO966tfTFZSTZQJ6sH5PIt0BwzjWb641MugIZuZBox-2zKooBi6t1DKjXNx5JSBAzp_7bZaZjwNfCO9r3to4JA&dbm_d=AKAmf-CX25TbnbsPBgD73dZURffRTMSvgec3yiVGelkM9V_z7zlrq6GV2o_IU995zAeIdYB2mw66sYuEHYTcVJB1jePDKH4NfyGAL499SMWHukxGnOnSsDeF-si2BqmWWvI6NsGQI896WA7A7rgoTFyTL3RDL_nORrtFFcECbdZA90BrgtQUBj1blDV3mzZg9rVqMom2tYR3k2mAEA7s1GjXVjKOygNFxA4JTkk_QcuxlAiEWso94IdkX58LBSKp3EvWapkOaQsn1_dB4EnEdrUcfwGS-Z2fh09qQJtmGt-ynuajVfnMNgxyYbirS6sohdaqKNEL2ey-85mo8CgziL4DW5QTEjbuU8HczgnPQWeNjVRkCOP30xUL61VyV9nmrKs5S-kH3rGSp38KWTBRmBw02_gD6aq8hauTFoYYIhsgx2Rk7WGcVCpc9JkZcvsyQxk1rURzEHUP5PD6TJwJedE00nKIgDjuCZoJTjtTvtXeqa5RvUEEM2IH5WcXVs2SabLOC-NuKv_aSy7zTIkQtj7nEWNGiCs5nylYlCZvAYHXdU4utn49jbg04DN4mH0jfpXnvApMLDMZJcoh5IY0aaC0gFByD_4Dr8-CHwrh3g_KXy2pPzKL2Hpx58q46QnP7iDt3ZDjJIyk88ul9EZY6pggOnVq3U7WFwz-lYBRu5IJ61NaZm1q3p3CxvhcjClejWOcyLPgH50ZqapEwwkC2XJWJD7I8tUHZWN6IZ52CTwQWvsJ77HXnTKLOwSpGpWMAmyA4ICxqL1ISYEMb2ZWokqqYG-kBBiX2NEBwfLlUBYzAh4BAg-5ESWxquZUgevNCifWXubeO5f3pMneYq4aXrGTSAehF2iU4QdjRvYdbhqQyYnR_zqUEPPQbbwpUo-8ns9rPLC2c72pyPoofzFTUWAAq4JcXzN6Jab6XCXcw8CrONPTDivbZ8vvdS8XNFCtBfrI2o1UK1uuC8j-vj3mmPUzxDj2sOBiUIPvgZ5YEsNYt2pBzg9K7DPLL0l8feOJessCY6TmN-b-VSy0Rr71x0I0T7NdtnNHEjlpmlqLe9gx2dbvc15JM6juFJKfJpcIFPNvik-YHQv2afbHFYzeIgQ-l_fAO5zXb6ygKtKdh6LYB2T7OfAE5is4yff0W86Spp1P__9EtRSXyOA5MX5R9grS4lIQT36yOnR3rWjlKDgdJDWCv9vK4LQcZSrPrb43f9l_eEGagQr8nVYhfo-NsHsBHT4UItfKZYcJEGSiQX2jm5w8PMFYGv82kTBrwAUeiX9MlpY4chzkFySJ-5sgkBViatLfx7VpX6Iy1pd7s9ISP9o6mOtlh8CvwzrmesL9GDrgimkkDfliEKzn-M87kAJ55TJUOyFZaiCnUgbRtoQe1bd745iDpwPzwn2hhd3ZHZlNOUF5ENO4yhWtF2VeFW9WMIJDRc3bhvbb0hYeEJxMNfo8lnJvjHfuzKWLU64pGBJZLgd4YlltJrd6OYzRL9Y-pbK6vk-gEF3wVcRou6SvsTuH0a8frmeYbz7yzfKkAoGB6m490FmtCv05ygGv1yA444c4CLVXxrRWOhMXV69FKgqauqm8Tko2X5sHfKTbhqUpzMtEgcwHkCAu0aRkbV8Kt3ozKg-TRb4XmHGJjNxKDjWz-TXP9hqhRiqbJWlkSSsYNYbk8cMP-D10XV2qgTVwYeHbfstZ27elJI58HHjvLGn8BqJeYrpsCFc__8iI1U9D9t17bxH_uei-86Cwg3ZhEDPQCmnlpgphRyy37_5ImXntkIL2nQlqXjLXUzUv6z2MVPf80PVxoRWCk9Q1W73_PG_SC3w4WWG1uwBqFGdyl5ig_eNEhfByvA6UFKvJFrkA4vwOKwoqemV2EsCzuut4_E6X2XgsAv-Se9WpEF6xSXPBf2f45AqC6hWYwZQOe49Ms3SGSfNxFGEMlWVIv4iE4czRFPfCMQFnJzfhmjGzkwMd2avkLGUqGlfPtQbSRCnGWyRE3Kw5ZyFbnVp1DSpcMvvxdVZBDwl8Cc57H4akJ_NHOZAELVVm1EI6YKL8Dk6caAekjJzqo7i2drKVQb6fe5O7DlTf2zTPBZEAs0fxNLnSuMKruTs5ZbzQ3zPX9rAgpngSJuCDOfqGXCeYCy1FoVmPB-MONBrZLMlINbtJTfFUmGpCtBb1Rm5YMRee7hS-byv6-EYDBCwV9uu46CpzHuxYpzq6XaO14zQfYTKeqeGDJPB9IhoHtZZUU8Ee87MW7IV1vMW7iUpKC5uNqnqncWyf5HqNobbLKBfe1gFmLoYI9CO1jobd_x2V9wHIt1pnzwdnA3wXN6keK_LNUTMAoFSwk6y5aaigDgQFhHPQ8XfALa9r3h0CEyH_t00JIpVQCxTpLA0VgBQmHuh2ffrapvvDLVQygnx4RQlDuWa02VC5FWRbcgvGbOJnHtTrdOkGoU99u3VgtCuvLynVCi7AFrHJO-gGUpFbJB9fEbETcIZjtA4ojCAM2XkHlLIkTE1PZvyQCNdRjzqD37nqLpLyZt7sU2-xYrsISLnPtvXqMC4o8gTf4Mi-od1b5Rx5fSP8C3s3yV-VM2IJrtlZOayEy3eH--b1cZxVOGY8CnOzCTq1veoKWjTUqiJXgfrq3Bg1G3TZSoWHzN9JSb4Tb0Ho4hb9G3hv6kMKFD-26c2Yek1r9N9HzOn7yM2rJNGehr59p49ZF7XTAIz-SWgTnGSa2ijFy5xt6hh5f5JrM-AQMbbuW9xggWEA4thxGVpcnJOdBiNepQOIxsH0NMBzYZV6Jr2rw8k6z-Ecz-6_Af_ig_FDqCHMg87QHbNehyihZESGl-WLRemH1aA4ye8yoYNwyDUe486PrPKHBxLObZvXfKMgrQlBSHVdwksb7Pk7zBq5fDzq-rOb7cfC6dAPnsQjOFHxI1V1qaGzDyye4KhY6n52_aAWBNFW6IU9Jqj3_pwZBpFcBAvW_OSXg33IqVo7nAlw8tvRhRiTBmpyqIhc8gHX43bkuJM&cid=CAASBORo5mE&rfl=1%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.203.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-203-141.compute-1.amazonaws.com
Software: /
Resource Hash: a5b0e69a442dc3a7c1781f691a032765265a4879cea47d675254a55bb768f658

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 02112022-061643401-Diversity-in-Law-FY22_Ad1_728x90.png
s0.2mdn.net/10563084/ Frame 235F 62 KB
63 KB 48ms
20ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10563084/02112022-061643401-Diversity-in-Law-FY22_Ad1_728x90.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANXSR1SeFpWBmq0-k7UBLNe2g0eZVMxeGjyl1u10RzshT3wY4e7q3c-vNbtTgbH5Of1Mu7kO966tfTFZSTZQJ6sH5PIt0BwzjWb641MugIZuZBox-2zKooBi6t1DKjXNx5JSBAzp_7bZaZjwNfCO9r3to4JA&dbm_d=AKAmf-CX25TbnbsPBgD73dZURffRTMSvgec3yiVGelkM9V_z7zlrq6GV2o_IU995zAeIdYB2mw66sYuEHYTcVJB1jePDKH4NfyGAL499SMWHukxGnOnSsDeF-si2BqmWWvI6NsGQI896WA7A7rgoTFyTL3RDL_nORrtFFcECbdZA90BrgtQUBj1blDV3mzZg9rVqMom2tYR3k2mAEA7s1GjXVjKOygNFxA4JTkk_QcuxlAiEWso94IdkX58LBSKp3EvWapkOaQsn1_dB4EnEdrUcfwGS-Z2fh09qQJtmGt-ynuajVfnMNgxyYbirS6sohdaqKNEL2ey-85mo8CgziL4DW5QTEjbuU8HczgnPQWeNjVRkCOP30xUL61VyV9nmrKs5S-kH3rGSp38KWTBRmBw02_gD6aq8hauTFoYYIhsgx2Rk7WGcVCpc9JkZcvsyQxk1rURzEHUP5PD6TJwJedE00nKIgDjuCZoJTjtTvtXeqa5RvUEEM2IH5WcXVs2SabLOC-NuKv_aSy7zTIkQtj7nEWNGiCs5nylYlCZvAYHXdU4utn49jbg04DN4mH0jfpXnvApMLDMZJcoh5IY0aaC0gFByD_4Dr8-CHwrh3g_KXy2pPzKL2Hpx58q46QnP7iDt3ZDjJIyk88ul9EZY6pggOnVq3U7WFwz-lYBRu5IJ61NaZm1q3p3CxvhcjClejWOcyLPgH50ZqapEwwkC2XJWJD7I8tUHZWN6IZ52CTwQWvsJ77HXnTKLOwSpGpWMAmyA4ICxqL1ISYEMb2ZWokqqYG-kBBiX2NEBwfLlUBYzAh4BAg-5ESWxquZUgevNCifWXubeO5f3pMneYq4aXrGTSAehF2iU4QdjRvYdbhqQyYnR_zqUEPPQbbwpUo-8ns9rPLC2c72pyPoofzFTUWAAq4JcXzN6Jab6XCXcw8CrONPTDivbZ8vvdS8XNFCtBfrI2o1UK1uuC8j-vj3mmPUzxDj2sOBiUIPvgZ5YEsNYt2pBzg9K7DPLL0l8feOJessCY6TmN-b-VSy0Rr71x0I0T7NdtnNHEjlpmlqLe9gx2dbvc15JM6juFJKfJpcIFPNvik-YHQv2afbHFYzeIgQ-l_fAO5zXb6ygKtKdh6LYB2T7OfAE5is4yff0W86Spp1P__9EtRSXyOA5MX5R9grS4lIQT36yOnR3rWjlKDgdJDWCv9vK4LQcZSrPrb43f9l_eEGagQr8nVYhfo-NsHsBHT4UItfKZYcJEGSiQX2jm5w8PMFYGv82kTBrwAUeiX9MlpY4chzkFySJ-5sgkBViatLfx7VpX6Iy1pd7s9ISP9o6mOtlh8CvwzrmesL9GDrgimkkDfliEKzn-M87kAJ55TJUOyFZaiCnUgbRtoQe1bd745iDpwPzwn2hhd3ZHZlNOUF5ENO4yhWtF2VeFW9WMIJDRc3bhvbb0hYeEJxMNfo8lnJvjHfuzKWLU64pGBJZLgd4YlltJrd6OYzRL9Y-pbK6vk-gEF3wVcRou6SvsTuH0a8frmeYbz7yzfKkAoGB6m490FmtCv05ygGv1yA444c4CLVXxrRWOhMXV69FKgqauqm8Tko2X5sHfKTbhqUpzMtEgcwHkCAu0aRkbV8Kt3ozKg-TRb4XmHGJjNxKDjWz-TXP9hqhRiqbJWlkSSsYNYbk8cMP-D10XV2qgTVwYeHbfstZ27elJI58HHjvLGn8BqJeYrpsCFc__8iI1U9D9t17bxH_uei-86Cwg3ZhEDPQCmnlpgphRyy37_5ImXntkIL2nQlqXjLXUzUv6z2MVPf80PVxoRWCk9Q1W73_PG_SC3w4WWG1uwBqFGdyl5ig_eNEhfByvA6UFKvJFrkA4vwOKwoqemV2EsCzuut4_E6X2XgsAv-Se9WpEF6xSXPBf2f45AqC6hWYwZQOe49Ms3SGSfNxFGEMlWVIv4iE4czRFPfCMQFnJzfhmjGzkwMd2avkLGUqGlfPtQbSRCnGWyRE3Kw5ZyFbnVp1DSpcMvvxdVZBDwl8Cc57H4akJ_NHOZAELVVm1EI6YKL8Dk6caAekjJzqo7i2drKVQb6fe5O7DlTf2zTPBZEAs0fxNLnSuMKruTs5ZbzQ3zPX9rAgpngSJuCDOfqGXCeYCy1FoVmPB-MONBrZLMlINbtJTfFUmGpCtBb1Rm5YMRee7hS-byv6-EYDBCwV9uu46CpzHuxYpzq6XaO14zQfYTKeqeGDJPB9IhoHtZZUU8Ee87MW7IV1vMW7iUpKC5uNqnqncWyf5HqNobbLKBfe1gFmLoYI9CO1jobd_x2V9wHIt1pnzwdnA3wXN6keK_LNUTMAoFSwk6y5aaigDgQFhHPQ8XfALa9r3h0CEyH_t00JIpVQCxTpLA0VgBQmHuh2ffrapvvDLVQygnx4RQlDuWa02VC5FWRbcgvGbOJnHtTrdOkGoU99u3VgtCuvLynVCi7AFrHJO-gGUpFbJB9fEbETcIZjtA4ojCAM2XkHlLIkTE1PZvyQCNdRjzqD37nqLpLyZt7sU2-xYrsISLnPtvXqMC4o8gTf4Mi-od1b5Rx5fSP8C3s3yV-VM2IJrtlZOayEy3eH--b1cZxVOGY8CnOzCTq1veoKWjTUqiJXgfrq3Bg1G3TZSoWHzN9JSb4Tb0Ho4hb9G3hv6kMKFD-26c2Yek1r9N9HzOn7yM2rJNGehr59p49ZF7XTAIz-SWgTnGSa2ijFy5xt6hh5f5JrM-AQMbbuW9xggWEA4thxGVpcnJOdBiNepQOIxsH0NMBzYZV6Jr2rw8k6z-Ecz-6_Af_ig_FDqCHMg87QHbNehyihZESGl-WLRemH1aA4ye8yoYNwyDUe486PrPKHBxLObZvXfKMgrQlBSHVdwksb7Pk7zBq5fDzq-rOb7cfC6dAPnsQjOFHxI1V1qaGzDyye4KhY6n52_aAWBNFW6IU9Jqj3_pwZBpFcBAvW_OSXg33IqVo7nAlw8tvRhRiTBmpyqIhc8gHX43bkuJM&cid=CAASBORo5mE&rfl=1%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8c6f72e1e80233ca6a77818f68a9be4e8c56c33e6893bfdc570d85cbad73d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 01:38:30 GMT
x-content-type-options: nosniff
age: 4181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63998
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 14:16:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Mar 2022 01:38:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame 235F 25 KB
9 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:42:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame 235F 8 KB
3 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:46:04 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 235F 0
61 B 88ms
87ms Ping
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsszYF4ObAOs0DqrIUcP_Hx0JeJNvnfYe--KecfF5OIKKk1NLJtJiy1dTNCUIXARNLeFWaaKw_VjGNFUkONfMv4biQiub6lZSQCgCABf8yIPP_VCD-C9JCtRtpwUu4-JSL-Cewxwe4Bv3zDPHgcFSpBWI7Yjult-aP70bBQXrcreJdTVQ9zg3FQnqvol7qobcbwo4lrxjUt9L8smoTKPObKJBDkFLM3YveMF20KzCMjUPuJ8_otTMP6gg1xGxYHjb_5R5BatxhN2yXUKINTJIgHnd4r9tQMdN8BkVBeXzAKIvucbGKlVAjfOOPh4ZefChH9wErsNlVE-ZRUFlQtox9lLckxEjeaQeTvoWZqB-cxaH2A6eJ78FJNvwE1114nc2m9pnNrHjuqbAEsQeLDuf8q5c7KiD88F4PzpyWk-ATiKlBz-sk4827wU3rNlMMQLnqhKRnX22whAw96hWsrw72NBALodyv0__IwNaYvqOVxCmWdl3zTKNgkatUYMkgbd-Xg64NgCIv7_auPnXz50joBuX0PaWNzmObSnCuuPbfnQI52OZRbkYe0Erw0KOU9qblueiUSwLEFG1nJOpdw0f28PXbN75rjWq2R2_Na_jOva9Tinbvzbd5LWSYx7FLgJn2senqHcvcuFh9Qz3_q1qSfKOvi_2ojolhwlxljllZKH2aEUVRV7Fvwsl4tG6ZwBdT_PWc1jq_xkvNmA7EYCdLRlVASS0DpAaefdbSWXdC3CudCNFrGMq4vxKk6rP2jYZdoZ-GH2aTbIlJKywCdPrcDfmSIGxN6ROgRie-Fnle3K7iLm7umpZMTECadefJ1iNClgIBmXsQGlTKRKp1_V9lGKSpow0CmgYkaemw26DlETS2dqUMplcJdk0EZI3wHfGcEVyrxW56wjPhESUwmnePbZwtRxzfl-t2jsGylE2zH2JurKqfcMrhVwB0n5iGTlls8ZPKw79SA9-XCA-hscwSq77zd6v2gQkw0vGtL-p5LFa5mUEANUyj53OafFxYn810Oidd6S6vhjfk53p8BJsIXoaFYK7gou88K65gvwKw1bB4y4hSmpWjmAAlF5xT2AA-zMbDu6GoPJtoDr8msxv8ywtjAiTlXmVM81rGIxB1XKeiOBWgzhH1TBgjhPbk33b46CouUCVEbJ&sai=AMfl-YRV4HBW6x1yLGKyiX240dK_yClrZ9cm3B7_UlZa2QF4UGa7F_n3PrShFX7mcQ8TXENGeKravuHWGN54K9ywiDfB5hwbwcILnHnvloUiKKjEgFCZL1YCFskh0QFSbPqnJppv&sig=Cg0ArKJSzNnWj7LAwgu9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220302.42896&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 07 Mar 2022 02:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 235F 41 KB
15 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 06:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 06:10:58 GMT

GET
H3 200 8064845742407389064
tpc.googlesyndication.com/simgad/ Frame EEF5 46 KB
46 KB 20ms
20ms Image
image/gif 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8064845742407389064

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=600&slotname=7967969422&adk=871599438&adf=3780727132&pi=t.ma~as.7967969422&w=260&fwrn=4&fwrnh=100&lmt=2145830155&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287495&bpp=3&bdt=659&idt=180&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=JiaTE4aCfh&p=https%3A//pogoda.ukraine-ru.net&dtd=183

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02ef4cc53dcd03d0907bf1556d6ca56eef0b39e7743a41af157fbf958bec959e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 17:00:11 GMT
x-content-type-options: nosniff
age: 294480
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47288
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 19:36:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Mar 2023 17:00:11 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame EEF5 19 KB
8 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame EEF5 2 KB
1 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEF5 124 KB
38 KB 100ms
73ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame EEF5 15 KB
6 KB 20ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:47 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame EEF5 28 KB
12 KB 21ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b04166b6e23095feb89427b395cff80036ef313d35ca34e3b4d2ca6c5ef32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11811
x-xss-protection: 0
server: cafe
etag: 8908131998612474304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:20:06 GMT

GET
H2 200 main.gr.19.8.289.js Show response
static.adsafeprotected.com/ Frame FAA0 189 KB
60 KB 98ms
20ms Script
application/javascript 2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/775912/56026695/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:07:08 GMT
content-encoding: gzip
age: 1676464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Feb 2022 16:52:16 GMT
server: AmazonS3
etag: W/"e894d9dd87d5e06b21396e04a0c29127"
vary: Accept-Encoding
x-amz-version-id: QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: sFnwd-dt9J7Ks_BQ4ud60RosH6cnSg1AiW7zro3vcnrCuoj1APKrLw==

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EEF5 0
0 87ms
87ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgsananIlYrKJL_GVoPMPjciHiA764IOaZ5be_MGnD_nn6_fULBABINegmgNg_eiigfADoAGhgtGSA8gBA6kC-yHR-YVbqj6oAwHIA8kEqgThAU_Q7NrZ4SX8mIZtlQJvxp6EBehypu-stkrr84X-EW2m_H9jbuEDQmVpxoDh6aAJCG6imfh-QyAUsGxgP3fryvllhoZJGoYxMhj1_Fbruskhi2hlL-HWiSKjhn217kZg9pAixPzVBV586ncAr0r_DJvvzcWAS5JvyOkB1gK0cXzpKGs29h8_5Kwj0UBYWMDjbuH8ud62ZQR-DhU-45zDZ21i_I5YcGddMr8rKo7d3Rzx7dKbr8mxQ4I8xGnOX183ejIW4LaVDtneWXttAGU9knHnnCmzxF0kx5Yf4ZlK6_9TzcAE3tvI8uMDkgUECAQYAZIFBAgFGASgBgOAB8f9rm2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDD0BTSCAcIgGEQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTk1OTczNjE5MzM5ODkwNTAYAA&sigh=PYL_9gGTtO8&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=600&slotname=7967969422&adk=871599438&adf=3780727132&pi=t.ma~as.7967969422&w=260&fwrn=4&fwrnh=100&lmt=2145830155&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287495&bpp=3&bdt=659&idt=180&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=JiaTE4aCfh&p=https%3A//pogoda.ukraine-ru.net&dtd=183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 07 Mar 2022 02:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/ 151 KB
54 KB 56ms
55ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b557334a53301f9aa6693989ba3ff06ad6054aeefc5b6fdd6367067ee8aea711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55048
x-xss-protection: 0
server: cafe
etag: 7620347733287104551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Mar 2022 02:48:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FAA0 0
23 B 109ms
83ms Ping
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 235F 0
23 B 82ms
81ms Ping
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 main.gr.19.8.289.js Show response
static.adsafeprotected.com/ Frame 235F 189 KB
60 KB 44ms
43ms Script
application/javascript 2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/775912/56026695/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:07:08 GMT
content-encoding: gzip
age: 1676464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Feb 2022 16:52:16 GMT
server: AmazonS3
etag: W/"e894d9dd87d5e06b21396e04a0c29127"
vary: Accept-Encoding
x-amz-version-id: QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: gMGPmlky4omMTtmUEikxWQuscWHqtF-RXyT-ATGgBFsV65-txQIAvw==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 61D6 22 KB
8 KB 19ms
19ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Mar 2022 06:10:58 GMT
expires: Wed, 01 Mar 2023 06:10:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 506233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 235F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff66e0192415b625d911dc1ae829a7ce9b88b5ce6730b538e368b5d7a0dee49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D402 143 B
163 B 26ms
19ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=600&slotname=7967969422&adk=871599438&adf=3780727132&pi=t.ma~as.7967969422&w=260&fwrn=4&fwrnh=100&lmt=2145830155&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287495&bpp=3&bdt=659&idt=180&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1035&ady=107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=JiaTE4aCfh&p=https%3A//pogoda.ukraine-ru.net&dtd=183

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Mon, 07 Mar 2022 01:54:55 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E35 35 KB
13 KB 40ms
37ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:57:40 GMT

GET
H/1.1 200
OK widgetsModule.js Show response
w.uptolike.com/widgets/v1/ 172 KB
42 KB 144ms
141ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:11 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 07 Mar 2022 03:18:11 GMT

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 61D6 35 KB
13 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:57:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D402
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
42ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Mar 2022 02:48:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame FAA0
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/775912/56026695/skeleton.js?adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

21ms
21ms

Script
application/javascript

2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:58:44 GMT
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
age: 8923768
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: CBEgnoWpI4_xlHCFcjxgQautJdaKIy8qXlj-XkBzAZnTBFfnTjlT8w==

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: app17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame DC18 80 KB
21 KB 18ms
18ms Script
application/javascript 2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=3588316316&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287460&bpp=2&bdt=624&idt=202&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EWLutgBaBk&p=https%3A//pogoda.ukraine-ru.net&dtd=207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 8638322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: bdqhlccpG_O68WpV2igyY6vnxkhsfYdUjzMOkDXBbUGMqnqTdwBT_g==

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 235F
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/775912/56026695/skeleton.js?adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

22ms
21ms

Script
application/javascript

2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187
Protocol: H2
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:58:44 GMT
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
age: 8923768
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Bmtt_IWYnceqpkibTb9F02ceT_CjoP1ub_ji7XobVN7xDFKl9r5tDA==

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: app02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 14B1 80 KB
21 KB 19ms
18ms Script
application/javascript 2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 8638322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: OP_GhiU6dyT1wZoLQAjxEUswtgG1-nRvZ2gHeDQmDFmIoSQCIY6-jQ==

GET
DATA 200
OK truncated
/ Frame EEF5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c0bc37c69de7088308deffd0d1c8aab57329af5f2f521ab8d38f2a20b6ffbd3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 68ms
39ms Script
application/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=pogoda.ukraine-ru.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 64ms
36ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pogoda.ukraine-ru.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame 2B9F 10 KB
4 KB 23ms
21ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 06 Mar 2022 03:36:17 GMT
expires: Sun, 20 Mar 2022 03:36:17 GMT
cache-control: public, max-age=1209600
age: 83514
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame 66C8 10 KB
4 KB 20ms
19ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 06 Mar 2022 03:36:17 GMT
expires: Sun, 20 Mar 2022 03:36:17 GMT
cache-control: public, max-age=1209600
age: 83514
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
216 B 85ms
23ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KvqE,pingTime:-3,time:268,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:187%7D,%7Bpiv:0,vs:o,r:l,t:267%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:268,n:267,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~1,0~0%5D,as:%5B92~728.90%5D%7D%7D,%7Bsl:o,t:267,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C141%7C142%7C151,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
215 B 82ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KvqG,pingTime:-6,time:270,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:270,n:267,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~1,0~0%5D,as:%5B92~728.90%5D%7D%7D,%7Bsl:o,t:267,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C141%7C142%7C151,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:pogoda.ukraine-ru.net*&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 235F 43 B
215 B 75ms
25ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=41a57368-a9d3-eaac-c931-59d4b78e8559&tv=%7Bc:68KvqQ,pingTime:-3,time:204,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:131%7D,%7Bpiv:0,vs:o,r:l,t:203%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:204,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:131,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~728.90%5D%7D%7D,%7Bsl:o,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14*.775912-56026695%7C141%7C142%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 235F 43 B
215 B 52ms
26ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=41a57368-a9d3-eaac-c931-59d4b78e8559&tv=%7Bc:68Kvrc,pingTime:-6,time:226,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:226,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:131,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~728.90%5D%7D%7D,%7Bsl:o,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B22~0%5D,as:%5B22~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14*.775912-56026695%7C141%7C142%7C151,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:pogoda.ukraine-ru.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
215 B 25ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KvrY,pingTime:-2,time:350,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:3504,bdZ:3607,beA:3648,beZ:3649,mfA:3820,cmA:3821,inA:3821,inZ:3826,prA:3826,prZ:3830,si:3836,poA:3837,poZ:3850,cmZ:3850,mfZ:3850,loA:3918,loZ:3921,ltA:3998,ltZ:3998%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:187%7D,%7Bpiv:0,vs:o,r:l,t:267%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:350,n:267,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~1,0~0%5D,as:%5B92~728.90%5D%7D%7D,%7Bsl:o,t:267,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C14.775912-56026695%7C141%7C142%7C151,idMap:13*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:161,readyFired:true%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 235F 43 B
215 B 32ms
31ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=41a57368-a9d3-eaac-c931-59d4b78e8559&tv=%7Bc:68Kvsl,pingTime:-2,time:297,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:3597,bdZ:3626,beA:3718,beZ:3719,mfA:3844,cmA:3845,inA:3845,inZ:3846,prA:3846,prZ:3847,si:3850,poA:3850,poZ:3859,cmZ:3859,mfZ:3859,loA:3943,loZ:3946,ltA:4015,ltZ:4015%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:131%7D,%7Bpiv:0,vs:o,r:l,t:203%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:297,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:131,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~728.90%5D%7D%7D,%7Bsl:o,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B93~0%5D,as:%5B93~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14*.775912-56026695%7C141%7C142%7C151,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:165,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597361933989050&output=html&h=90&slotname=7878197618&adk=3124643992&adf=223692363&pi=t.ma~as.7878197618&w=728&lmt=2145830155&psa=0&format=728x90&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646621287486&bpp=8&bdt=649&idt=184&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=2048367694771&frm=20&pv=1&ga_vid=1841803725.1646621288&ga_sid=1646621288&ga_hid=1263334512&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1568&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774&oid=2&pvsid=1756453267620691&pem=804&tmod=1633179037&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TVO6gh0YBa&p=https%3A//pogoda.ukraine-ru.net&dtd=187
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ Frame 2B9F 4 KB
1 KB 87ms
33ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 01:31:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 02:48:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B9F 205 B
744 B 74ms
20ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 22:40:56 GMT
x-content-type-options: nosniff
age: 533235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Feb 2023 22:40:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B9F 604 B
695 B 74ms
21ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 00:11:42 GMT
x-content-type-options: nosniff
age: 95789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 06 Mar 2023 00:11:42 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame 2B9F 19 KB
8 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 01:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4494
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8378
x-xss-protection: 0
server: cafe
etag: 16647736096342315519
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 01:33:17 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D355 624 B
297 B 39ms
39ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUJ64oY5TvsPJbsCIFr05SaOfwE7Bik1e5WIW6W4qKrw3Dscw2tONdeuRmnkj_I3BiFABi418AGas2et2g1e53A83vBDQ

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Mar 2022 02:48:11 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C78C 68 KB
31 KB 77ms
77ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUvBi_xPZX3ECAVT2w36okNambF_wl2IUYjouDs_qdEoZgTvPNGzgqB9g5TNYV4UGA7hoqsyuRzI6u0QHX8GN2Ls81VblaNBhyUJn7PQxYiAPQRgSMJsM8Y_yDArEDHVU5SxnDXvRGz6mT_wkNhtG-1FIkCg&dbm_d=AKAmf-B6nuLcyPDaFMBK26ZdDWQ4wDttHUTY3RAtgIn3TCHWTgVtrYokPJZqThLyVVWqaWqCwemBGPRNN9EpSE5socQ_eMb5MwW5CvLXw0CgcS0X1JFn_9oSeHoVsDdOXseweuA14w9NrZBD7ecUlAIecD09K415INL8pxpsnqVMtHqLFn93BFQYErKIXOqXNIUeRkxi6UAvUvNRz_44E5wbwA0-lqdw4Bhj0cUJNVeT3GL59IbttmZcf_TOrNyrsnGbQeV0QCaXpCKLaz7rA8oGO-mZnaUKfRL9G91GVarb2a7F0DDtT-VGz5NwiqaEAE32oLNyATdVA85U8rm_WhrC_66sPtI2xAy8HAomkOUWzRZ5mmqjo62os5wRl449kqGn08m1u_qxM0TD0uNXhdQ48amPsfQxfdamElXzEzJ6CNMUDupG1nThUyWw2f5HRL6U_6qEhKp9JletVwFsmhDXsQF7M-7Yo8aUmxvnepSXpvpNCb_hAfluE6rsHzp2xUN5AJSqeYEdGL_qok7v1uqM3n6gaGU0PPqgIrYaZfIgIy3HQ-WABmoOkyFMapfb7AArnrJ8jBtTJxu_x7ZUAvfDQ-l7wdUOM_UcaOYZwvP6F47enucXAuTh4Uhzyrn8xQAZSe0NhtrRlu-lE8KbhdcRi7UnyL-2X7nVXv3NuOgfJJ-Sy9pQb1XBFG6pclsvSIMpG7_aIr0lkYz0ngfKiMxI6PIeH66noV9_Ipwpru31gfNOZE8tnYNeez1Nw96TFEptZ2faCAYFE_oQ0byaW00OhV2_rLSCUQS1M8CPhIkhazheQVhDtzJ0Gf6Z04PQ1L9IbooQp0_1UXUOlfB_xqpvaxNA0KH6M9S-tml0ZzQayeSvRF0HeODjZjy0IReyEJB31t2BJbn4eQlBy8Q7VLawJLKhNu4LPukMtOmfQTakAvuGNmY9iAub54n97OIjpgcNWcLf7JHZJCyfzgbYqUdbDJcM-B1HaWiCpLczgX4gh86avTvsHkqv_nMtEj-nL959nk5VWVW9xDEm9V-sEWFj9OOd0H7olo_AbD2-99e-TVNUCtGzG0TTZxPD5dM_NgHUo7qcEFGM0dFim4nyjVKOuInJqK5pofCrTuaWqXgNkoRlRLlJIwo6bkpLaV9pBEySXW14ytlFgn3Ob-IV7O-cHyXEtvtIc6YRqM-EOeT2jvBqbPADCa-ToXoBWbOYD3uYDB3-ZaN4UihuRN_ne8RO5Kp4majbxWWD-s2qoTXu8UPlj7Q95EndY2CkKPLIiicg3BCEr1ePq_WVnOadyof1BbGG1I1fitOWYzeBF1TtHOWnPpV-Si9GwcJj33zdISXT_EPJqpW8XDK7_DojxlcIacSXL_WFHReDu4RotBWRioKB6RcwFZrmn--aVCSe8wZcNRBW4HRHDvu52grL3Pp8pqBqmsnooNOrTZTud6C9dTqOh1KvsKkSelZjw74UArZN45eezb9YQfZ0-gdppas8Bq_wOuKgW3UbKafLvoUEI1nizyuzTViYxXod6O6DwX4pFFGPgaQaIq2mBmqRq1p_SBpCz61rnRMv7it0m6cpJ_Q4l5nJt1hx63Leh_9gfkBJU4NPEoAunk4dYKOuP5aPSNnyLqZ2dTMAhVD515Ef0w9LDU82-DzfQ0GBkihzReiMhTxulOcaoezwM1Gy0gVnPP8yksk5f6GPmL8T-aomq68uwyNj36bsqMiLTJkpKOdPX9gcbI47ZPg3kYqqCHQAoSVE5w0Tv7dLesLeZvg_kMf469HyPfzDkyycwAqTA5lzkcoIHr_IcvTgssskjPzbaVAbka0rpW_CPAU2FKk_oYzFr05cmAuWyfsabIsH4bukFREEonol8qJggiIigTkhXKBoFGPUAGs8C2ZRXmiNH_sBGa6sNEXIZ6bNXW0S5NbHWQcJp4UxgDaKQrp1rVwQ8e62LzW3ri8du036X7tiOJg17c9BL3wmt0gyskq9LzBYvCXS9vr_L2BiQRKUuJQow4OpZKSGhXi7aFkea-KHupKlQ4fLPF2uwZmzGq189XpG-1sMEtDGIng5IHQ76y_uv57nkqmST5kQmhs3lsp5QcDKSXXHVhIzWmoALPY-vRc8M1Osg_eS-xQcfsFvFO9pHOAy6sOyL2ARq4uphyzDIhJKvD7CMnqgnXkJz-Xmv9iMp1quQfgsIm81WIgQcqddTBuyS1K13ONgDcjZpUdo6YSScj5K9vIaV5eq4zvuEi_2Ohc27MTV5YswN2xZ_uYdBgpwqu4WonQQHKzM2ghkn2TbaOtRhY5-pQq_0nuyHY7DrhqZoI9vCgovV3cVv7zYcPvkLwgyItwa0ITLg_HHH_P_MIQaF_D8SnT1cK4IchEBHQDL53MU-fTGBBw6HC908usPYGu7o85g4fiLua7mMWb1RcDf7FYTvbMG_NkY6FMPtOwm8AEYkTMcZbPOccR4Y1veM99zC9zGDjedicLx0l1tQWoRsRHhIrw0lkI_35_lYN1tBkoSyRzkIOD3VP9bjS6WKDRdIZXposdZvJS9FgJwT8TykhfZVhz9nY5z1Nrkc729oJ-lGiNoC12Op4wtzofTYGY-pIB5xwegNE_7hWfoZ6nejPJQfYUZkc4fCFZ131Yth6Z2kJsz45kgqbjeBqxwY5OxdsIt3tCDKAzprxWYEY3c6zXt7Hfg6F2eokZF5glFo1zD36gyIUhTqaxWtWPamwEtBIrsv3VNYTtQo_t-2tREh5m35LmSbqZ7fuJMHAza5ffI-hfOKYzSt5xNKW26u6j6zAhxpoIeigfsigNEsNt9Q2S7jVFT8absePzNafVeMslSjsHEg0qrq5dJaLT76B2oY8ZVmrWEonXpyPWiElKUQZttFUt9Vmll1KAVBAxheDwv9uZS77zhnH-bX4p83XI9bxd--sF7bpJo2VlU-Dgtv3878Z-xzH7_umI-cdsvdrff2LYNhxSqxmAOO4tURX0aTxlODh3IFhkc_aSmiogjWcp7yM9er2kYPkYOX0xP6ohy&cid=CAASBORoJHk&rfl=2%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f47d9fd5e18c8dff6e6375c072610f6837f9812b7f72d620d0325bf705abd577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31802
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame C78C 2 KB
1 KB 20ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C78C 124 KB
38 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame C78C 15 KB
6 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C78C 42 B
63 B 78ms
77ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRDGUl3nUWXA_1gj9xeD550ITPMzI-oYUTsR8iNAlXmaJ7IwCqT3QZu2-sMg1fMbmCdBZhTATNaosb8NnMhZUbpRp8XSB3KgMcDZSJFh0I-bpAW6c

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK share-counter.html Show response
w.uptolike.com/widgets/v1/ Frame 9E53 17 KB
5 KB 135ms
135ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

Server: nginx
Date: Mon, 07 Mar 2022 02:48:11 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Mon, 07 Mar 2022 03:18:11 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame AF2F 1023 B
914 B 138ms
138ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

Server: nginx
Date: Mon, 07 Mar 2022 02:48:11 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Mon, 07 Mar 2022 03:18:11 GMT
Content-Encoding: gzip

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame A655 35 KB
13 KB 21ms
21ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:57:40 GMT

GET
H/1.1 200
OK icomoon.woff
w.uptolike.com/static/buttons/fonts/ 9 KB
9 KB 400ms
131ms Font
application/font-woff 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Referer: https://pogoda.ukraine-ru.net/
Origin: https://pogoda.ukraine-ru.net
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:12 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-23b8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9144
Expires: Sat, 21 May 2022 07:48:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D355
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

43 B
1012 B

26ms
26ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUJ64oY5TvsPJbsCIFr05SaOfwE7Bik1e5WIW6W4qKrw3Dscw2tONdeuRmnkj_I3BiFABi418AGas2et2g1e53A83vBDQ
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Mar 2022 02:48:12 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D355
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YiVyawJNHLDg3WUhrW0yUAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1

43 B
892 B

27ms
27ms

Image
image/gif

23.52.162.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUJ64oY5TvsPJbsCIFr05SaOfwE7Bik1e5WIW6W4qKrw3Dscw2tONdeuRmnkj_I3BiFABi418AGas2et2g1e53A83vBDQ
Protocol: HTTP/1.1
Server: 23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-162-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Mar 2022 02:48:12 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOhMh4670s6RYJL2rLGBEZo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D355
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1

43 B
1006 B

78ms
77ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBDh58mqAhjyqaqwATAB&v=APEucNUJ64oY5TvsPJbsCIFr05SaOfwE7Bik1e5WIW6W4qKrw3Dscw2tONdeuRmnkj_I3BiFABi418AGas2et2g1e53A83vBDQ

Protocol

HTTP/1.1

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:12 GMT
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: b6d9ff47-d2fa-4640-bee1-ecaa0c5e2999
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPWHCHo6JA2ixguD_JxV4gY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D355
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

170 B
188 B

36ms
35ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:11 GMT
X-Proxy-Origin: 149.56.153.185; 149.56.153.185; 575.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 66ec484f-6f16-4e09-a3ae-034d25b06049
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM2MjY3MjkzMTE0Mzg1NzMwMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/775912/56026695/ Frame C78C 46 KB
12 KB 27ms
27ms Script
application/javascript 34.227.203.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/775912/56026695/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUvBi_xPZX3ECAVT2w36okNambF_wl2IUYjouDs_qdEoZgTvPNGzgqB9g5TNYV4UGA7hoqsyuRzI6u0QHX8GN2Ls81VblaNBhyUJn7PQxYiAPQRgSMJsM8Y_yDArEDHVU5SxnDXvRGz6mT_wkNhtG-1FIkCg&dbm_d=AKAmf-B6nuLcyPDaFMBK26ZdDWQ4wDttHUTY3RAtgIn3TCHWTgVtrYokPJZqThLyVVWqaWqCwemBGPRNN9EpSE5socQ_eMb5MwW5CvLXw0CgcS0X1JFn_9oSeHoVsDdOXseweuA14w9NrZBD7ecUlAIecD09K415INL8pxpsnqVMtHqLFn93BFQYErKIXOqXNIUeRkxi6UAvUvNRz_44E5wbwA0-lqdw4Bhj0cUJNVeT3GL59IbttmZcf_TOrNyrsnGbQeV0QCaXpCKLaz7rA8oGO-mZnaUKfRL9G91GVarb2a7F0DDtT-VGz5NwiqaEAE32oLNyATdVA85U8rm_WhrC_66sPtI2xAy8HAomkOUWzRZ5mmqjo62os5wRl449kqGn08m1u_qxM0TD0uNXhdQ48amPsfQxfdamElXzEzJ6CNMUDupG1nThUyWw2f5HRL6U_6qEhKp9JletVwFsmhDXsQF7M-7Yo8aUmxvnepSXpvpNCb_hAfluE6rsHzp2xUN5AJSqeYEdGL_qok7v1uqM3n6gaGU0PPqgIrYaZfIgIy3HQ-WABmoOkyFMapfb7AArnrJ8jBtTJxu_x7ZUAvfDQ-l7wdUOM_UcaOYZwvP6F47enucXAuTh4Uhzyrn8xQAZSe0NhtrRlu-lE8KbhdcRi7UnyL-2X7nVXv3NuOgfJJ-Sy9pQb1XBFG6pclsvSIMpG7_aIr0lkYz0ngfKiMxI6PIeH66noV9_Ipwpru31gfNOZE8tnYNeez1Nw96TFEptZ2faCAYFE_oQ0byaW00OhV2_rLSCUQS1M8CPhIkhazheQVhDtzJ0Gf6Z04PQ1L9IbooQp0_1UXUOlfB_xqpvaxNA0KH6M9S-tml0ZzQayeSvRF0HeODjZjy0IReyEJB31t2BJbn4eQlBy8Q7VLawJLKhNu4LPukMtOmfQTakAvuGNmY9iAub54n97OIjpgcNWcLf7JHZJCyfzgbYqUdbDJcM-B1HaWiCpLczgX4gh86avTvsHkqv_nMtEj-nL959nk5VWVW9xDEm9V-sEWFj9OOd0H7olo_AbD2-99e-TVNUCtGzG0TTZxPD5dM_NgHUo7qcEFGM0dFim4nyjVKOuInJqK5pofCrTuaWqXgNkoRlRLlJIwo6bkpLaV9pBEySXW14ytlFgn3Ob-IV7O-cHyXEtvtIc6YRqM-EOeT2jvBqbPADCa-ToXoBWbOYD3uYDB3-ZaN4UihuRN_ne8RO5Kp4majbxWWD-s2qoTXu8UPlj7Q95EndY2CkKPLIiicg3BCEr1ePq_WVnOadyof1BbGG1I1fitOWYzeBF1TtHOWnPpV-Si9GwcJj33zdISXT_EPJqpW8XDK7_DojxlcIacSXL_WFHReDu4RotBWRioKB6RcwFZrmn--aVCSe8wZcNRBW4HRHDvu52grL3Pp8pqBqmsnooNOrTZTud6C9dTqOh1KvsKkSelZjw74UArZN45eezb9YQfZ0-gdppas8Bq_wOuKgW3UbKafLvoUEI1nizyuzTViYxXod6O6DwX4pFFGPgaQaIq2mBmqRq1p_SBpCz61rnRMv7it0m6cpJ_Q4l5nJt1hx63Leh_9gfkBJU4NPEoAunk4dYKOuP5aPSNnyLqZ2dTMAhVD515Ef0w9LDU82-DzfQ0GBkihzReiMhTxulOcaoezwM1Gy0gVnPP8yksk5f6GPmL8T-aomq68uwyNj36bsqMiLTJkpKOdPX9gcbI47ZPg3kYqqCHQAoSVE5w0Tv7dLesLeZvg_kMf469HyPfzDkyycwAqTA5lzkcoIHr_IcvTgssskjPzbaVAbka0rpW_CPAU2FKk_oYzFr05cmAuWyfsabIsH4bukFREEonol8qJggiIigTkhXKBoFGPUAGs8C2ZRXmiNH_sBGa6sNEXIZ6bNXW0S5NbHWQcJp4UxgDaKQrp1rVwQ8e62LzW3ri8du036X7tiOJg17c9BL3wmt0gyskq9LzBYvCXS9vr_L2BiQRKUuJQow4OpZKSGhXi7aFkea-KHupKlQ4fLPF2uwZmzGq189XpG-1sMEtDGIng5IHQ76y_uv57nkqmST5kQmhs3lsp5QcDKSXXHVhIzWmoALPY-vRc8M1Osg_eS-xQcfsFvFO9pHOAy6sOyL2ARq4uphyzDIhJKvD7CMnqgnXkJz-Xmv9iMp1quQfgsIm81WIgQcqddTBuyS1K13ONgDcjZpUdo6YSScj5K9vIaV5eq4zvuEi_2Ohc27MTV5YswN2xZ_uYdBgpwqu4WonQQHKzM2ghkn2TbaOtRhY5-pQq_0nuyHY7DrhqZoI9vCgovV3cVv7zYcPvkLwgyItwa0ITLg_HHH_P_MIQaF_D8SnT1cK4IchEBHQDL53MU-fTGBBw6HC908usPYGu7o85g4fiLua7mMWb1RcDf7FYTvbMG_NkY6FMPtOwm8AEYkTMcZbPOccR4Y1veM99zC9zGDjedicLx0l1tQWoRsRHhIrw0lkI_35_lYN1tBkoSyRzkIOD3VP9bjS6WKDRdIZXposdZvJS9FgJwT8TykhfZVhz9nY5z1Nrkc729oJ-lGiNoC12Op4wtzofTYGY-pIB5xwegNE_7hWfoZ6nejPJQfYUZkc4fCFZ131Yth6Z2kJsz45kgqbjeBqxwY5OxdsIt3tCDKAzprxWYEY3c6zXt7Hfg6F2eokZF5glFo1zD36gyIUhTqaxWtWPamwEtBIrsv3VNYTtQo_t-2tREh5m35LmSbqZ7fuJMHAza5ffI-hfOKYzSt5xNKW26u6j6zAhxpoIeigfsigNEsNt9Q2S7jVFT8absePzNafVeMslSjsHEg0qrq5dJaLT76B2oY8ZVmrWEonXpyPWiElKUQZttFUt9Vmll1KAVBAxheDwv9uZS77zhnH-bX4p83XI9bxd--sF7bpJo2VlU-Dgtv3878Z-xzH7_umI-cdsvdrff2LYNhxSqxmAOO4tURX0aTxlODh3IFhkc_aSmiogjWcp7yM9er2kYPkYOX0xP6ohy&cid=CAASBORoJHk&rfl=2%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.203.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-203-141.compute-1.amazonaws.com
Software: /
Resource Hash: 1a9e28b1f5928ee9bf187989a89aaf2eb8fab197e0b514153d5673149ad884cb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 02112022-061643401-Diversity-in-Law-FY22_Ad1_728x90.png
s0.2mdn.net/10563084/ Frame C78C 62 KB
63 KB 20ms
20ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10563084/02112022-061643401-Diversity-in-Law-FY22_Ad1_728x90.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUvBi_xPZX3ECAVT2w36okNambF_wl2IUYjouDs_qdEoZgTvPNGzgqB9g5TNYV4UGA7hoqsyuRzI6u0QHX8GN2Ls81VblaNBhyUJn7PQxYiAPQRgSMJsM8Y_yDArEDHVU5SxnDXvRGz6mT_wkNhtG-1FIkCg&dbm_d=AKAmf-B6nuLcyPDaFMBK26ZdDWQ4wDttHUTY3RAtgIn3TCHWTgVtrYokPJZqThLyVVWqaWqCwemBGPRNN9EpSE5socQ_eMb5MwW5CvLXw0CgcS0X1JFn_9oSeHoVsDdOXseweuA14w9NrZBD7ecUlAIecD09K415INL8pxpsnqVMtHqLFn93BFQYErKIXOqXNIUeRkxi6UAvUvNRz_44E5wbwA0-lqdw4Bhj0cUJNVeT3GL59IbttmZcf_TOrNyrsnGbQeV0QCaXpCKLaz7rA8oGO-mZnaUKfRL9G91GVarb2a7F0DDtT-VGz5NwiqaEAE32oLNyATdVA85U8rm_WhrC_66sPtI2xAy8HAomkOUWzRZ5mmqjo62os5wRl449kqGn08m1u_qxM0TD0uNXhdQ48amPsfQxfdamElXzEzJ6CNMUDupG1nThUyWw2f5HRL6U_6qEhKp9JletVwFsmhDXsQF7M-7Yo8aUmxvnepSXpvpNCb_hAfluE6rsHzp2xUN5AJSqeYEdGL_qok7v1uqM3n6gaGU0PPqgIrYaZfIgIy3HQ-WABmoOkyFMapfb7AArnrJ8jBtTJxu_x7ZUAvfDQ-l7wdUOM_UcaOYZwvP6F47enucXAuTh4Uhzyrn8xQAZSe0NhtrRlu-lE8KbhdcRi7UnyL-2X7nVXv3NuOgfJJ-Sy9pQb1XBFG6pclsvSIMpG7_aIr0lkYz0ngfKiMxI6PIeH66noV9_Ipwpru31gfNOZE8tnYNeez1Nw96TFEptZ2faCAYFE_oQ0byaW00OhV2_rLSCUQS1M8CPhIkhazheQVhDtzJ0Gf6Z04PQ1L9IbooQp0_1UXUOlfB_xqpvaxNA0KH6M9S-tml0ZzQayeSvRF0HeODjZjy0IReyEJB31t2BJbn4eQlBy8Q7VLawJLKhNu4LPukMtOmfQTakAvuGNmY9iAub54n97OIjpgcNWcLf7JHZJCyfzgbYqUdbDJcM-B1HaWiCpLczgX4gh86avTvsHkqv_nMtEj-nL959nk5VWVW9xDEm9V-sEWFj9OOd0H7olo_AbD2-99e-TVNUCtGzG0TTZxPD5dM_NgHUo7qcEFGM0dFim4nyjVKOuInJqK5pofCrTuaWqXgNkoRlRLlJIwo6bkpLaV9pBEySXW14ytlFgn3Ob-IV7O-cHyXEtvtIc6YRqM-EOeT2jvBqbPADCa-ToXoBWbOYD3uYDB3-ZaN4UihuRN_ne8RO5Kp4majbxWWD-s2qoTXu8UPlj7Q95EndY2CkKPLIiicg3BCEr1ePq_WVnOadyof1BbGG1I1fitOWYzeBF1TtHOWnPpV-Si9GwcJj33zdISXT_EPJqpW8XDK7_DojxlcIacSXL_WFHReDu4RotBWRioKB6RcwFZrmn--aVCSe8wZcNRBW4HRHDvu52grL3Pp8pqBqmsnooNOrTZTud6C9dTqOh1KvsKkSelZjw74UArZN45eezb9YQfZ0-gdppas8Bq_wOuKgW3UbKafLvoUEI1nizyuzTViYxXod6O6DwX4pFFGPgaQaIq2mBmqRq1p_SBpCz61rnRMv7it0m6cpJ_Q4l5nJt1hx63Leh_9gfkBJU4NPEoAunk4dYKOuP5aPSNnyLqZ2dTMAhVD515Ef0w9LDU82-DzfQ0GBkihzReiMhTxulOcaoezwM1Gy0gVnPP8yksk5f6GPmL8T-aomq68uwyNj36bsqMiLTJkpKOdPX9gcbI47ZPg3kYqqCHQAoSVE5w0Tv7dLesLeZvg_kMf469HyPfzDkyycwAqTA5lzkcoIHr_IcvTgssskjPzbaVAbka0rpW_CPAU2FKk_oYzFr05cmAuWyfsabIsH4bukFREEonol8qJggiIigTkhXKBoFGPUAGs8C2ZRXmiNH_sBGa6sNEXIZ6bNXW0S5NbHWQcJp4UxgDaKQrp1rVwQ8e62LzW3ri8du036X7tiOJg17c9BL3wmt0gyskq9LzBYvCXS9vr_L2BiQRKUuJQow4OpZKSGhXi7aFkea-KHupKlQ4fLPF2uwZmzGq189XpG-1sMEtDGIng5IHQ76y_uv57nkqmST5kQmhs3lsp5QcDKSXXHVhIzWmoALPY-vRc8M1Osg_eS-xQcfsFvFO9pHOAy6sOyL2ARq4uphyzDIhJKvD7CMnqgnXkJz-Xmv9iMp1quQfgsIm81WIgQcqddTBuyS1K13ONgDcjZpUdo6YSScj5K9vIaV5eq4zvuEi_2Ohc27MTV5YswN2xZ_uYdBgpwqu4WonQQHKzM2ghkn2TbaOtRhY5-pQq_0nuyHY7DrhqZoI9vCgovV3cVv7zYcPvkLwgyItwa0ITLg_HHH_P_MIQaF_D8SnT1cK4IchEBHQDL53MU-fTGBBw6HC908usPYGu7o85g4fiLua7mMWb1RcDf7FYTvbMG_NkY6FMPtOwm8AEYkTMcZbPOccR4Y1veM99zC9zGDjedicLx0l1tQWoRsRHhIrw0lkI_35_lYN1tBkoSyRzkIOD3VP9bjS6WKDRdIZXposdZvJS9FgJwT8TykhfZVhz9nY5z1Nrkc729oJ-lGiNoC12Op4wtzofTYGY-pIB5xwegNE_7hWfoZ6nejPJQfYUZkc4fCFZ131Yth6Z2kJsz45kgqbjeBqxwY5OxdsIt3tCDKAzprxWYEY3c6zXt7Hfg6F2eokZF5glFo1zD36gyIUhTqaxWtWPamwEtBIrsv3VNYTtQo_t-2tREh5m35LmSbqZ7fuJMHAza5ffI-hfOKYzSt5xNKW26u6j6zAhxpoIeigfsigNEsNt9Q2S7jVFT8absePzNafVeMslSjsHEg0qrq5dJaLT76B2oY8ZVmrWEonXpyPWiElKUQZttFUt9Vmll1KAVBAxheDwv9uZS77zhnH-bX4p83XI9bxd--sF7bpJo2VlU-Dgtv3878Z-xzH7_umI-cdsvdrff2LYNhxSqxmAOO4tURX0aTxlODh3IFhkc_aSmiogjWcp7yM9er2kYPkYOX0xP6ohy&cid=CAASBORoJHk&rfl=2%2Chttps%253A%252F%252Fpogoda.ukraine-ru.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8c6f72e1e80233ca6a77818f68a9be4e8c56c33e6893bfdc570d85cbad73d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 01:38:30 GMT
x-content-type-options: nosniff
age: 4181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63998
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 14:16:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Mar 2022 01:38:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame C78C 25 KB
9 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:42:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/ Frame C78C 8 KB
3 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220302/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:46:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C78C 0
24 B 91ms
90ms Ping
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJakZjHR9-oRud3-FWfGK3wT1SyAGxRPoVYNpl8ZOYfrRwzqTS8287JmGgZXTN1mDXfOJ9_PoT_fuVmyUS96KCY_l_APcFgDQzvj3brht4SAiJkZ45Ju7Ah1SvVoIOGVnQvCEl3QHza0fpTXA0V18A0-Qzmpebh_1JGe074f8rcQXkD-c8apZ9Uc2ENVe_IsgpUFjfKmGdVmARBgPCY2UxSe4u1ts-toxJDgk6aHiTyzmh9dqaIbHz2tlugWITfz1r7JjCQ5d4p4YjDZNLgwVR6c_qCOoJ1pdCjtKQ5moF7FWwiUF4UVUZFszEtSv0_HMfFMALK37VYChshCgnmr8jJzSV0AQBXkQbe5nv35OoM4sXRed7FlrBDF0jPG1skeZ0JxCO5LU-REn9mP-_ub6dfp_Zm9phJRDuExaaIMqN3r9mA8uKeLdnL9m383iQZAhYhrl8dQhzykn86RruTUwLtaMVO7uuwSgm4xbBLXX5_iOOtXPLbmvGTaf-fE5J83KMlIZMFF8ADmSZz4HvY_4J2AEeCU4sDJlbWLl8DzU_mm3pf-hD2MuxdHQoK5WfbemKRUTcwyotxdz8YjJYxNGi0Yc-YvaDx7yVRQsUGBENW_Z_JgMuJU30SGPxBd_2O72k9HFjoieKO7kchcUNoAbv84IG3qTwHgvFXhaRn7PPhIy0CU8_RMFDQVnLAzLkc75WwDQ8JSMNUaQKAJXaeJMg6GzsT_Du9ar9YjVKEhVZ2taR1b8FUjteX6UX2T8JOQe2ZeFQCH7awz07w99Dzr8XcUR60V0MwgBQgPU7WyzDGbww3TpzjMCM79scvQgycNHQlbzShQjGYCsKFmAE6LCkeYDSr9oU7woAWDnkJv0j_iZ1pbl7ChahQdJLBJZX3f4t7Y57zHW5_JtefTEZRbYZgS_yg8mMsLdkxI7KSQDm1pVlxlg4mA-hP9Fu1TfknqpUAYKEoijAkUpr1amjszBTXooUtVYE6VRGFTIpCsLJ7VjbH5Ggz08TExE02-gkbU6W5r04th0iMeicFbIHe7lut07tPQ1Z8A2PkvAiCre_KEJNzHjem6rE9S7iBVVpWmEWV_z735Qd6aPY10rPbVfDwlCiILKmU4SIElir5-I2pPArtugvRqljCCnPdJV8Dk-DKJu7PI0kMoK-&sai=AMfl-YQ7-0UlSxKMMlE5Ze-EDEhUyF2EFd0t9b7edwVqdj34MjB4pKmJLz_whbqNfZPun48LauUMi6OlmTyA0BebeqSx9-qDw9fuOXQY2fFvCygftYU3KWeP7Xm0NKcqToIjy6md&sig=Cg0ArKJSzMnbmGi6KCsHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220302.04533&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 07 Mar 2022 02:48:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C78C 41 KB
15 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 06:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 06:10:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 624E 8 KB
892 B 66ms
38ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 01:29:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 02:48:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 624E 2 KB
904 B 19ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:29:26 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/ Frame 624E 19 KB
8 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:52 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 624E 2 KB
1 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 624E 124 KB
38 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 02:48:11 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/ Frame 624E 15 KB
6 KB 20ms
18ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:45:47 GMT

GET
H3 200 1983f1322954a331c3caffc9609329fe.js Show response
www.gstatic.com/mysidia/ Frame 624E 28 KB
12 KB 46ms
20ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1983f1322954a331c3caffc9609329fe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 17:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11765
x-xss-protection: 0
last-modified: Sat, 26 Feb 2022 02:02:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 17:35:20 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C78C 0
23 B 83ms
82ms Ping
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 main.gr.19.8.289.js Show response
static.adsafeprotected.com/ Frame C78C 189 KB
60 KB 19ms
18ms Script
application/javascript 2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/775912/56026695/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:07:08 GMT
content-encoding: gzip
age: 1676465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Feb 2022 16:52:16 GMT
server: AmazonS3
etag: W/"e894d9dd87d5e06b21396e04a0c29127"
vary: Accept-Encoding
x-amz-version-id: QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: 0SJI9eREqvOaN60h7TFM6GOYmVn8q9Po9u1uhOto8CpyF5PMKeLWlQ==

GET
DATA 200
OK truncated
/ Frame C78C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef61658d532441f352633739915dcbd6f019d38788f3bc9f0f38ea3c0936f67

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
215 B 24ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KvA4,pingTime:-10,time:852,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1646621292167%7C%7C9bf3b2e33105729d344de7d778ef9ab6%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cf231fb806406b381f39e5dc3be922a6c%7C%7Cd8ff4c5d2b8213fb4f528e8a40676364%7C%7C0c50358ab81297bf4f8272919db1117a%7C%7Cbb7cb46ce514473f7d10d1ac15b7b3bb%7C%7Cc07bf81403123a3f7ae63bb80a65fb0f%7C%7C1629390669,im:%7Bimprf:%7Bttecl:655,ecd:22,tsecr:157%7D%7D%7D
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA16 22 KB
8 KB 20ms
19ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Mar 2022 06:10:58 GMT
expires: Wed, 01 Mar 2023 06:10:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 506234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widgets-batch.js Show response
w.uptolike.com/widgets/v1/ Frame 9E53 446 B
673 B 141ms
139ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTI0OTM2OCUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcG9nb2RhLnVrcmFpbmUtcnUubmV0JTJGJTIyJTdEJTVE&mode=0&callback=callback__utl_cb_share_1646621292253494
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9dbba2eb0519fde36f42111e19202d5ce8dcec7dab9af1e65633370c02eef7bb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 Jan 2022 08:03:17 GMT

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/ Frame AF2F 0
154 B 136ms
135ms Image
text/plain 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/imp?pid=1249368&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&vp=296dc558-8359-42dc-acdc-3369992493dc&ttl=JUQwJTlGJUQwJUJFJUQwJUIzJUQwJUJFJUQwJUI0JUQwJUIwJTIwJUQwJUIyJTIwJUQwJUEzJUQwJUJBJUQxJTgwJUQwJUIwJUQwJUI4JUQwJUJEJUQwJUI1LiUyMCVEMCU5RiVEMSU4MCVEMCVCRSVEMCVCMyVEMCVCRCVEMCVCRSVEMCVCNyUyMCVEMCVCRiVEMCVCRSVEMCVCMyVEMCVCRSVEMCVCNCVEMSU4QiUyMCVEMCVCRCVEMCVCMCUyMCVEMCVCNCVEMCVCMiVEMCVCNSUyMCVEMCVCRCVEMCVCNSVEMCVCNCVEMCVCNSVEMCVCQiVEMCVCOC4lMjAlRTIlODAlOTMlMjAlRDAlQTMlRDAlQkElRDElODAlRDAlQjAlRDAlQjglRDAlQkQlRDAlQjAlMjAlRDAlQkYlRDAlQkUtJUQxJTgwJUQxJTgzJUQxJTgxJUQxJTgxJUQwJUJBJUQwJUI4&rnd=0.17883013801435732
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?5e5f39385e9edc9f82706afd51e24398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Mar 2022 02:48:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C57 35 KB
13 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:57:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61D6 0
20 B 86ms
85ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Birm5a3IlYsPnCryXoPMP9cSNkAwAAAAAOAHgBAI&bg=!n5ylnNjNAAb7UztL-1M7ACkAdvg8WvAQuylRaRrxF2G7i-d_qTZgDknl0Ab2Xlj5b0Bbcyo6zlAMhQIAAAJWUgAAAAVoAQeZAshPO0xOvVsvZ139BSRFcjpYXMuSSyL3wCh7jdICXYkupB8ps5xLyM1mKj-pCt2H9Cha9hDu1dYBLZCnkcerQKe1h-xFmyWRtFE8osukPqggdMrHbhk-b9F1ItVur-2DAid6H3kT63Z4ted26GVcKgEGdBNGBswLK--PTsPlKhNqNPaPFw-TH2mkpZCcXTEEoLpGNl4vQYC-bXDz8xw19GayZrFoY_qYlXdDNpvyJX8qj6ZIGRFIvn5CbMXQlD-V1VnWxRJ6iKPNQDzGmAncXQ0shsfYAKJd_hJdmcS5k0ofX7LVyg8hmU34U9S3YAAcqoy18Rc1tY0ASoeXMcw5MKPQW3v3tGtotN1W6iQGLU5SMnf3-ejzCj00x1AyINvmK8k2PSA1E0GH1U_mnGqZNX_6BIiVMA5wnFSoSf7vQPS4o3FOxMiKbzO-PFBK4RRTsdTy3uHw720Rb68pgazcFEOpylK9fjSY04DhuMi8TJqPqH_pYpaoMPn9OpzDl4TXfiWmflODOeWYJBZEk5XL4jo44CZQ5NHNvLHSMLF8ke-1FhEwI9tn33U3iEQlgQNtlWYM_kaRiE6g27iZwYNy1L8j4TMEgW3lGJ0775id5qEF9oROjYq08bpxJBGFy4oy8jMOrwYu1qJFr6BOLkw7PrXFrWI6k0XOeTn_ORFn2g823oyjx5Z7vleXPvrUrkrKMlbesMbRskLnTHod2aBmXyRBC_JaHGB5xQJCXs9AKy11KupDFnlMV5mAgZvCUiq_kespDBhLgLbGi-KczvEYtDdEs3E3wuy-CJG3zRKhC1IZNwA3OqMfcyvyuTryMCgVicIwnZKKrB4yBxpXjXtD_YxB4RUgPwjP6I615wFYiI8BP2XuhtSbb4ROnvL2H_mxB-bumPjCtDZE25Zbfc9DMwi2lj_b8I6erWak2ZMG2QPFWHPviTLp8VtE

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E35 0
20 B 83ms
83ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhJZZa3IlYtrnBeqEoPMPt4SEWAAAAAA4AeAEAg&bg=!VFelVxPNAAb7UztL-1M7ACkAdvg8WsKwVL4ioLGpghoQTUawfq9tWGLCziPqJSo6h4DD6xz4C4UDLQIAAAKLUgAAAAJoAQcKAF3DaoJVdOBEVNTeBuxh8UnfHWXCKYTGTgVIr5TgL-Wbkhx-dfH4MLY0GRnQGQzuRcUMLhzAxTir12PA2SaaLO9pxJHB9yZf8ogs5eZTwu3JML3mu8BVGANA_pQgY0uZAtp1ySc7b0Id8FlxJ2E7iuEmVm5tqqRLbe5y0CXtoXz1WKkN_Wbws98aL9MZS2Pc_sRXHmeCDEP1Sd9dE071Ne4LZEiWz2vCJb8ANL0fzGtcO3nvvzW1lC0B6DTjB3EQIQfccVpIxwdM7Il7bJrGXFv0IKEi6HQO3r3F2E_ekGrfLk7H0NyAvheVoeGyuRgo-E3_q2qojCCpAwpakqqIpfcXkNoytxDGXzPcqyLZInNN5IEXBp2DbsQaA8TMFoN7eGYY8Y0uBeFJdTLGL-iH8ppRAZom9Fr1dm0_KNYW871Gxq76jg-01IBNtx6FNuimxPzteXf-YYG9KcdQ0Dw5atIA_X4VGHD03rV5oRQoPwwDjVLfaFXeV1fvp3Vu-RBFLxnik4Qv937Tw5H_lHdP-IxEwyQIvxSs6VglTBwbwva1xPFWATF3iWa4_viDaAeALVLw_RomcD_DiGvYiYpLZ_gMO9dytSau03QaxC15G1plH0naScuShMTvFF3pI3J_RkR3lH8iz8TFzDsFb15u5KMB35v1TH_RqhUPOltnyWKc4IsFY2V_6Tf1oKKwpPvn_aGdzpt5tZdO5m17HHK59ptmZA_Y8iUzRmhETR2hzG0awcj7R4wGuh7K9PRGsch9gbSpEtfYAiJakGGFia6bPyfUqg4J2rrXFB5WqYj2fgGChSOHz2BkF17XSoIjZVZpkFXYLa2YEgcD9hpuDI-XqX1BjNfMsRnepL2TsbMzBM1xQkXm9IA7AvOvHpwhspasbZGal1GmNzIIO11myJDZ3oQcgMGq_2AAaVYzq37Ym2F14Ia-02atuaH6_peyU37O5TdZkgjMR9eGOTrsVosjmdqmesV0eg1A42TD6qU2_19SwAGSI8RXhnw2ZD9tDIfdJdhnez94Hb60Ha_e_JcHTgJ193np04Bb6XYhUEGrISzNn2ZloXjL3Xh9KUDVd50jlBCifLJSrJYRs7CU

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame C78C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/775912/56026695/skeleton.js?adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&adsafe_type=c&adsafe...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

19ms
19ms

Script
application/javascript

2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:58:44 GMT
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
age: 8923769
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: E4AhzEVrtX8goCkubQ2pq_9j-MUmUoeQh6X4S_T5QmHwVajWC2yrIw==

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: app11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 3EBB 80 KB
21 KB 20ms
20ms Script
application/javascript 2600:9000:202c:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:16:10 GMT
content-encoding: gzip
age: 8638323
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 70afbe31994f2c69bf2f10f0b46f4736.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: EWR52-C2
content-type: application/javascript
x-amz-cf-id: DA2GtfgPQjYqxUwuY6q4dqxNXHdQ7-Sh4OFVwZAlRu1QK2HUJnq82A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 235F 43 B
215 B 25ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=41a57368-a9d3-eaac-c931-59d4b78e8559&tv=%7Bc:68KvCx,time:929,type:e,im:%7Bimprf:%7Bttecl:556,ecd:22,tsecr:157%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:930,n:203,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:131,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~728.90%5D%7D%7D,%7Bsl:o,t:203,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B726~0%5D,as:%5B726~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:171,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14*.775912-56026695%7C141%7C142%7C151%7C171.775912-56026695,idMap:14*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 24ms
23ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KvCA,pingTime:-3,time:233,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:215%7D,%7Bpiv:0,vs:o,r:l,t:233%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:233,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn8kX+11%7C12%7C131%7C132%7C133%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 25ms
25ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KvCB,pingTime:-6,time:234,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:234,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn8kX+11%7C12%7C131%7C132%7C133%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:pogoda.ukraine-ru.net*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame DA16 35 KB
13 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:57:40 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 24ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KvDP,pingTime:-2,time:310,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:165,bdZ:195,beA:350,beZ:352,mfA:559,cmA:559,inA:559,inZ:560,prA:560,prZ:563,si:566,poA:566,poZ:575,cmZ:575,mfZ:575,loA:584,loZ:585,ltA:659,ltZ:659%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:215%7D,%7Bpiv:0,vs:o,r:l,t:233%7D,%7Bpiv:93,vs:i,r:,t:309%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1,o:309,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D,%7Bsl:i,t:309,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:93,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~75%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14.775912-56026695%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:93,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 139ms
138ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.43061332622737347
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e6972fe2e229ab6115456a139aa95cd8ba67c16ff866efcc1bd6e0cce6407c91

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 02:48:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Fri, 28 Jan 2022 08:03:17 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 138 KB
49 KB 489ms
239ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6b46d7edaed26c86cdde5fa704c1de8ca48ea8dfd6ef764f20cec656fcb1f9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:12 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-c3c1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50113
expires: Mon, 07 Mar 2022 03:48:12 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAA0 42 B
64 B 107ms
80ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXGci4pWy0NlaWu-ycM3X8e2u1cxaxBhXCUQ4Gr2y-ZinsrjctVnOvHVar-HUbhVb1Ye5BnT-Bct_w4PxyekyDz0AgrfizuNgCZg8fI6R91nNsk_A&sai=AMfl-YTNd7WdvN2yKAQbei-6Se4fOnP30fnfI_f2SRXOk46aAXjAGwU7FrAEsydTFs27D07FHhBDcQVTCb1b&sig=Cg0ArKJSzJwmEQXChlswEAE&cid=CAASBORoLbE&id=lidar2&mcvt=1005&p=0,0,90,728&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3124643992&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646621287668&rpt=3768&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 25ms
25ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KvG0,time:445,type:e,im:%7Bimprf:%7Bttecl:546,ecd:20,tsecr:34%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:137,o:309,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D,%7Bsl:i,t:309,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:93,obst:0,th:0,reas:,bkn:%7Bpiv:%5B137~75%5D,as:%5B137~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:66,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14.775912-56026695%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 235F 43 B
215 B 25ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=41a57368-a9d3-eaac-c931-59d4b78e8559&tv=%7Bc:68KvG3,pingTime:-10,time:1147,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1646621292167%7C%7C9bf3b2e33105729d344de7d778ef9ab6%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cf231fb806406b381f39e5dc3be922a6c%7C%7Cd8ff4c5d2b8213fb4f528e8a40676364%7C%7C0c50358ab81297bf4f8272919db1117a%7C%7Cbb7cb46ce514473f7d10d1ac15b7b3bb%7C%7Cc07bf81403123a3f7ae63bb80a65fb0f%7C%7C1629390669,sca:%7Bspg:9004f30d-f87f-ac22-8ae8-02fc56651199%7D%7D
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EEF5 42 B
64 B 81ms
80ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssybGe4leerdTh3Q7aJgskELAlIE3cLe0VYrgMNPnBLQbLauyW4v42o46-Dxd0QONQjxtUU9fe72or0uRJRCj3Hu7kfxDI8M1VcrBveQ4B1csLiqvA&sai=AMfl-YSwldKbhc-RL46vour5KtVwp3Ie-HgzmanyaFEEbQYfQD2nO2ByxW1WjDDyFh89LbJI3MvuuE1FuP8V&sig=Cg0ArKJSzOathVzD_xo3EAE&id=lidar2&mcvt=1003&p=0,0,520,260&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=871599438&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646621287679&rpt=3798&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA16 0
20 B 83ms
82ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6tmca3IlYrffL-jY_gSR7b4YAAAAADgB4AQC&bg=!DwylDEjNAAb7UztL-1M7ACkAdvg8Wo_Eunoo5q-Oyvk-MOqBBh1GINCyaOAPrYuizRznstcMGwWmIgIAAABzUgAAAAFoAQeZAunMwlXygQJIXeY7MGN5u3KDKn6goHUBi9a1t8ctjOOUBCTvWMUhAof4A0Z6ROuFGYIQAbYa0zKZw8Y-7o86JSuM932U2iJzP9lYdPXjtzTlA4vdS8tYBJLm6ILwN8_jCWYaUmPBFqa5zZ0fiJ8nL5W1re54hBVj9nPBe7Nfi4KqvsjXsLJiw5EVHVBm_Mj4eVVXZRbbmJfQ2pubGKIL43h3wHIr2OOenN_093LNkGbBGK7nAyzbX7-E1Rjp1ruhXzfN-1hyKGcd4hqKr-sACxiprVRlLg29iDp9MG1HtHDbqgEHuoC2GGRzr-KNtWXKJ-8DmybO4JFYd2KlwTEPxDbLGGIx95WQ5LrYxjJqjMrloyoa4MnNXOaHie_IjykaEcwozeROGdLy8Zabz3nUzW_pfkreGFue8xC0sJRw0uD0B7gNgf5m73-xG6SWa3KSaBZocSJZUrDrhbRpOWWGB6YaNXXn9v1gQaVvai2Smbl0XzQPBeZyt5cWdX2S5QLs97oAxDTOHpASSbiPVH_9DHXhoMZ9eYDdculiGHD3hoDFeNTLE7wL3ZsUCMmYwnswxi2rRvGcnch2Cv-n2zy-bL5ulLGuyIXfnybei59OXfDw59M-92qb8H-2tMo6nE2ILbk5V4bMl6KmbEJjPV5FtiYFO9SWCwodnQJGBKM2KetqmNDMQO_KlB_jh_MnCH_MUSdE7yIbRGkn5a7IfFnhILmSLXPva4encyZIjHMJs9zD141wxz7Q35B4bMKLlG00d3VtSHbPIBOB59DaP3xL3bh5MqM_w68aTu0wJ7iImF62YPA2GYwvgtzzwoTlKOAE4qD6vA4jPCc0TpTLJeyOcw6cFWRLNvk1mas4Ubk0Zo9Gy9LzOUUMHeAlIicgud8ci98WxhURL9hJPy7FZ2bE0woMsu6oSykt2TO3InQ1oFFuWzQU5djB1_zPeRqRJmBRpthgQiYvHwrLeijdPBLrTfAnIUXD0tBvA2al

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
jaclick.ru/plus1/ 169 KB
48 KB 961ms
675ms Script
application/javascript 62.109.14.161
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jaclick.ru/plus1/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.43061332622737347

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.109.14.161 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta1007.ru

Software

nginx/1.13.12 /

Resource Hash

ff3f6c8ea2d933878cae4b55c8a5215ed65cbdd642fc80c1537a98b4c0828b20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Monday, 07-Mar-2022 02:48:13 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK / Show response
grsync.ru/cdn/ 0
319 B 435ms
146ms Script
application/javascript 92.63.105.49
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://grsync.ru/cdn/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.43061332622737347

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.63.105.49 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta1010.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:12 GMT
Last-Modified: Monday, 07-Mar-2022 02:48:12 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 smart.js Show response
static.tnsis.ru/c82up/ 7 B
490 B 487ms
122ms Script
text/javascript 95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tnsis.ru/c82up/smart.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.43061332622737347
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 60717a8b680e2f85643d933cd76a6e7e0024988f5158a8e127874ff9a8c229a3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:12 GMT
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 640 B
884 B 469ms
134ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.43061332622737347
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 Moscow, Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: 39c32ee4b19843246e5bf0526d2f07eb822d991fd791879d707c5b7f80e5c21a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:12 GMT
Last-Modified: Wed, 02 Mar 2022 12:59:04 GMT
Server: nginx
ETag: "621f6a18-280"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 640

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
215 B 24ms
23ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KvII,pingTime:1,time:1388,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:187%7D,%7Bpiv:0,vs:o,r:l,t:267%7D,%7Bpiv:100,vs:i,r:,t:387%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:387,n:267,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~1,0~0%5D,as:%5B92~728.90%5D%7D%7D,%7Bsl:o,t:267,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B120~0%5D,as:%5B121~728.90%5D%7D%7D,%7Bsl:i,t:387,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:104,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C14.775912-56026695%7C141%7C142%7C151%7C171.775912-56026695,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
215 B 25ms
25ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KvIJ,pingTime:1,time:1389,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:187%7D,%7Bpiv:0,vs:o,r:l,t:267%7D,%7Bpiv:100,vs:i,r:,t:387%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:387,n:267,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~1,0~0%5D,as:%5B92~728.90%5D%7D%7D,%7Bsl:o,t:267,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B120~0%5D,as:%5B121~728.90%5D%7D%7D,%7Bsl:i,t:387,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:104,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C14.775912-56026695%7C141%7C142%7C151%7C171.775912-56026695,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:12 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

1 Show response
mc.yandex.ru/watch/23414332/
Redirect Chain

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A2235%3Afu%3A0%3Aen%3Awindo...
https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A2235%3Afu%3A0%3Aen%3Awin...

338 B
420 B

121ms
120ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A2235%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1476245222866%3Ahid%3A671692303%3Az%3A0%3Ai%3A20220307024813%3Aet%3A1646621293%3Ac%3A1%3Arn%3A555998305%3Arqn%3A1%3Au%3A1646621293817914484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646621285216%3Ads%3A0%2C398%2C165%2C1%2C1051%2C0%2C%2C685%2C1%2C%2C%2C%2C2302%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646621293%3At%3A%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%B4%D0%B2%D0%B5%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D0%B8.%20%E2%80%93%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%20%D0%BF%D0%BE-%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a7c903ebbabe3502c6801ec011f80f449816f2f6229352199ed336fae7887544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 07-Mar-2022 02:48:13 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pogoda.ukraine-ru.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 07-Mar-2022 02:48:13 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:13 GMT
last-modified: Mon, 07-Mar-2022 02:48:13 GMT
location: /watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A2235%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1476245222866%3Ahid%3A671692303%3Az%3A0%3Ai%3A20220307024813%3Aet%3A1646621293%3Ac%3A1%3Arn%3A555998305%3Arqn%3A1%3Au%3A1646621293817914484%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646621285216%3Ads%3A0%2C398%2C165%2C1%2C1051%2C0%2C%2C685%2C1%2C%2C%2C%2C2302%3Aco%3A0%3Arqnl%3A1%3Ast%3A1646621293%3At%3A%D0%9F%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D1%8B%20%D0%BD%D0%B0%20%D0%B4%D0%B2%D0%B5%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D0%B8.%20%E2%80%93%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%20%D0%BF%D0%BE-%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://pogoda.ukraine-ru.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 07-Mar-2022 02:48:13 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 120ms
120ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:13 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Mar 2022 03:48:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C78C 42 B
64 B 80ms
80ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMD7YiomhtYhcYAEAW10gUI6qjY9Ig7Qgfeit7NvNHQeWAGMcUWG7phcqx9pxqRcDJU1Pm55k__XMLg-0RVPy0xpkmTeZCnODjsoEVIDBvd6CMm2U&sai=AMfl-YTxAaPO3h866hfWURXmCrwR-YY28SmnZ5WoLV9iVxpbYoJGiQEymTzcdLvEJSRMISrDLwnfTFMsjJxu&sig=Cg0ArKJSzOQhmXzxmya0EAE&cid=CAASBORoJHk&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=699,1000,1000,1000,1000&tos=699,301,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646621291742&rpt=514&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 24ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KvTX,pingTime:1,time:1310,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:215%7D,%7Bpiv:0,vs:o,r:l,t:233%7D,%7Bpiv:93,vs:i,r:,t:309%7D,%7Bpiv:100,t:510%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:309,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D,%7Bsl:i,t:309,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,800~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:29,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14.775912-56026695%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:13 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 share.php Show response
vk.com/ Frame 9E53 21 B
478 B 396ms
139ms Script
text/html 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&callback=callback__utl_cb_share_1646621293419350

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.110355

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:13 GMT
content-encoding: gzip
x-frontend: front512005
server: kittenx
x-powered-by: KPHP/7.4.110355
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 share.php Show response
vk.com/ Frame 9E53 21 B
479 B 395ms
138ms Script
text/html 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1646621293419598

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.110355

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:13 GMT
content-encoding: gzip
x-frontend: front512005
server: kittenx
x-powered-by: KPHP/7.4.110355
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 dk Show response
connect.ok.ru/ Frame 9E53 25 B
2 KB 721ms
138ms Script
application/javascript 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fpogoda.ukraine-ru.net&callback=callback__utl_cb_share_1646621293420960

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:14 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dk Show response
connect.ok.ru/ Frame 9E53 25 B
2 KB 746ms
164ms Script
application/javascript 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fpogoda.ukraine-ru.net%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1646621293420141

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

1ceec8e1180b36a40742677a5e18cb3c7c441cede741dd89342255ac52826d19

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:14 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 9E53 88 B
675 B 751ms
133ms Script
text/javascript 94.100.180.54
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit125&url_list=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&callback=callback__utl_cb_share_1646621293420776

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.54 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

21560ea16cf5a3427a8bf69c02cd13bbd3fcea600ca0b0de2763c453e5bee8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 88
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 9E53 98 B
685 B 762ms
141ms Script
text/javascript 94.100.180.54
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit490&url_list=https%3A%2F%2Fpogoda.ukraine-ru.net%2F%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1646621293420960

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.54 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

819689308bdd95f69396d8a8699979d734cb938929283c830ec9063a49bbfdbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 02:48:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 98
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 9E53 91 B
337 B 98ms
29ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F&callback=callback__utl_cb_share_1646621293421349

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c9e9166a40b44f7fb807b5a878664e462a98137031b49c13d63b4ea66e4db553

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:13 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
x-pinterest-rid: 9594575288281364
content-length: 91
expires: Mon, 07 Mar 2022 03:03:13 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 9E53 101 B
151 B 98ms
29ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1646621293421216

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2769d490f3a5d4cb202fd385c3fcd376a0591bb5ed09f343f716f09f38419ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:13 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1147790253559477
content-length: 101
expires: Mon, 07 Mar 2022 03:03:13 GMT

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame 1518 14 KB
4 KB 140ms
138ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=5e5f39385e9edc9f82706afd51e24398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

Server: nginx
Date: Mon, 07 Mar 2022 02:48:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Mon, 07 Mar 2022 03:18:13 GMT
Content-Encoding: gzip

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 24ms
23ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KvVE,pingTime:-10,time:1415,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1646621292167%7C%7C9bf3b2e33105729d344de7d778ef9ab6%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cf231fb806406b381f39e5dc3be922a6c%7C%7Cd8ff4c5d2b8213fb4f528e8a40676364%7C%7C0c50358ab81297bf4f8272919db1117a%7C%7Cbb7cb46ce514473f7d10d1ac15b7b3bb%7C%7Cc07bf81403123a3f7ae63bb80a65fb0f%7C%7C1629390669,sca:%7Bspg:9004f30d-f87f-ac22-8ae8-02fc56651199%7D%7D
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:13 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 24ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KvXb,pingTime:1,time:1510,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:215%7D,%7Bpiv:0,vs:o,r:l,t:233%7D,%7Bpiv:93,vs:i,r:,t:309%7D,%7Bpiv:100,t:510%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1201,o:309,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D,%7Bsl:i,t:309,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,1000~100%5D,as:%5B1201~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:26,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14.775912-56026695%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: pogoda.ukraine-ru.net
URL: https://pogoda.ukraine-ru.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:13 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 48ms
47ms XHR
application/json 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220302&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9f6f8fba1b29955ee07e0a69434aa6b8a664dd6f934ae007f650172e7b13f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10527
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
70ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 02:48:13 GMT

GET
H2

200

/
best.aliexpress.com/ Frame A9A0
Redirect Chain

https://s.click.aliexpress.com/e/_9yIqiT
https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=...
https://www.aliexpress.com/?aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf9929a1118b4...
https://best.aliexpress.com/?lan=en&aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf992...

0
0

148ms
36ms

Document
text/html

96.6.28.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/?lan=en&aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&terminal_id=e970e18111804f63b601b05cf02bc3c3

Requested by

Host: jaclick.ru
URL: https://jaclick.ru/plus1/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.6.28.196 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-6-28-196.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

content-type: text/html;charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
x-application-context: ae-traffic-affiliateweb-f:prod,us:7001
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
content-language: en-US
content-encoding: gzip
server: Tengine/Aserver
eagleeye-traceid: 0bb0622f16466209618658689eb2fb
timing-allow-origin: *
content-length: 15266
date: Mon, 07 Mar 2022 02:48:14 GMT

Redirect headers

p3p: CP="CAO PSA OUR"
x-application-context: global-biz-gateway:9901
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
location: https://best.aliexpress.com?lan=en&aff_fcid=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&tt=CPS_NORMAL&aff_fsk=_9yIqiT&aff_platform=portals-promotion&sk=_9yIqiT&aff_trace_key=bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT&terminal_id=e970e18111804f63b601b05cf02bc3c3
access-control-allow-origin: https://hz.aliexpress.com
eagleeye-traceid: 210318d116466212947517824e4d49
timing-allow-origin: *
date: Mon, 07 Mar 2022 02:48:14 GMT
link: <https://g.alicdn.com>;rel="preconnect",<https://i.alicdn.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://wp.aliexpress.com>;rel="preconnect",<https://img.alicdn.com>;rel="preconnect" <https://assets.alicdn.com>;rel="preconnect",<https://ae01.alicdn.com>;rel="preconnect"
server-timing: edge; dur=2 origin; dur=32 cdn-cache; desc=MISS
x-akamai-fwd-auth-sha: 67D5B4BACFBE53DCF8DC18A21F42B450D3A7F0AB8BFB435F79D1E36421252483
x-akamai-fwd-auth-data: 1418489267, 23.36.1.95, 1646621294, 149.56.153.185
x-akamai-fwd-auth-sign: qTRUrI1SSfI3t+DPAki17STKyC6NfAgdqJJsbgxM7Xpj06bNi4F83N+Y5yiY8kdwKmT5Q6Q9IVXSFfkV41SfYAHYCsPE4LeHJLjWj2mcQXg=

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CEE0 13 KB
5 KB 19ms
19ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Mar 2022 19:35:35 GMT
expires: Sun, 05 Mar 2023 19:35:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 112358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9BEA 783 B
536 B 71ms
38ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4ac3a8222b1e8ebbe15618fbc7ec898c0565460924c276bd97f530e68357ada

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FMGqlmxE3A+1hz08ZuL4pQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Mar 2022 02:48:13 GMT
date: Mon, 07 Mar 2022 02:48:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FMGqlmxE3A+1hz08ZuL4pQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame CEE0 35 KB
13 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:57:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 20:57:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9BEA 0
0 82ms
81ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220302&jk=1756453267620691&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CEE0 0
9 B 19ms
19ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EL-47A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 02:48:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 204
No Content upd Show response
w.uptolike.com/widgets/v1/ Frame 9E53 0
154 B 138ms
138ms Script
text/plain 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/upd?id=ok&pid=1249368&url=https%3A%2F%2Fpogoda.ukraine-ru.net%2F%3F_utl_t%3Dok&c=1&callback=callback__utl_cb_share_1646621294169711
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?5e5f39385e9edc9f82706afd51e24398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 07 Mar 2022 02:48:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 82ms
82ms Image
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220302&jk=1756453267620691&bg=!HxylHFjNAAb7UztL-1M7ACkAdvg8WoRuowwpL6vT5X8p-41Fm6OB4nmrOGKXD-ChUWH8iujvxWtKzQIAAABlUgAAAAJoAQcKAI3PJ8SM22VsVjEg20-z_vLBOhau2ZXgev032HRfDg38fQQHFm3aOju-97XRq61_cLOe0qRBjZmSuAqQMKPl-uaALGC_2Myeyk6bpr6iBzSfzBlELY25lsB7eCSUQWMfJ5XLLtkV73egmbLdBDSOm6kHAHF7xrf7XsN-xY4BMbvSecKU9lHvNls5fBKIa-6ZAqBJ16zybE6Vdn4if9NVJTNgyBq3FfMaExe5qIGyowV-HZYr8YcUxg1q_Uero6PDmtnxjUmoYYNTrAARFXPY8jza85Ip11khjeKDU1SctMfFjzGgUrqVEYjQjKmoYulVcPjrbZwF4y4fiHRMPWqv6Cfn4VuK5PJ0UwWCxgL1lsoBmHffOfjJPBtr9GYR3Gtz5Z2JeulOG27jj4YELKyfQ__2RS0eV2oZ4KAGYtlZSINuoLnM-9jvfrat4kg1AcUMYolt7VOcMYn8sDK1y22p_Jr97wZQkfi3hwsHlp9ctCMKwhRHyw-ZcJsEvu0-FCVS8x2q5c-9mifeu_47O1gfZu40tBqsQsx8-MGSujJcwC7qcWuwq_e0A6LqcvwLWpC2aH_wujM7l6nxide3qJV6TakLO4d4KgPZZGdVbtVBHMJzoPaRs-FqzvI9Q-UbOMXFWeLnLpEvf_Md9qYUxRnMoqT0yjlSalr41FGZMKghClccW0RHvo9SBWYFz-eDP9yw8wUcrSXqH5l9iOGrwrTZaqBwOg8ggY0F9zmzwfUupigEAV7Dka19dX1B-_Fw3US8VWYurcnndtDETRWqaljJICzP_NHhXovFQQQG63aFohEk_tnxzvcehzleXQoMmaGgRmGuDy1eRd-KSZxkJwZW7l2UI6ZL7GdaygiWm0xvA4C2Yuy7tDEcJAqaTVuqlEXefu2LbMqqLT_XV33BbitCrp-pnXOhCF-V0W5QbyDcpjfMstQR8FVA4Uy7mza0YhU1I9nKJKKM4-YsJ4kBzvPSC0D8atOb3qTZKIqm0_cA22VgyeDhqPs8lgZk_VW-Y8JHYZmBIHtow6g3_wRKg5w1EOpRTNGKmvmhJkESo-uPtLv1PzULDz-osJL3EgDqZNv1DbU

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pogoda.ukraine-ru.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
215 B 29ms
28ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KwLe,pingTime:5,time:5388,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:187%7D,%7Bpiv:0,vs:o,r:l,t:267%7D,%7Bpiv:100,vs:i,r:,t:387%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:387,n:267,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~1,0~0%5D,as:%5B92~728.90%5D%7D%7D,%7Bsl:o,t:267,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B120~0%5D,as:%5B121~728.90%5D%7D%7D,%7Bsl:i,t:387,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:29,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C14.775912-56026695%7C141%7C142%7C151%7C171.775912-56026695,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:16 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FAA0 43 B
215 B 24ms
24ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=9004f30d-f87f-ac22-8ae8-02fc56651199&tv=%7Bc:68KwLf,pingTime:5,time:5389,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:187%7D,%7Bpiv:0,vs:o,r:l,t:267%7D,%7Bpiv:100,vs:i,r:,t:387%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:387,n:267,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:187,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B92~1,0~0%5D,as:%5B92~728.90%5D%7D%7D,%7Bsl:o,t:267,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B120~0%5D,as:%5B121~728.90%5D%7D%7D,%7Bsl:i,t:387,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:29,fm:sZmn88s+11%7C12%7C13*.775912-56026695%7C131%7C132%7C14.775912-56026695%7C141%7C142%7C151%7C171.775912-56026695,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:16 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 26ms
26ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KwWt,pingTime:5,time:5310,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:215%7D,%7Bpiv:0,vs:o,r:l,t:233%7D,%7Bpiv:93,vs:i,r:,t:309%7D,%7Bpiv:100,t:510%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:309,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D,%7Bsl:i,t:309,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,4800~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:26,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14.775912-56026695%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:17 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C78C 43 B
215 B 31ms
30ms Image
image/gif 34.205.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=775912&asId=1693bb3a-f066-3d09-884d-bcfdd8c5c8b9&tv=%7Bc:68KwZH,pingTime:5,time:5510,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:215%7D,%7Bpiv:0,vs:o,r:l,t:233%7D,%7Bpiv:93,vs:i,r:,t:309%7D,%7Bpiv:100,t:510%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5201,o:309,n:233,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~1,0~0%5D,as:%5B23~728.90%5D%7D%7D,%7Bsl:o,t:233,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D,%7Bsl:i,t:309,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,5000~100%5D,as:%5B5201~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:29,fm:sZmn88s+11%7C12%7C13.775912-56026695%7C131%7C132%7C133%7C14.775912-56026695%7C141%7C142%7C143%7C151%7C152%7C1611%7C171*.775912-56026695%7C1711%7C1712%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 02:48:17 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pogoda.ukraine-ru.net/	1969-12-31 23:59:59	Name: AtlantLogin Value: msioprhfcmpf7nv4r31nt79f74
.ukraine-ru.net/	1970-01-20 10:45:17	Name: __gads Value: ID=635b7fff3e19643c-22ba6c1ca9d10021:T=1646621290:RT=1646621290:S=ALNI_MZcPRlCnTMfTlce_McyHBzx4d5UBw
.yadro.ru/	1970-01-20 10:08:56	Name: FTID Value: 1Y9N9g3AE1OH1Y9N9g000VG6
.yadro.ru/	1970-01-20 10:08:56	Name: VID Value: 1e-NOY1QXf8H1Y9N9g000VKn
.doubleclick.net/	1970-01-20 18:54:53	Name: IDE Value: AHWqTUlRQk7RFKU0jNqNrSa4Ezk9VjImBvzFDB22cej9nru88amnRuYg-FNieBl3qPw
.w.uptolike.com/	1970-01-20 18:54:53	Name: utl_id2 Value: 26385177616
.w.uptolike.com/	1970-01-20 18:54:53	Name: utl_dat Value: "CMvkm5L2LxAAIMu15pr2LyjLteaa9i8wAKcTCV83NKeDiowWzYTI96o="
.adnxs.com/	1970-01-20 03:33:17	Name: uuid2 Value: 5362672931143857302
.casalemedia.com/	1970-01-20 03:33:17	Name: CMPS Value: 467
.casalemedia.com/	1970-01-20 10:09:17	Name: CMID Value: YiVyawJNHLDg3WUhrW0yUAAA
.casalemedia.com/	1970-01-20 03:33:17	Name: CMPRO Value: 523
.doubleclick.net/	1970-01-20 01:23:44	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 10:09:17	Name: CMRUM3 Value: 2d6225726c2760CAESEOhMh4670s6RYJL2rLGBEZo
.casalemedia.com/	1970-01-20 01:25:07	Name: CMST Value: YiVya2IlcmwA
.adnxs.com/	1970-01-20 03:33:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?joUb2w!]tb$8i_iqf!oN/@E'zz<Z2$N<h%6S-ne><$.>htQZ%$^HT$ytPSRq>WuqyTD._PlZ[C[-kX-6uMNA
.ukraine-ru.net/	1970-01-20 10:09:17	Name: _ym_uid Value: 1646621293817914484
.ukraine-ru.net/	1970-01-20 10:09:17	Name: _ym_d Value: 1646621293
.yandex.ru/	1970-01-23 16:59:41	Name: yandexuid Value: 8508985121646621293
.yandex.ru/	1970-01-23 16:59:41	Name: yuidss Value: 8508985121646621293
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1760030151646621293
.yandex.ru/	1970-01-23 16:59:41	Name: i Value: EjumBqneUaFqBTdH8eM3imLbku5WpKzDnpn9lwE98gJmpNimfHQVyKc5EUFoD8bpMfOKkkp8iKFIdBKm9QIQnrIMmCM=
.yandex.ru/	1970-01-20 10:09:17	Name: ymex Value: 1961981293.yrts.1646621293#1961981293.yrtsi.1646621293
.ukraine-ru.net/	1970-01-20 01:24:53	Name: _ym_isad Value: 2
.vk.com/	1970-01-20 10:05:34	Name: remixlang Value: 3
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=uxs5mrm0f0z8&acs_rt=e970e18111804f63b601b05cf02bc3c3
.aliexpress.com/	1970-02-13 21:55:04	Name: aeu_cid Value: bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT
.aliexpress.com/	1970-01-20 03:33:17	Name: xman_t Value: L84wMnq993akNnQrbNTSkq9VeeMkwMmhHu4YPaifotJdSN2Joh7JTf9i1LjW0aK8
.aliexpress.com/	1970-02-13 21:55:04	Name: xman_f Value: CT7xZOg//DxFfz3+0Wn3uteMUjXuVCDxlgU9EdaPoAF1TRtwqUQK+lLvEzoA9phB6CK20Y7dL0nytd3keAZGr85tIAZR+X40EfgImjLuYuoeyp7YQlVxYw==
.aliexpress.com/	1970-02-13 21:55:04	Name: af_ss_a Value: 1
.aliexpress.com/	1970-02-13 21:55:04	Name: xman_us_f Value: x_locale=en_US&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%22bf9929a1118b4d178db9f01d938a6a06-1646621294274-06476-_9yIqiT%22%2C%22affiliateKey%22%3A%22_9yIqiT%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224991246746%22%2C%22tagtime%22%3A1646621294274%7D&acs_rt=e970e18111804f63b601b05cf02bc3c3
.aliexpress.com/	1970-02-13 21:55:04	Name: aep_usuc_f Value: site=glo&c_tp=CAD&region=CA&b_locale=en_US

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://best.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
af.click.ru
api.pinterest.com
best.aliexpress.com
cm.g.doubleclick.net
code.jquery.com
connect.mail.ru
connect.ok.ru
counter.yadro.ru
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grsync.ru
ib.adnxs.com
jaclick.ru
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pogoda.ukraine-ru.net
s.click.aliexpress.com
s.ukropen.net
s0.2mdn.net
sale.aliexpress.com
static.adsafeprotected.com
static.tnsis.ru
tpc.googlesyndication.com
vk.com
w.uptolike.com
www.aliexpress.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.65.226
142.250.81.226
142.251.40.194
151.101.128.84
2001:4de0:ac18::1:a:1b
217.197.112.80
217.20.147.3
23.5.239.194
23.52.162.21
2600:9000:202c:c200:8:48e:53c0:93a1
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2006
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81f::2001
2607:f8b0:4006:822::2004
2a02:6b8::1:119
34.205.1.191
34.227.203.141
62.109.14.161
68.67.179.166
88.212.201.210
91.218.214.81
91.218.214.82
92.63.105.49
93.186.225.208
94.100.180.54
95.163.114.203
95.217.109.66
96.6.28.196
00f4346a262eb819f3caed7af1ca442cc434a21a2e23c3c8ffe42bee5feb304c
02ef4cc53dcd03d0907bf1556d6ca56eef0b39e7743a41af157fbf958bec959e
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4e44f4ed1e73b204686e87a6bdfa7973b51a1ffdcc9237dfc979365fe396ab
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9e28b1f5928ee9bf187989a89aaf2eb8fab197e0b514153d5673149ad884cb
1b4fe3cd5fa87810dabeea8a2380244584b3c6e54bcf885fb70c4463fbc03b81
1ceec8e1180b36a40742677a5e18cb3c7c441cede741dd89342255ac52826d19
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
21560ea16cf5a3427a8bf69c02cd13bbd3fcea600ca0b0de2763c453e5bee8e7
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2769d490f3a5d4cb202fd385c3fcd376a0591bb5ed09f343f716f09f38419ff7
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c0bc37c69de7088308deffd0d1c8aab57329af5f2f521ab8d38f2a20b6ffbd3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
39c32ee4b19843246e5bf0526d2f07eb822d991fd791879d707c5b7f80e5c21a
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562e49887f984651ee8ac896f68440161afb0b6adb9da48ca89d97650780fae5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60717a8b680e2f85643d933cd76a6e7e0024988f5158a8e127874ff9a8c229a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e14583e403b97aef81bcbe30e37855608095b2da8c383382ab57ee7d9e08dd
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
628a4a945c6fa359b8f337c64d1c88b8fe7b3edcd0373df746766b17af15fc89
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6909829af9b2d4ca19892c63a50ad785f839b71c4c09d9917210f8b114f1c1c1
6a8c39c9daa9b79fbab643763fc325527dc6d770270383d4dcacbb62e5fc08ec
6b46d7edaed26c86cdde5fa704c1de8ca48ea8dfd6ef764f20cec656fcb1f9c4
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
724e2886a2225575c26b3bbbde05e0ebd91c639d35d9c02d235efa137ed9cbfe
725b6c74f4f40de28d5e53aeb25260a74874eed5dd4eb7ff67150f4947a97544
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4
819689308bdd95f69396d8a8699979d734cb938929283c830ec9063a49bbfdbd
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
89295c08df7922a9818830d7fd14a253bce6e20525f51a8df7e07bec9dd55916
8ff66e0192415b625d911dc1ae829a7ce9b88b5ce6730b538e368b5d7a0dee49
9007a8bc1cb47cb28cd13d3fe49407570737d0593e1d433dea4efcc64835b3f1
95db4f295cc191f122e95095cc4e5ff603a180dbc10a961a6b0396143e782d81
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
9960fc1dc08725df5c68e46426ca6c301716b7f5875a1edbc181ebebe003cd98
9c3df1ca966c475d13c1b6f36ffe6ad8b17622b856f2f26aa474b155a1234de2
9dbba2eb0519fde36f42111e19202d5ce8dcec7dab9af1e65633370c02eef7bb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b0e69a442dc3a7c1781f691a032765265a4879cea47d675254a55bb768f658
a7c903ebbabe3502c6801ec011f80f449816f2f6229352199ed336fae7887544
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aef61658d532441f352633739915dcbd6f019d38788f3bc9f0f38ea3c0936f67
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b557334a53301f9aa6693989ba3ff06ad6054aeefc5b6fdd6367067ee8aea711
bab2b0ef58b0be011f0ddb9b8d3f539beb09d32222280e88c731d767b33ccc0c
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
c9e9166a40b44f7fb807b5a878664e462a98137031b49c13d63b4ea66e4db553
c9f6f8fba1b29955ee07e0a69434aa6b8a664dd6f934ae007f650172e7b13f8b
cb8c6f72e1e80233ca6a77818f68a9be4e8c56c33e6893bfdc570d85cbad73d3
ccd08d7f9535fb61b813fe10ee1e7050b508114c38bde7ddc02809f90803b68d
cd663b12134013ce944dbc161fc1f5803ba66027372ba1dc6894a83748692a04
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d4ac3a8222b1e8ebbe15618fbc7ec898c0565460924c276bd97f530e68357ada
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc26f27ffcf3bc671a9bb90da504b7ed5a215d8f81af0e17d5ec4765c28072
e6972fe2e229ab6115456a139aa95cd8ba67c16ff866efcc1bd6e0cce6407c91
e845e1831b8bbd16bbb4f7a9156ae16f3cf598b9a8b75e851462e9db124c7441
ea65eb116ce326317c6ee709d62eca7210bb1a55fbcb3bae852b780ba0bcc84f
ede2c95eb5708b915170060d3df0f8f740f4615bdfd457993a84550479b9c1f8
ee6f303f28c9a4778ee3e6e0e8b640e0fc6aa526cfc877ba3cc7b0507bddc318
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47d9fd5e18c8dff6e6375c072610f6837f9812b7f72d620d0325bf705abd577
f4b04166b6e23095feb89427b395cff80036ef313d35ca34e3b4d2ca6c5ef32d
f6fb48d7959c35e6b30c701a16a11f87faf6cc2eb60ac8ea670aac2335aee06c
fd805653ca70db53ab380c2d9d98bd8b97dfe76f545b37c5ac50c7dd4757ef92
ff3f6c8ea2d933878cae4b55c8a5215ed65cbdd642fc80c1537a98b4c0828b20

pogoda.ukraine-ru.net Open in urlscan Pro 91.218.214.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

91 %HTTPS

38 %IPv6

27 Domains

36 Subdomains

34 IPs

5 Countries

1823 kBTransfer

4533 kBSize

31 Cookies

26 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pogoda.ukraine-ru.net Open in urlscan Pro
91.218.214.81 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

91 %
HTTPS

38 %
IPv6

27
Domains

36
Subdomains

34
IPs

5
Countries

1823 kB
Transfer

4533 kB
Size

31
Cookies

180 HTTP transactions
5 data transactions