redbook-ua.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://redbook-ua.org/
Effective URL:
https://redbook-ua.org/
Submission: On June 05 via manual (June 5th 2023, 10:06:33 am UTC) from DE — Scanned from NL

Summary HTTP 160 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 28 domains to perform 160 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is redbook-ua.org.
TLS certificate: Issued by E1 on May 12th 2023. Valid for: 3 months.

This is the only time redbook-ua.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 61	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
26	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:7a60:0:1... 2a00:7a60:0:10a8::1	200000 (UKRAINE-AS) (UKRAINE-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
5	167.235.177.244 167.235.177.244	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
23	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 11	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:226e:dde5:5103:25e0	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	142.250.184.210 142.250.184.210	() ()
1	2a00:1450:400... 2a00:1450:4001:80e::2012	() ()
160	26

61 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

redbook-ua.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:7a60:0:10a8::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)

agronomist.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 167.235.177.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz2024479.sapientru.net

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:226e:dde5:5103:25e0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.210 (None, )

ASN- ()

p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i1-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2012 (None, )

ASN- ()

p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i2-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	redbook-ua.org 1 redirects redbook-ua.org	906 KB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	548 KB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	141 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i1-v6exp3.v4.metric.gstatic.com p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i2-v6exp3.ds.metric.gstatic.com	66 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3	2 KB
5	acint.net www.acint.net — Cisco Umbrella Rank: 29130	23 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 598	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	160 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 13768	818 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1314	451 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 365	529 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 952 r.turn.com — Cisco Umbrella Rank: 3464	869 B
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 457	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	88 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 826	395 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452	759 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 773	465 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 7698	624 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 587	363 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 702	541 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 518	876 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 324	24 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	185 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	607 B
1	agronomist.in.ua agronomist.in.ua	2 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	cloudfront.net Failed d31j93rd8oukbv.cloudfront.net Failed
160	28

	Domain	Requested by
61	redbook-ua.org	1 redirects redbook-ua.org
23	tpc.googlesyndication.com	redbook-ua.org googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	redbook-ua.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com redbook-ua.org googleads.g.doubleclick.net
5	www.acint.net	redbook-ua.org www.acint.net
4	c1.adform.net	4 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.nl	pagead2.googlesyndication.com
2	sync.teads.tv	1 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com
2	ssl.google-analytics.com	redbook-ua.org
2	connect.facebook.net	redbook-ua.org connect.facebook.net
1	p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i2-v6exp3.ds.metric.gstatic.com
1	p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i1-v6exp3.v4.metric.gstatic.com
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ius.ctnsnet.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	www.facebook.com	redbook-ua.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	agronomist.in.ua	redbook-ua.org
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	d31j93rd8oukbv.cloudfront.net Failed	redbook-ua.org
160	36

This site contains links to these domains. Also see Links.

Domain
savelife.in.ua
www.biology.org.ua
www.raptor.in.ua
biology.civicua.org
ecotur-kmk.at.ua
laginlib.org.ua
biomodel.info
parusnik-club.at.ua
agronomist.in.ua
pni.com.ua
fanday.net
mundofut.live

Subject Issuer	Validity	Valid
redbook-ua.org E1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.agronomist.in.ua R3	`2023-05-16` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.acint.net R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://redbook-ua.org/
Frame ID: D5C7C6B80AE475FE87C2C8D1791DB766
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3903069020055393&output=html&h=200&slotname=3294104625&adk=3340214316&adf=212189784&pi=t.ma~as.3294104625&w=200&lmt=1685959574&url=https%3A%2F%2Fredbook-ua.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685959573530&bpp=98&bdt=346&idt=707&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&correlator=3744618509355&frm=20&pv=2&ga_vid=850470903.1685959574&ga_sid=1685959574&ga_hid=1736362392&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=26&ady=527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31074772%2C31074962%2C31074990%2C44788441&oid=2&pvsid=599797691981454&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoEe%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=whBt3lGZ0Z&p=https%3A//redbook-ua.org&dtd=819
Frame ID: E33D8679B59CE46DBE1ECA36035E8F36
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html
Frame ID: C691DF4609B6BDF3593EBF5549847FDB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CkB1DlrN9ZNTnHf31n88Pn9-B6AvB1ObwcLmU0Nr2EN7ZHhABIMe8qRhgkYSAgPwXoAGGkJWFKcgBCakCuHfyXPX2sT6oAwHIA0iqBMoBT9AlL91_Q8chJq0rNKCMjWRIVOFOIhUiXFiAcvJtkVbWyZtAkhSG4-LOflzfoaf72HK90STIa_CVK67hM15C4QMZnwC5dhxPfI5SnQ-vO0AF6C7KPp6_JGxaYQEGXq0CXQppcqQBPdUfdv-Q2yi8luT1BOtLozhJhSlI9TSjFqGAwrXCwODXL2izuAGrTuQcBoML0agEuUMJPKZ38y0hNisS6yafYCU_QNrrOqswHQ_deKGzVJu_1LEgwQfW5YO9A1-S9rSoJJ5PKsAE45PHi6YEoAYugAeGyOXkA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOvWCNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzkwMzA2OTAyMDA1NTM5MxgA&sigh=pDZKkLWGxKk&uach_m=[UACH]&cid=CAQSGwBygQiD7U2weiXeNUdQ3oDHDme_zNqV4BfsNBgB&template_id=419
Frame ID: 9B81227446473589B773B76E7E2398CA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7978F7E0F2213AD7D7E1D95B31AC30C3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html
Frame ID: F48E72B6074B37461014169D94293F87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3903069020055393&output=html&adk=1812271804&adf=3025194257&lmt=1685959577&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fredbook-ua.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685959576865&bpp=17&bdt=3681&idt=17&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8ceb46044b9ef3f-224820eb06de003c%3AT%3D1685959574%3ART%3D1685959574%3AS%3DALNI_MYa2z5KLgXfv5v7iiTVSgiznV6-Qg&gpic=UID%3D00000c2ce707a0c6%3AT%3D1685959574%3ART%3D1685959574%3AS%3DALNI_MbfOFBV6milJqJSPgJjj4mOSrR0pQ&prev_slotnames=3294104625&nras=1&correlator=3744618509355&frm=20&pv=1&ga_vid=850470903.1685959574&ga_sid=1685959574&ga_hid=1736362392&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31074772%2C31074962%2C31074990%2C44788441&oid=2&pvsid=599797691981454&tmod=223647724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=234
Frame ID: A5CC39DCB0A30B3364831B7FCC6FFCCD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65097C100EBC5589195AD0AD2FD9C1FC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3AD8E6F0499AE61B5C2761BED60F9E35
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Frame ID: FCC0B04A29D40EE8F68D4FDD9DABAD47
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Frame ID: 56A2AFC216CAE1298ACE19995A0DAE40
Requests: 10 HTTP requests in this frame

Frame: https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 6EBBE2BFF97C3E680BC160944D34DD71
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5BB92F4E353FB52E3A7D2187BBE4B10A
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 394570C6A7EBC46FB05D871F7249CE0A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 528264C8F2014D196EC6D85BB0F0F1AE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Frame ID: BEC2E29B734D6ED36C9514EF1EEC36BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js
Frame ID: 5B1BD929663E9F1F273D4E8008F6A8F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Червона книга України. Головна

Page URL History Show full URLs

http://redbook-ua.org/ HTTP 301
https://redbook-ua.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

160
Requests

93 %
HTTPS

61 %
IPv6

28
Domains

36
Subdomains

26
IPs

7
Countries

1983 kB
Transfer

3838 kB
Size

23
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://savelife.in.ua/donate/
Title: за посиланням

Search URL Search Domain Scan URL

URL: http://www.biology.org.ua/

Search URL Search Domain Scan URL

URL: http://www.raptor.in.ua/

Search URL Search Domain Scan URL

URL: http://biology.civicua.org/

Search URL Search Domain Scan URL

URL: http://ecotur-kmk.at.ua/

Search URL Search Domain Scan URL

URL: http://laginlib.org.ua/

Search URL Search Domain Scan URL

URL: http://biomodel.info/ua

Search URL Search Domain Scan URL

URL: http://parusnik-club.at.ua/

Search URL Search Domain Scan URL

URL: http://agronomist.in.ua/

Search URL Search Domain Scan URL

URL: http://pni.com.ua/

Search URL Search Domain Scan URL

URL: https://fanday.net/news/luchshie-onlain-kazino-ukrainy-top-10
Title: fanday.net

Search URL Search Domain Scan URL

URL: https://mundofut.live/
Title: copa libertadores

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://redbook-ua.org/ HTTP 301
https://redbook-ua.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFdmeqaKO94jGWkwJ6-JG9s&google_cver=1&google_push=ATf1kGPoPy0s4ntJn7JIs34AUh3i9jVNw3G1PFqDJ7NGcR_YcTAGbnHtGaWUzf3Ew7ltQGlQqp_hEtUR-lGh-KgBM3iT1boguHefMMc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU3Njg3MjIyMzMyOTM4NDc1NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFdmeqaKO94jGWkwJ6-JG9s&google_cver=1

Request Chain 130

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMCbKLeB8QiJcUq8wx9fVeI&google_cver=1&google_push=ATf1kGNNTKJLPT9SmYPIo-HfK0nIsEI9lGGjZ1WS8r5k32VMVsquBR9VvC7EqRCG6Gx7t_vz6Ngpghr0X1_3QuX_mZcunXkr66KSraI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNNTKJLPT9SmYPIo-HfK0nIsEI9lGGjZ1WS8r5k32VMVsquBR9VvC7EqRCG6Gx7t_vz6Ngpghr0X1_3QuX_mZcunXkr66KSraI

Request Chain 131

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJ7EghmGj6oE1QFll0JVUlw&google_cver=1&google_push=ATf1kGMEyTqw25C8kcrAFmdsbmNd6A4MXlBX7FaG1ZM0OpNFXm8oIvoNVSk0Sir85s4fPYWOmPhwnHwnfG0JKaW1qLvdjI51T2uI2_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ7EghmGj6oE1QFll0JVUlw&google_push=ATf1kGMEyTqw25C8kcrAFmdsbmNd6A4MXlBX7FaG1ZM0OpNFXm8oIvoNVSk0Sir85s4fPYWOmPhwnHwnfG0JKaW1qLvdjI51T2uI2_M

Request Chain 134

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEDCmURQzPuJqTYRn90fINps&google_cver=1&google_push=ATf1kGOu8Tpa3M1Bkpz8qbiqOtUsa3U0KRUonwbz_fUaByi8EvHEV0gdolqvFr_ZNj6S4bV4nYQvNXhlMPngDlS43wpXiTqonBKkPeY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOu8Tpa3M1Bkpz8qbiqOtUsa3U0KRUonwbz_fUaByi8EvHEV0gdolqvFr_ZNj6S4bV4nYQvNXhlMPngDlS43wpXiTqonBKkPeY&google_hm=v456sObzTkmcEjkL2ZsuzjE

Request Chain 135

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFdTEXy74BSNRr-RJmgKEgg&google_cver=1&google_push=ATf1kGP-dgS7BPz4bhbCMkKf6e3z2eAl0CyMqz-cH4DcV4TbSoZE7mRA9RA4GjqtNRn_UCKySsJeoCgzz6ivPhajiYzdgJSTye2Fsh7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP-dgS7BPz4bhbCMkKf6e3z2eAl0CyMqz-cH4DcV4TbSoZE7mRA9RA4GjqtNRn_UCKySsJeoCgzz6ivPhajiYzdgJSTye2Fsh7Q HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 149

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEON90xFoMh_-qw-naFdnX10&google_cver=1&google_push=ATf1kGN6qrWIPW9T5-ZT3yyaF_xEUtsJG3cQcc_uhFE3KaMEOOD_Uas5xK3hq-pJdq3bxjwwLHS1OPeee7M6Hsde12-DtcJNUTho7iUQVyR7BCbFsRI3tuItEpIDELq1C5WSEZXX2JdV3D_8l0i91SY6j2pVYMo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN6qrWIPW9T5-ZT3yyaF_xEUtsJG3cQcc_uhFE3KaMEOOD_Uas5xK3hq-pJdq3bxjwwLHS1OPeee7M6Hsde12-DtcJNUTho7iUQVyR7BCbFsRI3tuItEpIDELq1C5WSEZXX2JdV3D_8l0i91SY6j2pVYMo&google_hm=eS1CS0s1UDlwRTJwRmRTRHhBVF9fZnhFbFRGeTNfUUJVVX5B

Request Chain 150

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyxtAreHkkypIOnOSaNl1A890zeGZjJTb9MZlSiw_IpGfIoG62keKgnxIVqJFIGOXvIurpjm_kjCzUIXm21fzKU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyxtAreHkkypIOnOSaNl1A890zeGZjJTb9MZlSiw_IpGfIoG62keKgnxIVqJFIGOXvIurpjm_kjCzUIXm21fzKU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxMjQ2NDUwMzA0MDE3MDM2NA&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyxtAreHkkypIOnOSaNl1A890zeGZjJTb9MZlSiw_IpGfIoG62keKgnxIVqJFIGOXvIurpjm_kjCzUIXm21fzKU

Request Chain 151

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5UsvtvhJa3PIXSkXj6mSM9hJlZw3jf8Biqf_Wg5aQoyotROlU-A8DXk84fdeV-IF9MbrCxbNDWN50wVbfvBww HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5UsvtvhJa3PIXSkXj6mSM9hJlZw3jf8Biqf_Wg5aQoyotROlU-A8DXk84fdeV-IF9MbrCxbNDWN50wVbfvBww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3OTk3NjA0OTExMTE0MzkxNA&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5UsvtvhJa3PIXSkXj6mSM9hJlZw3jf8Biqf_Wg5aQoyotROlU-A8DXk84fdeV-IF9MbrCxbNDWN50wVbfvBww

Request Chain 152

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELPujDDEccZq-O05XxDcOTE&google_cver=1&google_push=ATf1kGOVUSk-4MrbB3V2qVvsXiTQ-b3E7pj0Yowx8DioXmvvEXQ0CsBnxODTVz1dVrW9fTuOeYhp81TEH7FQ0Bjz5wS0GbNZHz8VerWQRsAAgNvdCidQDZUdKjAQQWmO0HwJQcJ9ltQkZHRS7VIJboBZPXXHaCY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOVUSk-4MrbB3V2qVvsXiTQ-b3E7pj0Yowx8DioXmvvEXQ0CsBnxODTVz1dVrW9fTuOeYhp81TEH7FQ0Bjz5wS0GbNZHz8VerWQRsAAgNvdCidQDZUdKjAQQWmO0HwJQcJ9ltQkZHRS7VIJboBZPXXHaCY

160 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
redbook-ua.org/
Redirect Chain

http://redbook-ua.org/
https://redbook-ua.org/

31 KB
7 KB

177ms
110ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.45
Resource Hash: e8102840edf0a45730dbee7b74101b9ec8bc56c721c19e3202a0512afffb0743

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d279a03bc5930d0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 05 Jun 2023 10:06:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bid9PNMuQQWUSLh1HYDTzt4IJMkfpo6XoMzLfkIVbXCC8H1mT91aQ2ZjFVSR6fVqfclxJYxUL7IFH8NGZenvz3%2BFuefSuWi03ypkoYOuXuE2WK6e4QCOuTZy%2FqvBBXY3eB9rNy1P8EeaKts%2BNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.4.45

Redirect headers

CF-RAY: 7d279a031ce03614-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 05 Jun 2023 10:06:12 GMT
Expires: Mon, 05 Jun 2023 11:06:12 GMT
Location: https://redbook-ua.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lCRdPbpQv6fL5KmotBYFj14Mlig65wExHBbVQ%2Bm09RqJlgVSvNTuLPbSFXLS1LAyE2bWjRwATzkqcMlrfai3cvxTaeOz5dahe0YijdZ4CjXvc%2F2TFxs4LmEMcxT6tP5IL4putlPAz9%2BPhuBEg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
redbook-ua.org/media/css/ 10 KB
3 KB 110ms
109ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redbook-ua.org/media/css/main.css?10437c4705e73f5d916850100a4123b1
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ac270f410b22a7fbb54fc87de46fbc88a1f23e14a43179100a1d4d959e1e8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 22 Jan 2023 17:13:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63cd6eca-268c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtOl0LyvF4hcucC8goTsyW2Fr3cLDYPjkFf9hDZhaXrJr3SZBocI53TEMSWf1K4UvddcJgrhjAnqXYrVNljtoGwYvfAvLTfcJFO0O5hve0zmlcPBIdWaQ%2BfSi3D%2FcpL%2BrM7ksC99Q1Luif9%2F3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 7d279a048d3f30d0-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H2 200 jquery-1.4.2.min.js Show response
redbook-ua.org/media/js/ 70 KB
25 KB 32ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redbook-ua.org/media/js/jquery-1.4.2.min.js
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Sep 2012 16:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 695614
etag: W/"50423829-119ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkzw2eeOEqIjKj3z7R75%2BqG6YQ9L6etWyPmoYJXCHyKhZgi1xLlKfgMheR0XMxlDlCL%2F4%2FQi6A9GANT9Xi12kqcvcG2cbdsgWWkmfIUHBdMTrEqbwgzLYhSt5qeAx1kxc%2BJanqWu5fwRp%2B69QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000
cf-ray: 7d279a048d4830d0-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 07 Jun 2023 08:52:39 GMT

GET
H2 200 underscore-min.js Show response
redbook-ua.org/media/js/ 13 KB
5 KB 104ms
104ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redbook-ua.org/media/js/underscore-min.js
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f201fe52208471c863c292da4990ca7bb7ca5d58b3f1ea2a57095ff764c6848

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"50423829-3215"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5spcIjVDsBTBB6yVjynhut8MCow%2B1VTpEK5nLYrNP8nyWcVTV9G9%2Fv1N9mEM%2BENujj4IBsxNOJn3dDhuyJTJysYOdKB2LL6yGS2zS9ThoBt7R8xeyLhwPpmgyQ3EH%2FasJ9Q21iFxbAduExO8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000
cf-ray: 7d279a048d4b30d0-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H2 200 jquery.sort.js Show response
redbook-ua.org/media/js/ 578 B
577 B 99ms
99ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redbook-ua.org/media/js/jquery.sort.js
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c0060c8b59460f7111683fdc04065c23d81cd07b2150b4a5dfe3c8193117e61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"50423829-242"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20yK%2FzXroftYisI9xJ5RJv%2FCv%2B6%2F3bCLlyrMcT8exdWxDhPNNQaytP8m7dFBHeqD68FH%2F7fMEJ8r%2Fke%2BNvpaL8zmHcH8pq9wvEncdSyTq8JBPi63kthECsGJrTIpj3f0mQ2mIrEQVglNO1LcpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000
cf-ray: 7d279a048d4d30d0-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H2 200 menu.js Show response
redbook-ua.org/media/js/ 2 KB
988 B 31ms
30ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redbook-ua.org/media/js/menu.js
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a90d2a6ce82298b3a88f4c92484132732b618f8e34efcba073417189759d01e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Jul 2013 08:01:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 698928
etag: W/"51ea43c0-83d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRwkhBYyMUwfb8jb5OiUlsa%2B43JxzpzM4yYB20avhh1Lrt1LrUq4D5i4IYqMoABPqUJAGpU8AFenCFN2HeOoZHg1LRsc4eRqj3U2pebTUctlvuwky8Q%2FJe7Uf%2BboGHJUNmbVIJQxoQJfz%2BqnMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=864000
cf-ray: 7d279a048d5230d0-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 07 Jun 2023 07:57:25 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
3 KB 182ms
26ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

84332bec040a8c863b108ea667fdfda69c9a7b9ef93d982214201976a2b88c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://redbook-ua.org/
Origin: https://redbook-ua.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 10:06:13 GMT
content-md5: +sqhUFhjEBOn3n+rbR6q/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 3VzNOhxcvyYwqslP1Atas9RzLWjTdjuJM+vdQs+UeSsZiT3KpO2EH9cSSIPGp8oKytiUL0A8S1UGoq7T0bytiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 77fe58f0cefa3124aec15231b3d0d19e
cross-origin-opener-policy: same-origin-allow-popups
etag: "c9a4953f655498a3e7880ce3fbc7627c"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:13:21 GMT

GET
H3 200 red_book.png
redbook-ua.org/media/images/ 21 KB
21 KB 141ms
87ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/red_book.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f9fb0c4a3e8ce44fa09678d796accc5b420ae54d56f7b3bdd522914bfa212a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5175
alt-svc: h3=":443"; ma=86400
content-length: 21353
last-modified: Sat, 01 Sep 2012 16:30:32 GMT
server: cloudflare
etag: "50423828-5369"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3SOoRkCdLiDZAby1kOSLIcPO1W5aj9LSNi3FbifOJ72%2FgmHKiTs6Oe69XtJje1O6I%2Bc4oEhSaXmGxoe4dobiWfua5Mu1JwgW%2BCOjpsrTfPba%2Btx0ku8n%2FlSyip21pD%2FqJ3c1MwARh%2BEVaJzkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a065ac36993-FRA
expires: Thu, 15 Jun 2023 08:39:58 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
32 KB 124ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9efb16ba7a89c02fdb3f5e728f7c9c389d8c55ce3b0b76c8d013e118c23692a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32401
x-xss-protection: 0
server: cafe
etag: 5516703896165988140
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:06:13 GMT

GET
H3 200 redbook.gif
redbook-ua.org/media/images/ 3 KB
3 KB 132ms
76ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/redbook.gif
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17814d25d6a5331ead46c5a40259771ce4a2eb87424afc1041f4e3bc571c191

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5175
alt-svc: h3=":443"; ma=86400
content-length: 2877
last-modified: Sat, 01 Sep 2012 16:30:32 GMT
server: cloudflare
etag: "50423828-b3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apiOVAHfo6tb4ZOgCoMnOhaydi7Qp8bPgPruTlDCyrFipiQyMI7c11aVVQ8UxBmrpzf06Nym2skQcZjjnKix%2BKHQ99PbIF5c9eB5CtMFHljCRYrkX09AcDbDDgCIG5yApfiDplUHnGlxLyYL6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a065ac96993-FRA
expires: Thu, 15 Jun 2023 08:39:58 GMT

GET
H3 200 biologyorgua.gif
redbook-ua.org/media/images/buttons/ 2 KB
2 KB 188ms
108ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/biologyorgua.gif
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c091df9ad8e8c31c8ef5678d10e6aaccc9f3277019128199ca4a0c59a4e81f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "50423829-737"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lASrX%2BKWMCb%2FFN%2FzEYctdbDBPq6iAOSIHAr7Kv5MeB5dD1C6au9g3oxdZQFdfXwT3oHr8a4JtNUAuWZM3o0W4fT6kd7icySHWElqHV0H%2Bp3Q%2F7Yg2PEwq91XERYyRxPIDF9J6JT1FcuueqTU2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b006993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1847
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 hpu2.gif
redbook-ua.org/media/images/buttons/ 2 KB
3 KB 190ms
110ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/hpu2.gif
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80469a59e1b29311f8c6fba899f4bc5584ebd66e2d97883036a93fa561a6a3d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "50423829-8b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fExBJCjvD71rbrnuP%2FtdvfR9Dg2lCz4wZR0Cn4EapuW5kPCt8dCncEfh76Mwxyilp%2BmJt9C6DqCRaepdnQVNd%2FoloxXjlIYNK%2BnNWEBjQuDMZQW8of8TwT5%2F1WJtkCiHV%2F54ScP3ts73kQik6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b026993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2229
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 avbu.jpg
redbook-ua.org/media/images/buttons/ 3 KB
3 KB 185ms
104ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/avbu.jpg
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1504f55e3d35a5beb6a9c739fdb4ff9bf98aebd2eb0bf68874a91bc7ca0331e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jul 2013 10:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "51da8fc9-bb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdTQ9Ge6j1zP9ll19pCWpzkUPr8NkkWgTefmRKSSJmbHu99oSHFgOoD03uzgwO3RZVlvNIgpI24JmbFcyEfGpeKVLlG5002oEg90%2BdBR45UvZs1V8YHW%2BQ7pU6KV0u3QSNaI7BUbBRDhFBBbKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b036993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2992
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 knopka-ecotur.gif
redbook-ua.org/media/images/buttons/ 2 KB
2 KB 186ms
105ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/knopka-ecotur.gif
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23a3bf8643b636e7d4fd23c1dba6e1a05424e62b1c84a361f9102870c49b2867

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "50423829-7bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv9LoqYPjWPdmooD5ndNsFHf0%2FuO%2BTW4WF9hLZo%2FsJe738Ra70C0%2BEeYXbSyiPopm4d9KhZv9DPJCWGplvk%2FH4xiSLpnf%2Fsmx1ZCUsGjSg0Pi8pENFgUqxSZ2emeZVvnE1f3pKPnieGbWsRtyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b066993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1979
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 library.jpg
redbook-ua.org/media/images/buttons/ 13 KB
13 KB 215ms
134ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/library.jpg
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dd5752d240466d066276b41b9f9939f95f5012b924846b8040f135ec42935b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Jul 2013 10:09:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "51da8fdf-3394"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHzsykE08rp800r%2BlvQlLOwSIOgHg5pFnT%2FGdhqeuO8UrEypiSDySQEqq%2BYn1cC9HVLhahXSOEL%2BqBbNrV6tdgrbC4EuoK6ZM9C314k7wRsYGHmamiBZIcKo%2FPG50yzj7EAHyi25kZmu6N3evw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b096993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13204
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 biomodel.gif
redbook-ua.org/media/images/buttons/ 8 KB
9 KB 188ms
107ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/biomodel.gif
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 636b7d1182b6c793d7565fafa1ec8c62c03ecfd652fcfd9bfd4ca0965b387834

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Thu, 16 May 2013 19:01:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "51952cee-207d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGd1%2Bi6wrD5ijsQFwf8ujcPdheGP0f%2Blzmjhb4RyPVC%2BQ4FwATonsNYsudUvRHM%2BOZ83jwTgPMxyZQPW%2F5CC0mTMcWV8dUHpA1N91MVTo%2BDXICk7SgRBjNSsgQ32eN2U9p9H1gCyfxk0SKPyIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b0b6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8317
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 parusnik.jpg
redbook-ua.org/media/images/buttons/ 2 KB
3 KB 198ms
117ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/parusnik.jpg
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e728da92aaf78c09a6989b244868ce6cffb20a6c4787071ca7d41edb8c2f212

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 21 Sep 2013 19:06:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "523dee35-88a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN1S9o4pYiYp3iWLUhBOuymuCPOpKlkk47ZtMUWbcYEObnJlPuqh865YjaFxPJGG11AQ7BUAi0TCTbnSxXVcX4ogpW5t0J2kOANSWgK%2Fbp6fTDKmLDbVKGdeO68SjMMvmVqOZYoN8s2crThE1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b0c6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2186
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H2 200 knopka.png
agronomist.in.ua/wp-content/themes/my_green_yard/images/ 2 KB
2 KB 361ms
110ms Image
image/png 2a00:7a60:0:10a8::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agronomist.in.ua/wp-content/themes/my_green_yard/images/knopka.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10a8::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4c50199b521fc7a6f16ed1d2ed2a5ebbc47046c84c66460cd779bd4616048405

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
x-ray: p999:0.000/wn32812:0.000/
last-modified: Mon, 13 Jan 2014 10:00:07 GMT
server: nginx
etag: "52d3b927-852"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2130
expires: Mon, 12 Jun 2023 10:06:13 GMT

GET
H3 200 pni-com-ua.jpg
redbook-ua.org/media/images/buttons/ 11 KB
12 KB 191ms
110ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/buttons/pni-com-ua.jpg
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c0d70abbb1865a393b5a5fd529a5a1fb4b1d88e2011a645c09f5fa761868950

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 03 Sep 2016 19:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "57cb23af-2dcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pswjqpCAEiVU3ZK2OM%2FTbEtc%2BGNE%2FIpC849t7d6IKPAFQCSoAaZgE9mHm8c4cbvrFoquCt2jlOQnZQzsmJ8c3tKb2GA06tx7sK4lWOIXYbsP5aNXqdU9mLIJGPR1YUgmplLRpzxeksraKFKVGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b0d6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11725
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-541.png
redbook-ua.org/media/images/main/preview/ 18 KB
18 KB 229ms
148ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-541.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907ca5b8575b0f8012b0f28d4f809b7c9c7bebda89bd0cdf606ba88afa04dc61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4714"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cUdEn5szKkTNMWD0DKJhH1bj1cMxFOD6EJkcVAebXVScSUCFRr46D%2Fhmt%2FurQMrtdWSPsWFxyQnv86xRuDEBZ%2B1oH9JMyG%2BeRPHi9lS2IPsaUQoilirzIo%2FEaSxamRM6qVIQ2LSQFU3oqQ49Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b0e6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18196
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-536.png
redbook-ua.org/media/images/main/preview/ 19 KB
20 KB 217ms
136ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-536.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cab04c21dba2f19fcaba7f799a34e3715720ec4ce5a267319ca8be2b7393feb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4d9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uGWoRLJCmyf9bZvEUsYHfJZ0EiGLDpgLk2icB2O67oemTSolTWSbZMRDTeFdaM6Uk74UMa%2FzgXD19BVbk%2BCl9mR4BgFqUurSxWFzRk1fbOzTNG5NMwh4e71iJ6sv6zl7Jsk7FesL6dSnQ27pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a068b116993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19867
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-475.png
redbook-ua.org/media/images/main/preview/ 20 KB
20 KB 259ms
169ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-475.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 205c9e7432e6b8274746c31fe312bc3941f8b543f51355af154e742ee6e7a95e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4ea9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLaDTu6d%2B5MM7nMer3JJGLQ7JuVUo8jEe6pNFZYc%2BKusGFW2hdGAd8EdZ3pgScGtULiSmB2P4geLuYVNwy6FwkriCm4wBDq40Koakk8SrH0EaNCKsUKla3pe24ko2TRWl0W%2BZmx8C7Tu71ITAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a069b246993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20137
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-527.png
redbook-ua.org/media/images/main/preview/ 17 KB
18 KB 251ms
161ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-527.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae46986adf74afc3f4a5035716e8f8744833bbc0c3c798316d84a5e34e5a496

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4460"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGgt077%2FOJ%2BtFzVx6vRhvIobkPTY%2BvulbGVABPCTNCpZEaNZ7qpWe3zVTkLio%2B0gDswxyhcRM8vkzCH0JBkQF1Gw28JbdZQ0Q8v%2BpjuB%2FsYpBOGJTGBa5cPBki1dHst3CbTm2znjz75b1Ha0Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a069b266993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17504
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-529.png
redbook-ua.org/media/images/main/preview/ 18 KB
19 KB 249ms
158ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-529.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30be3263abd14e733e37e83047dcbe88cb59eb622c74112b4b12e58da8c57f9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2l3pTcsgrL6eXA16Rh6Ch9A4JhKK6jW7tfYeqMdGNaCRJ7yFk6TICmZDTqJr3oFk9Ldm5ixbUC%2BZu%2FxOLncn9X5eJDcZn5CiLkCCOvY4v2qCq4zw2uBlwcp1efBxg80%2F%2BPR4bZ7bLTAZbs87mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a069b276993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18529
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-535.png
redbook-ua.org/media/images/main/preview/ 18 KB
19 KB 246ms
155ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-535.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c32c9e44e6ef7d32971bf5a4f4fcfafc66a75263a278bec23f409ee000ad90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-49e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QauteVM4QiszsUNrd2y%2BvqcjVj2nOpcF3nGRc%2B63peXA2Nyakv90oynGdorx09%2BsbWJE%2BJVVV9%2Fbi9Gw%2FLtOiODHfNQ92sphPj20EuVQrw3BfcgZ6rWfT43UWaEp4TUiOLDQ9O3U%2BmNyNAn21Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a069b286993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18913
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-538.png
redbook-ua.org/media/images/main/preview/ 14 KB
15 KB 232ms
141ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-538.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ccc57a4989042d6926c11ea5fbae397be29ca7f9d56fdd87919397724557de1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-3849"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln%2FLNq%2FBFjXoa6QYkPwLKYTEq2Q7gkKpyFmLR2EbrwfEAhsf4btYke133RSkqzyDhbf0oZe324jJ0hCpmCaPyW%2B0qbSjhBB7TewCAxHGizPkWrQpB8XB%2BpMSly3DuacfJLeJJNaAx7%2FlaOonBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a069b296993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14409
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-533.png
redbook-ua.org/media/images/main/preview/ 18 KB
18 KB 288ms
189ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-533.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d76677e8e6e5ba78ad2942c503f7a402c971d21321f97b052f8098e69e2951c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-465d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVDnKNopCBnF8cSPONt3EpNxeubXq%2FsGbzn6YA8f9XsHLkg7oURDeGWZ851RXSy1GEdz%2Fc5kl7kMNxnT8b3vcT6YaUi1fxXZ6IwPzjdeJLBF5SJOv3QHz%2FVagHNQ%2Bxbs6qIa4YHLiiuIsPvZWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab376993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18013
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-534.png
redbook-ua.org/media/images/main/preview/ 15 KB
15 KB 288ms
189ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-534.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59789db6c95aafcb83d9dfccfc7224d506a0018b7cde78219b3024bf750bf729

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-3b22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0witUUryormATwxUta5%2BSjHNiZoCFGUBdmNyPISRZxot%2Bvj3fisWTkM69UjBf%2BTAsBDKCfcjZDCdl2FbelOfFc1nbqEReVJpzuj21OjzP24KOHui79YDw8L97MNFdHhuz9WwHxYS22r62pI5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab3b6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15138
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-506.png
redbook-ua.org/media/images/main/preview/ 13 KB
14 KB 290ms
190ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-506.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f53e78028e37fe6cf01e600bdf3ae08109ae1be4ab6b8c2640b84b2fca6f653c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-356e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyhwnwxF8OnBKJ2PnMf0El1eop56hie2FFn6rLoc52C5S9cdCb8N8EuAkcvZZfiYMDDjSc2bTWptK3oRV%2BqBPU8uan1jj%2FymOw0o8II20QGRfM92S1APwtkITEQkX3s7kGEIsY9DxraD9IwGcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab3d6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13678
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-395.png
redbook-ua.org/media/images/main/preview/ 7 KB
7 KB 208ms
108ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-395.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b98cf45214e664463bd5dcd0f072ee06ab460723f927368920a1129e215ed02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-1c03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxH4n6pox8DP02BNJ1IVzTHHObsDvvHOjwejitjKPk9fkCfIzU7Ds0aVRhV1ny2kMKmBOrM9YylzdmvTT5j5K8t7A9rXRRZBLfi4g2r2iXBEorsKen1%2F0KZQPS8EoCL8uKriN6wES6Iu21DTdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab3f6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7171
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-104.png
redbook-ua.org/media/images/main/preview/ 10 KB
10 KB 209ms
110ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-104.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5041a5ddd9e4726e06a05855ccf8083f2cb04e8889387f8a5fb93f7bd84a2617

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-26a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eW0yOc%2BsSUZ7ZxYHchTElwKBpRBxn3%2FwwtxPBtsJJ96PhE1Rl4XgIsPsfFj7eGrDcLUrI95OuIhjl7ttoSa4chIpXHS8PTSl5Qwn1PP%2FQ0VVs%2BVm8JZbvX%2Fn64Nov3uy%2BpsNl%2FIMWjd8oHlSQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab416993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9888
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-515.png
redbook-ua.org/media/images/main/preview/ 19 KB
20 KB 290ms
190ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-515.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d93cbc857a41f716f6b402d6ac4495f7adc3b2b1bd0a07119a91ca075a45c479

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-4ce8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVWTqz6W5SwFkJbdNy0K1GEv4hTUN4UyAexcxAqZjsMlCFCwq%2F%2BmAy7nxNBgcbL9fAxB8lNCA8DQ3RtnErUBAiyH3PzaAfaEFm6O4WJro%2BEyD8YsyjZzqchv2sVZlXKcJ3cF6N56U387FuuHGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab426993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19688
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-379.png
redbook-ua.org/media/images/main/preview/ 19 KB
19 KB 290ms
190ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-379.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3d0d5968222b3e776445ca4ff56f6a17b59f31d7db40ad1c7c11c4af8b06dd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4b0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6p3OGPRbu2UwQII3MATXoEcUIgXsWI1X9Qce5QdwAtZZg0yHSI%2FmsS1gkKTdJ9VHmQ0S7ams3Q%2Bdz7gXfMYZRLXxKRS1c22Z8CI05awJmyw4nmWDLhWW70fqez6sdnFury1fdORW3imiISQIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab436993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19215
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-380.png
redbook-ua.org/media/images/main/preview/ 19 KB
19 KB 298ms
198ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-380.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f60fd65a019044a0c02860bf8c3a2794503dd3207577cda423b3a667a8e937

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-4a81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PysEJlcyUyYY2imorrOIrvqbTVSBaQi8JclEHXS0rRThl%2FgC3RV8ahr%2B0rdoGhBJUqpcRYEh1LvNMwbhzqknrsnQ%2B841BJYRhxLF4SVNUgPxdsUAvsz88TWHzFiXPQkUhF7gDV4d5qD9bxfZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab446993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19073
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-421.png
redbook-ua.org/media/images/main/preview/ 8 KB
9 KB 228ms
128ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-421.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88241e560607c4c7b5d0911a7ddaf616d363809850fc78d0eccbc37a61eb68ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-202d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVS%2BbTYKxKKUbxpl2zTBq3XLhg5c6QIHT9gPePmKncSfoGxFQgyZ6rNSaiq6CVNvJC6FWcvDMRRNQLWOwGbshkj0GbTwyPpjPXR%2BhrihAJOqHDluBZVoahsEUi%2F0U7xZweiS7nbRUc231FAI8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab456993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8237
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-387.png
redbook-ua.org/media/images/main/preview/ 20 KB
21 KB 308ms
208ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-387.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0140231839b614ccf2fff22f7dfef62039a68a6a1a89c16a1eae732baa324c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5150"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AO9yFdW5eiS6PPSZp8qUJQ5lJfWWzE%2F3A%2FDFZs0pW9Fy3bDf8CASZ8CRiyU8aebWwlkgpuuvT5Q%2FUuhVugr%2FChf0qBKMNh7o3mR1zr4iqlIsJ4i5uaIoruA8%2FJ7HIPuQiu9rzFtl7gQuzHotA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab466993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20816
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-531.png
redbook-ua.org/media/images/main/preview/ 17 KB
17 KB 318ms
218ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-531.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ea1f9a0bc57adc7fe4100d801d0b91e8e9853feee08111f97f6320098ae498

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-433a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDuml4J477YsJO2Crbl%2FuVePsZ%2BCxIb%2BbA3Thjgbh0zsygmqKXzRqrgcjX8iBwcTAPB6i3oK4bOsdIBtV7GmaC8ESqKzl9lyaE2KOR5DF18AJ1cwCuQUldvcQYTceKBlXxYiQDHPFvMiGcYE9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab486993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 17210
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-542.png
redbook-ua.org/media/images/main/preview/ 19 KB
19 KB 262ms
162ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-542.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c492c9e36c2fcf1cff0a30d82d803c1f52fc4b71d789a7585adaee8982771b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-4b61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0H1tFeTz2xJ55uWfK76fMVv%2BElg2rzNrkrGsMe6ynGUIo6ZeeHFxIu4GE%2BmeLNRgOq9WaSLCIDRhXIQWmGWGu%2BqV%2FLlMgIJMaFxFB9gHNk9KjqZbkAEjzP9Ixi360AcusyPOVEqThjxaXjgjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab4b6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19297
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-382.png
redbook-ua.org/media/images/main/preview/ 19 KB
20 KB 264ms
164ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-382.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dea5b2bfbec75acdd536cde55aabfd55d6e185d5757b2fe7a60d16b06405de9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4da9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZot9Dr5sgScv5HvDptV1yMDLaaBZ%2BfdfeIZvmVV4U5t%2F%2BaB3jLreotvwPupMG5erU%2FmKPG%2BhDFs5UswPphk8xSg%2F6ISzNwV3OEyT%2FtgCyBBuN2bTo0YU098SmpBzA1MmQrrT5Rbks7OqY4h8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab4c6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19881
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1054.png
redbook-ua.org/media/images/main/preview/ 21 KB
21 KB 253ms
152ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1054.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1c5c3f20bf0c6d444fdbb767132b6f7abf5bf4803f0594b470015acd186f64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5352"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1k25Nz5tDOcECaSLynL3hvpTCFB2ZT08xXxdLzOM953UeUj9cgu7trOmYbgVymmIaAPrsz1ngzWM9IV8qkL6B16t1zQJOGpQ2lU2D53zpETNy%2Bf3dRlHRPaIEFk3Pb%2FIYbgFq5lAdrBxrHGNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab4d6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21330
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1543.png
redbook-ua.org/media/images/main/preview/ 22 KB
22 KB 251ms
151ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1543.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97422851eee67c55c5fa6d5cee470911b6074ea910f7c08d348a1c4d5136cf86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-57e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdf31UXTBgdTCG0B6BE0LyRqt2v5WdEt1BDp2fBxujmyHXZLNw6w5czoHkvivXSBdJYn72Fmlo52Z%2FqPm7vdezcLdtKb0mMT7egtgOJelowFSBIe72TVbpoF63YyFHe5rhQEo4FPoGj1zEpjDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab4f6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22502
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1132.png
redbook-ua.org/media/images/main/preview/ 19 KB
20 KB 319ms
218ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1132.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc6e1903956d84a5fb1060c2b120296f5db96abc7ab0fdad75a6027b8957a89b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4de9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Bd6RT58abxvJol%2FlEUPYF74iQeYDPFV62F00oo28rWsLC9a4r4DmWD8eSyOehpXAf2F7CqEn4S8tC7Rz%2FlYzGQQ1KqmkqUhvGUSecX5oBJzmVBVUepnv1bWmyaAHc4cUxChSKm%2BPPc7BNsvbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab506993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19945
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1790.png
redbook-ua.org/media/images/main/preview/ 11 KB
12 KB 233ms
133ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1790.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e99867ec7eade9855bbcce2d9b6bfc07765eacddb58ed0c63c64263c380faa2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-2c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1XsYUj10gV%2FNfMmUUtosZBlyQ57N%2FhuhZHb2NtuAXOdpN1w5PzTG6CCRGwSZcPtBn3s9tVlA%2BO27fznEr%2F%2B0BxVmGgJlHUi3Ztbgbi55npypmQxEIzgemHfIQzbPlJuQU%2BEr3Yx2GpZL%2FvSgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06ab536993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11398
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1555.png
redbook-ua.org/media/images/main/preview/ 23 KB
23 KB 325ms
219ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1555.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c8cf1e507dec91a537d7f6aabf32e290b92a2dac632bc2f5d31f37c295016d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5a1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZg2c2IWQO1yhmo9yvo0sWFx%2F6mrBZjVjlvzaSgz3Uy15N8nMxLQ%2FGoZ1RrvrRjOssNWl6URkVollGdgEtfzBYeFbQtXSKHOnedR2hVRP5micZPGoN9BiYqiEGEVV%2B9jAjhwXlpA2sc3BZExOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb6d6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23071
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1285.png
redbook-ua.org/media/images/main/preview/ 23 KB
23 KB 355ms
248ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1285.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa32e7354559e007f97fc62242176f5d1250bf12f4cda335c229bc536c7e63d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5b0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTBRB3n7NBRWMzs%2FNd3fRSx7B9%2FUgxvgHym50mbNTZbCSV%2B9PijX7r67tEb52EiRSpWT5gaCh0%2BmrTJcXLHXmXDLVhR15CMRgUnEf1Ax%2B5BX2FWibC%2BZpPPF8GmuXqvoG4KEvuW%2BwwvyS4BDtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb6f6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23310
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1140.png
redbook-ua.org/media/images/main/preview/ 21 KB
21 KB 376ms
269ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1140.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefe4ee80cc078ef30d7be6e5b8544ac998b4ffa6697929e808a76d181af273a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-533b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2AHTbL5BsNHvGevkxoGCZ4gqvI%2F9SsF97btI5j%2FeF%2BpohZoML5qC1r0GRsUAxfGhORW4ZguBDD3qfxPVMCR3d6VKYZ%2FYpLPuW7bCyl72CRqti%2FkiYEFP%2FcUZ9gAk64K1sCufcBYMsNrceXTAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb706993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21307
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1051.png
redbook-ua.org/media/images/main/preview/ 22 KB
23 KB 377ms
269ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1051.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfbbb4ada850ba359ca9c83bb265e25ac8f0e4319a6819fdb68e75f9fc35ae4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5957"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ox3Kw9oZsZdsWcJHurBtqqFrt8xaMygxxixZd3QR3RCV6OBGg3BGeGHPXaWloE%2BIjouMpCq1Lw3Yd20sSocndDOXvJHOEpABB9BG2RHT1jZsR%2B2VhsJzaSS8HNEDi7VwPIRTpLjdf5JVpdmesg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb716993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22871
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1556.png
redbook-ua.org/media/images/main/preview/ 21 KB
21 KB 430ms
323ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1556.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5756002911aab127200b2ec87b35074ea5c7b189d513b5c4bdcae8f08cc47e07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5370"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwQGy9lKJQhKgF6pL5C5JLxhy2La2bCFA0RSNtjBZz2sSZjxLV89Lt%2Ftkj1gI2ZCw041HjoRT5IihQ%2Bir%2F%2FzeqQ6JmM4uapn46QW07UE29RJjlqY%2B8%2F5z6lbzy1Lu1gKmOnakiVpDFgLWm8H7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb726993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21360
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1528.png
redbook-ua.org/media/images/main/preview/ 20 KB
21 KB 442ms
358ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1528.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a008d9abb598f6455667b388dee9eb43e3b9cec1c7a88b96b174d06cd93f1eda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5032"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byaLIFPnBfJchI5X2x0sIweikXWW5Z1AyGT%2FgGxwbhtKbvSlHxBWFNot3HVmbRnSdbpoOJvR7J5nqdPYFEXWwTiYcFleEZBr56oSZ68k%2BSJQxqmHe%2FIdhz3jAp%2F92BG3MDtakTsQGI2b7jfm9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb756993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20530
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1112.png
redbook-ua.org/media/images/main/preview/ 22 KB
22 KB 445ms
364ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1112.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbde1e3f8ee5806b7be86adde189aa0e976f286614e0278559b561d4164005bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-56af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFGqNmfZwqG375J1BWoiN%2FEoo1dZkMvva2Fc3p713Fs3GaLyZkhBNsQuL7TGKFQVifxSgh1jRBuNnfM%2BzvAoTIGKRv5ZfeckgN6AQOXE9QMeO%2Bq0n1GDubMedtTX0TRq6%2BynWK8YbDsJkqJn%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb786993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22191
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1039.png
redbook-ua.org/media/images/main/preview/ 22 KB
22 KB 449ms
367ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1039.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe516c3bdb81a14010e66cf4b4cfeaaea6fbd495f2b6fd9bb1fa1a01f338516d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-5776"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y91iOfVNv8O7AB1ucDVGHBblt8XJC2RDVov97erI3Nr65F1de0p8gyGIG5xHg%2BvuQS9NGH6igTsJKFL6r%2Ft7LaEigfhAmD8xip61EVCtovqHSfI9NhJmm4L74CQL4jS6tr2SfUWf0dNTrBCEgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb7a6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22390
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1139.png
redbook-ua.org/media/images/main/preview/ 22 KB
23 KB 501ms
419ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1139.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf75af7bf7ade5d3d161c2dce1acefa5f60fd2906f585714d93c1bfa159e70fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-582e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2La36KjMwlhpL3JN4JMB72qDjK%2F6yTFJdB1Qld6XaMVT0JKAhxUMoIOyTndzO5KJvK8MSK8hIOL1mMTPhV1YdXKjLEtdZTvb4BANDKm7rRwhiJUedTsG%2B3JFCwu%2FPr%2FviniBMGYRVy0rMLD0iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb7c6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22574
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1155.png
redbook-ua.org/media/images/main/preview/ 20 KB
20 KB 518ms
436ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1155.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b69146068c673ec1ae8d8964dc42d39541ed2e12484074035aa3d108e52532

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-4f7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsZCiVBvq4uwIK2X0V30CzHh5YzwMCYJ8OBRqadICVdVFsx8uVcGOpbFSLPB1k1gte3Avaz9EJRp1ZBzV0bf2T%2BsyL03Ify0fqbZoBT7WtHSg2QtsdILF%2BbVf08uoFvc1OkV%2FvhDo7e%2BEa%2FOIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb7e6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20348
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1010.png
redbook-ua.org/media/images/main/preview/ 20 KB
21 KB 522ms
440ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1010.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6312cb2f28d1ded31f3f50e602cc29a8ce05800ce3817d0120efbfabfbe1f5c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-519f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTrTMiMu8JZr%2F%2BAXK7LNs6hG9YvTchG%2F%2BtNo4fSKZi2jEIL9dXVCmNzF5JHMkEIL6Po1ItQU5ulhdQoECJ%2B9NbmD%2Bzer3QjIYLXbnM9xgBx%2Fl7tBDQI2q9nPvhEHoyS%2F3TKLU%2BoArd0He6xM8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb816993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20895
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1603.png
redbook-ua.org/media/images/main/preview/ 22 KB
23 KB 457ms
374ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1603.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b1e411482a16ce2ef2a1b56195c81e4acf4ded4339ffca9e8d3ed25290d2de7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381f-5964"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H95xst48tz0h44Sa71ONX5OEzlWqlM4yXY5ut%2BC3EHwT4pQT1Ulvk9g5TpeZQvksl1P%2BFZrT%2FdbW9pacrx6S4GL1tZsqEl0ko%2BD185kZHZQpA3qKryPUAGGTjHfgd0UUt88PKpbMRtDgAbwNBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb836993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22884
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1110.png
redbook-ua.org/media/images/main/preview/ 21 KB
21 KB 465ms
383ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1110.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a907e749830dba85182a077854ff66520bf00c83221cdf703be573be83e5b274

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-52b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt%2BYbOYFbL01uNh2bWkdjKoeeSk9h324Wqu%2BafRfQON1CBAwZI3JcdCQ%2Bb3VI0wH0GznC4J%2BfkTaOawJgUKIO8WXcwBHKeFrPu8pA5PO6kO75g1hMfzCBzQQWtLIO3jOUAM5ge%2BrBA86RCD4BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb856993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21170
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1774.png
redbook-ua.org/media/images/main/preview/ 22 KB
23 KB 495ms
413ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1774.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a7f18b333e09b558f817aa76119085a686d9b09d45a8f9a7af6da817c85d43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-59ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5N7N%2FooDdVBk2Nd0Mq2GmdvoY94R%2BVZ2efuPChuiojMFXwPtnN9pp%2FanHpH0IHNy%2BC8DyTE0Bi8QxJzWSedRrkgiIux4io%2BlVP7wLOacsteiziK54ROa4dGbi45%2FNdAMON4YzhWgXQpOobxFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb866993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22957
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1055.png
redbook-ua.org/media/images/main/preview/ 23 KB
23 KB 524ms
440ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1055.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7750353455871efe3b3b53de0d339817b5d6892ebcb1673f2b731aaec8524ddd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-5aea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTtvKG%2B%2BRCKH2IAGhCfqXstFQAE%2BEjZKnszDRMO4ekFR31UV4gsoQNb4jKbq4%2FnMtXhRhkBwiYFcZDaIqYOepSlGVDFOJ32T0dT5Bh9iMtJVdBXxmWk7xx8SpJhCpcIzXbmloeztmEuIQv0J4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb886993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23274
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 a-1413.png
redbook-ua.org/media/images/main/preview/ 22 KB
22 KB 558ms
474ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/main/preview/a-1413.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fdfa9cc09ef9dd45423e5488e2d8728b7f45b59b85a50f28b34c9cf7984893a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: MISS
last-modified: Sat, 01 Sep 2012 16:30:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5042381e-56d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beHWNkgbwDJJGG7%2F2DJ9PYOFSKrw%2BC15wmYXdTDM7cCU8JdNDd1ycFjZGsWO0HGt4GcAA5wgQ7Ml6uAFT%2FyuqFgzcbowB%2Bs0W5UWf9i06RegPru%2FLvQrY8kL%2BpLyqd4zfBTFS1emKzvkzla26A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06cb8b6993-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22230
expires: Thu, 15 Jun 2023 10:06:13 GMT

GET
H3 200 email.png
redbook-ua.org/media/images/ 314 B
813 B 107ms
27ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/email.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9307350e913084f2d9cdc3a554c5272af7d0d1c38094d604e145f7d39a3224b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5175
alt-svc: h3=":443"; ma=86400
content-length: 314
last-modified: Sat, 01 Sep 2012 16:30:32 GMT
server: cloudflare
etag: "50423828-13a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5nnyxqhrDWD7faoQUCW6hGVDqqnPxRZ8wHJYbFFZPKvML0CPW%2FlkTQ9lfDQ4AWR2fCIQzp5pX%2F1wrRMUwyD8bZInAZAAaikb4UisILmDxlAQcd8S3H%2FzPLjY0zX3tHlyLromd%2FGSOHWLda6dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06db8c6993-FRA
expires: Thu, 15 Jun 2023 08:39:58 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 180ms
16ms Script
text/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 08:10:25 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6948
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 05 Jun 2023 10:10:25 GMT

GET
H3 200 top_bg.gif
redbook-ua.org/media/images/ 6 KB
7 KB 104ms
25ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/top_bg.gif
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/media/css/main.css?10437c4705e73f5d916850100a4123b1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62207c1a1b5a19e4494fb6bf6f07745c7c6c3cea94b4894efc870f38ee686a94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/media/css/main.css?10437c4705e73f5d916850100a4123b1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5175
alt-svc: h3=":443"; ma=86400
content-length: 6611
last-modified: Sat, 01 Sep 2012 16:30:33 GMT
server: cloudflare
etag: "50423829-19d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raeTbbMx5GjI17RGcQI81KDblHPhuX3KhcGh6agJ0eWQFLlGfgl7xvfxTyWRvFTH2s69goRyIOFX63gPO1P0BxnaRKdf5Px7RrYUMro0l9zW1yWFlA9tDrfmL2jt7%2BWwxaiWckzb4Y0zOjXhYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06db8e6993-FRA
expires: Thu, 15 Jun 2023 08:39:58 GMT

GET
H3 200 header_bg.jpg
redbook-ua.org/media/images/ 17 KB
18 KB 109ms
30ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/header_bg.jpg
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/media/css/main.css?10437c4705e73f5d916850100a4123b1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e0910ce070c529c0eb6e61d31d8d3443bcd1481f9161a881ee1bdea98e62e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/media/css/main.css?10437c4705e73f5d916850100a4123b1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5175
alt-svc: h3=":443"; ma=86400
content-length: 17610
last-modified: Sat, 01 Sep 2012 16:30:04 GMT
server: cloudflare
etag: "5042380c-44ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtCzuzPZe5ud5hHUrAfk26p1nszQbKTyWHNc5ddDIF1v6uRODcGYpjoTelH7UokdzOTfBe2B%2Bv04hsqiarS96t%2FeMGmv8KJPjZwB240BqDM6GKdwuFDliln0pgmkSgEF8ZjqM3V3q3HS1JLsDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06db8f6993-FRA
expires: Thu, 15 Jun 2023 08:39:58 GMT

GET
H3 200 flags.png
redbook-ua.org/media/images/ 1 KB
2 KB 119ms
35ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redbook-ua.org/media/images/flags.png
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/media/css/main.css?10437c4705e73f5d916850100a4123b1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f903d452f62591697ad66fe6e26fb576a93fa8fc0259e63664c1f59a96d4b23e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/media/css/main.css?10437c4705e73f5d916850100a4123b1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5175
alt-svc: h3=":443"; ma=86400
content-length: 1399
last-modified: Sat, 06 Jul 2013 08:58:12 GMT
server: cloudflare
etag: "51d7dc24-577"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YD5xoM1zYBUXPuhzT8cYCu5vCWhRFow1R7dKfRjPIzJl7plkV0VTQoOsXgRtugQ%2FZI9RgIJ%2F%2BSkfnzuJXeLql8wmcqyYB0QKvm62R9ZKdXc0OT4NrS26A38ahpabfjgwaaQCWTH1Nf5gAq1bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 7d279a06dba26993-FRA
expires: Thu, 15 Jun 2023 08:39:58 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 351 KB
118 KB 107ms
84ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3903069020055393&plah=redbook-ua.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39e70d369591989c6ea5138ce676817ce96e76b93715f66bdb19cc860fe97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120672
x-xss-protection: 0
server: cafe
etag: 1123730416751993529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:06:13 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 24 KB
8 KB 396ms
21ms Script
application/x-javascript 167.235.177.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024479.sapientru.net
Software: openresty /
Resource Hash: eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:14 GMT
content-encoding: gzip
last-modified: Fri, 24 Mar 2023 20:31:30 GMT
server: openresty
etag: "641e08a2-1e68"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7784
expires: Mon, 05 Jun 2023 22:06:14 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 301 KB
86 KB 122ms
0ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=5c19fa42eab7e683f2e1f4ee77d09a86

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0ab788ba3beca53a39a13e0283348afc22fed2cd14bd679337ba55017591538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://redbook-ua.org/
Origin: https://redbook-ua.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 10:06:13 GMT
content-md5: qORPB/G/fax7zvGSLyk4ow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87354
x-fb-rlafr: 0
x-fb-debug: xWEA+kIe287Q2QKuPDV7enmM6ebsDXxfqLoQwL/tiHGiw714xY1ZP7vQU9CjqTHEzu/4uDOAYZ51Sr1TkwGivg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: be42b97272073d225b6a82839af40127
cross-origin-opener-policy: same-origin-allow-popups
etag: "5095ac9bb3dc2fb89c1655b2b0897835"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 04 Jun 2024 08:19:23 GMT

GET watch_ua.js
d31j93rd8oukbv.cloudfront.net/metrika/ 0
0

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 35ms
33ms Image
image/gif 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1046894233&utmhn=redbook-ua.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A7%D0%B5%D1%80%D0%B2%D0%BE%D0%BD%D0%B0%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0&utmhid=1736362392&utmr=-&utmp=%2F&utmht=1685959574041&utmac=UA-3732253-4&utmcc=__utma%3D19462075.850470903.1685959574.1685959574.1685959574.1%3B%2B__utmz%3D19462075.1685959574.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=364939410&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
607 B 88ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=redbook-ua.org&callback=_gfp_s_&client=ca-pub-3903069020055393

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3903069020055393&plah=redbook-ua.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07892dda0857d160a249add47c45c05561f87a002fa79f72fc5ef2e0a92e7d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 136ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=redbook-ua.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 122ms
34ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=redbook-ua.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E33D 147 KB
47 KB 446ms
425ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3903069020055393&output=html&h=200&slotname=3294104625&adk=3340214316&adf=212189784&pi=t.ma~as.3294104625&w=200&lmt=1685959574&url=https%3A%2F%2Fredbook-ua.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685959573530&bpp=98&bdt=346&idt=707&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&correlator=3744618509355&frm=20&pv=2&ga_vid=850470903.1685959574&ga_sid=1685959574&ga_hid=1736362392&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=26&ady=527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31074772%2C31074962%2C31074990%2C44788441&oid=2&pvsid=599797691981454&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoEe%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=whBt3lGZ0Z&p=https%3A//redbook-ua.org&dtd=819

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52eeff1a7b521cae9529835fe910d11c7d3acbbabb3a00cd1e2f58699aa77685

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSKrOzwq_8CFf365wMdn28AvQ&gqi=lrN9ZOnxGL7lkdUP872SmA4&layout=/sadbundle/%24csp%253Der3%24/8901959428609092028/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redbook-ua.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47463
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSKrOzwq_8CFf365wMdn28AvQ&gqi=lrN9ZOnxGL7lkdUP872SmA4&layout=/sadbundle/%24csp%253Der3%24/8901959428609092028/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 10:06:14 GMT
expires: Mon, 05 Jun 2023 10:06:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 oci.js Show response
www.acint.net/ 31 KB
14 KB 39ms
38ms Script
application/x-javascript 167.235.177.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1685959574475
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024479.sapientru.net
Software: openresty /
Resource Hash: bf7288917e351a089ba37e81822c3eadceb2706d165b28e3f9cc6acb113fc248

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:14 GMT
content-encoding: gzip
last-modified: Fri, 24 Mar 2023 20:31:33 GMT
server: openresty
etag: W/"641e08a5-7dac"
content-type: application/x-javascript

GET
H2 200 /
www.acint.net/hit/ 43 B
339 B 47ms
47ms Image
image/gif 167.235.177.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.5.1&uid=114d8060-fff9-4614-b632-0197d0d2c21b&dp=10&tz=%2B00%3A00&nc=28390522&u=https%3A%2F%2Fredbook-ua.org%2F&r=&rs=1600x1200&t=%D0%A7%D0%B5%D1%80%D0%B2%D0%BE%D0%BD%D0%B0%20%D0%BA%D0%BD%D0%B8%D0%B3%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0&oE=1&oP=1&dT=2023-06-05T10%3A06%3A14.473&fu=e4aea6f7-9faf-47c7-99cd-71fe8e9584f2
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024479.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 05 Jun 2023 10:06:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 97ms
25ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=640385393121870&ev=fb_page_view&dl=https%3A%2F%2Fredbook-ua.org%2F&rl=&if=false&ts=1685959574494&sw=1600&sh=1200&at=

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 05 Jun 2023 10:06:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/ Frame C691 15 KB
6 KB 369ms
105ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9423c1d6584c8c0c15c3bee20e36a0ac831bdd0613df137324aea2e25896058

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 199665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4651
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Jun 2023 02:38:30 GMT
expires: Sun, 02 Jun 2024 02:38:30 GMT
last-modified: Thu, 22 Dec 2022 11:40:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B81 0
0 184ms
165ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkB1DlrN9ZNTnHf31n88Pn9-B6AvB1ObwcLmU0Nr2EN7ZHhABIMe8qRhgkYSAgPwXoAGGkJWFKcgBCakCuHfyXPX2sT6oAwHIA0iqBMoBT9AlL91_Q8chJq0rNKCMjWRIVOFOIhUiXFiAcvJtkVbWyZtAkhSG4-LOflzfoaf72HK90STIa_CVK67hM15C4QMZnwC5dhxPfI5SnQ-vO0AF6C7KPp6_JGxaYQEGXq0CXQppcqQBPdUfdv-Q2yi8luT1BOtLozhJhSlI9TSjFqGAwrXCwODXL2izuAGrTuQcBoML0agEuUMJPKZ38y0hNisS6yafYCU_QNrrOqswHQ_deKGzVJu_1LEgwQfW5YO9A1-S9rSoJJ5PKsAE45PHi6YEoAYugAeGyOXkA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOvWCNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzkwMzA2OTAyMDA1NTM5MxgA&sigh=pDZKkLWGxKk&uach_m=[UACH]&cid=CAQSGwBygQiD7U2weiXeNUdQ3oDHDme_zNqV4BfsNBgB&template_id=419

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3903069020055393&output=html&h=200&slotname=3294104625&adk=3340214316&adf=212189784&pi=t.ma~as.3294104625&w=200&lmt=1685959574&url=https%3A%2F%2Fredbook-ua.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685959573530&bpp=98&bdt=346&idt=707&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&correlator=3744618509355&frm=20&pv=2&ga_vid=850470903.1685959574&ga_sid=1685959574&ga_hid=1736362392&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=26&ady=527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31074772%2C31074962%2C31074990%2C44788441&oid=2&pvsid=599797691981454&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoEe%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=whBt3lGZ0Z&p=https%3A//redbook-ua.org&dtd=819
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 10:06:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Jun 2023 10:06:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 9B81 22 KB
9 KB 296ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3903069020055393&output=html&h=200&slotname=3294104625&adk=3340214316&adf=212189784&pi=t.ma~as.3294104625&w=200&lmt=1685959574&url=https%3A%2F%2Fredbook-ua.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685959573530&bpp=98&bdt=346&idt=707&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&correlator=3744618509355&frm=20&pv=2&ga_vid=850470903.1685959574&ga_sid=1685959574&ga_hid=1736362392&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=26&ady=527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31074772%2C31074962%2C31074990%2C44788441&oid=2&pvsid=599797691981454&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoEe%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=whBt3lGZ0Z&p=https%3A//redbook-ua.org&dtd=819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:25:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7978 143 B
166 B 38ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3903069020055393&output=html&h=200&slotname=3294104625&adk=3340214316&adf=212189784&pi=t.ma~as.3294104625&w=200&lmt=1685959574&url=https%3A%2F%2Fredbook-ua.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685959573530&bpp=98&bdt=346&idt=707&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&correlator=3744618509355&frm=20&pv=2&ga_vid=850470903.1685959574&ga_sid=1685959574&ga_hid=1736362392&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=26&ady=527&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31074772%2C31074962%2C31074990%2C44788441&oid=2&pvsid=599797691981454&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoEe%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=1&uci=a!1&fsb=1&xpc=whBt3lGZ0Z&p=https%3A//redbook-ua.org&dtd=819
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 09:16:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 9B81 3 KB
1 KB 350ms
97ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 9B81 19 KB
8 KB 269ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B81 171 KB
54 KB 366ms
112ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:06:15 GMT

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 197ms
56ms Image
image/gif 167.235.177.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.5.1&uid=114d8060-fff9-4614-b632-0197d0d2c21b&dp=10&tz=%2B00%3A00&nc=90343803&oid=a8325618796c322a55c2d03b754d5b76
Requested by: Host: redbook-ua.org
URL: https://redbook-ua.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024479.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 05 Jun 2023 10:06:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7978
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

220ms
190ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 10:06:15 GMT
expires: Mon, 05 Jun 2023 10:06:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 10:06:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9B81 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fddbf02920a7d377870d671c8587dd949bdde8c10c129c6445c63787a9a5888

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C691 6 KB
3 KB 70ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Jun 2023 21:21:12 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C691 34 KB
13 KB 74ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 11:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 05 Jun 2023 11:15:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C691 21 KB
1 KB 383ms
0ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work%20Sans:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df8255a85af6ec308b5b9fd9a7e4443afbc777a73c3e506f3a6888ce37b27375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 10:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:54:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 10:06:15 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C691 60 KB
24 KB 363ms
0ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Jun 2023 10:06:15 GMT

GET
H3 200 i_pj4c_143eea9c-d89f-44f4-988d-9c124ae8844d_9b0113b0-c9b2-4968-96b4-550fa3f40b7d.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/ Frame C691 966 B
622 B 64ms
44ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/i_pj4c_143eea9c-d89f-44f4-988d-9c124ae8844d_9b0113b0-c9b2-4968-96b4-550fa3f40b7d.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c601ab42b595f582d6749e51cf13b944f94e54e5c7eef6c528b4241517b5d7a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 22:13:27 GMT
age: 129169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 592
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 11:40:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 22:13:27 GMT

GET
H3 200 i_pj4c_38056fa4-fcad-4b22-921d-d7b3978da2fb_a994b2f2-03f1-4044-ad29-4d4f7808f764.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/ Frame C691 2 KB
1 KB 68ms
48ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/i_pj4c_38056fa4-fcad-4b22-921d-d7b3978da2fb_a994b2f2-03f1-4044-ad29-4d4f7808f764.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1a9fb47d973cb755573f25b5f55329a0f85be4ef4759674bac474edf4587816

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Jun 2023 22:25:49 GMT
age: 128427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1165
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 11:40:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 22:25:49 GMT

GET
H3 200 i_pj4c_63166b83-c25c-470c-817e-88c5276ff80b_f1f4ac6a-742a-4b5c-9b21-a77ce761e413.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/ Frame C691 996 B
647 B 79ms
65ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/i_pj4c_63166b83-c25c-470c-817e-88c5276ff80b_f1f4ac6a-742a-4b5c-9b21-a77ce761e413.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6fb5002f07132f7cd6dd686d006dd6bd0cf7250d4503675b903f73a50747b4b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Jun 2023 07:50:05 GMT
age: 8171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 11:40:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jun 2024 07:50:05 GMT

GET
H3 200 i_pj4c_30a55e1f-3bdc-4cec-a383-ee13660a6f35_6aec38f6-2712-438f-aa07-f00974df3705.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/ Frame C691 82 KB
82 KB 42ms
33ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/images/i_pj4c_30a55e1f-3bdc-4cec-a383-ee13660a6f35_6aec38f6-2712-438f-aa07-f00974df3705.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8901959428609092028/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b8f46b63db9b2f141abf61e7021ba0f3d793908a09b87d696222d1523f15c49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 03 Jun 2023 22:13:27 GMT
x-content-type-options: nosniff
age: 129169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83740
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 11:40:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jun 2024 22:13:27 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ Frame C691 47 KB
47 KB 136ms
16ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work%20Sans:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 16:15:04 GMT
x-content-type-options: nosniff
age: 150672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jun 2024 16:15:04 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
46 KB 194ms
174ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adb6a16c2b7e8e1b2a4992722ad66753836b6fb60c20afbd48d42dae6a7008f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47424
x-xss-protection: 0
server: cafe
etag: 10847823476262986684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:06:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 178ms
124ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e36b8fb356df524d7c1de91a170d6b01477f34c23f7206c5a8a7c7c0a164c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11262
x-xss-protection: 0

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C691 37 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:18:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:18:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
68ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 10:06:16 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame F48E 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redbook-ua.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 61321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 17:04:15 GMT
etag: 15057649708203361565
expires: Sun, 18 Jun 2023 17:04:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 31ms
28ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=redbook-ua.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=redbook-ua.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5CC 299 KB
79 KB 700ms
698ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3903069020055393&output=html&adk=1812271804&adf=3025194257&lmt=1685959577&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fredbook-ua.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685959576865&bpp=17&bdt=3681&idt=17&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc8ceb46044b9ef3f-224820eb06de003c%3AT%3D1685959574%3ART%3D1685959574%3AS%3DALNI_MYa2z5KLgXfv5v7iiTVSgiznV6-Qg&gpic=UID%3D00000c2ce707a0c6%3AT%3D1685959574%3ART%3D1685959574%3AS%3DALNI_MbfOFBV6milJqJSPgJjj4mOSrR0pQ&prev_slotnames=3294104625&nras=1&correlator=3744618509355&frm=20&pv=1&ga_vid=850470903.1685959574&ga_sid=1685959574&ga_hid=1736362392&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31074772%2C31074962%2C31074990%2C44788441&oid=2&pvsid=599797691981454&tmod=223647724&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=234

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e998117eb71b9901d2ac767201e7a0dd69c810c1379c64a2b8bd5c83ae616634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redbook-ua.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 80572
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 10:06:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B81 42 B
64 B 84ms
83ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_FWxgldvSsW0q8z8ojd0x5Rz_0-rXdP33gMbJukHkM9ed5jNJe4MFEk3loxigVtRCa4jh0EcN0vVBKZ6AnSjXwB-1rM5smocEjwTU0MjGWpDytq_7GjpEpIJZNJNRq9QNW5HkdGEioXPUXyBJxwT3y1xdQeASPdM_K4irGF8fD98N3wGFffIo6G9wMixaGtWl11hgDekwx39HfLewCa7Z2nrcVDqjlFa-BklahmOCuskWrhhRSnjCRFsr2BsF8Hh7Lb945mPdxyeLBNhFx7ysc1s1_aHGPb3p_ldbGEtyMcdcfCeNQkeWzOl6ZtalTa_syW6N9GipgAGhvLKK029rnYfshU-dPw6zHx8PNKe52f7hidxH0bMEfU5NMV1CWJsqyQLxG_-HZvg4Upy3DvJLNICWiRNNSBJ-9hXR4q4-C1zkJLfShXTTH4Uhfegulpd5umZ5mkX9MGuCRzj1zOmI_63a2IQbo42sLBbQTY8dCSiDhYnGDRFAvb8eP3tNKVj4oZFrCThY1L6zr4NTJLCezDu59H-iyX0uUVa5cSJ5hRaO8mbUobgg_CQq-XTmgBd7Dz59pi1F9qCtYMEJYFh0jOUYcwe1iN6qMu5eZ4b-84TPIqMxkh08JnXJ3gtujnr2639ArUozi55Bk4b_K8F_urd3TzpzEmMWv5PTAfE7hOAtHVDQ4KrN-xGZ4ni_yO_APYV2GFi7r7v9Pc16CwLKUpG9KCTEEr5sThO8hhzX-rv8Fv866hnG9qM3kc0zi7QytsAwcpFeUk_cbQp5zWWLZv0LzgWE_1zf3_0PNavdhqzy5pA-AGA1lWG80SR3FoPZFFjtdevIrZ2j8C_lPDwD8mQGoS3p8sJc7OC6aDf4R6I4hYmHhNemfaOZcEfuhfLCD4M426zzrCJhtL4V6WYpkCowj_vMySLmaKkIdf3u4TdkpY3kln1yuVBOSE5IpN8&sai=AMfl-YTM2iVsdkvadDlB1-gRfeX9moI3rhbbe0oeoNQOJSBCsMXCnmsMp5yS7Eb6osOj_S2OmWptCfN2EOU6hN-xXWukjxHu9DVVMw&sig=Cg0ArKJSzP2Js9Tx9vWREAE&cid=CAQSGwBygQiD7U2weiXeNUdQ3oDHDme_zNqV4BfsNBgB&id=lidar2&mcvt=1280&p=1,0,167.6875,200&mtos=1280,1280,1280,1280,1280&tos=1280,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3340214316&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685959574887&rpt=830&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6509 13 KB
5 KB 35ms
34ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redbook-ua.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 09:47:17 GMT
expires: Tue, 04 Jun 2024 09:47:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3AD8 783 B
970 B 43ms
41ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90b72260bf898800959cecd5e54caf3399e5e86d2f66dbd188c5fe5023bf2e1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aSj4zRV3oQH-qzPhyhInig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redbook-ua.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-aSj4zRV3oQH-qzPhyhInig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 10:06:17 GMT
expires: Mon, 05 Jun 2023 10:06:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3AD8 0
0 56ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230531&jk=599797691981454&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6509 37 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:18:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:18:03 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 46ms
45ms Image
image/gif 167.235.177.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.5.1&uid=114d8060-fff9-4614-b632-0197d0d2c21b&dp=10&tz=%2B00%3A00&nc=83583825&dT=2023-06-05T10%3A06%3A17.510
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024479.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 05 Jun 2023 10:06:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ 152 KB
52 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aaf8f3cdbf80944d9fbd2ef9ac62ec9fe976a64ec3c6bc6bcf8dd906b31a5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52794
x-xss-protection: 0
server: cafe
etag: 13094662590990081607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:06:18 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 33ms
33ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=redbook-ua.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=redbook-ua.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/ Frame FCC0 10 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redbook-ua.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 53769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 19:10:09 GMT
etag: 15057649708203361565
expires: Sun, 18 Jun 2023 19:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/ Frame 56A2 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redbook-ua.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 53769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 19:10:09 GMT
etag: 15057649708203361565
expires: Sun, 18 Jun 2023 19:10:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=eit&etc=393757325&e=1&t=5321&qqid=CPb30-3wq_8CFc3h5wMdzgME0Q&ptt=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame FCC0 4 KB
767 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 10:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 08:50:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 10:06:18 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FCC0 205 B
649 B 85ms
18ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 09:38:28 GMT
x-content-type-options: nosniff
age: 1670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jun 2024 09:38:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FCC0 604 B
694 B 86ms
20ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:29 GMT
x-content-type-options: nosniff
age: 4429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jun 2024 08:52:29 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/ Frame FCC0 20 KB
8 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 21:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 21:05:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 56A2 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cdl3RmbN9ZLfHDs3Dn88PzoeQiA2BgO_0cKvOksuwEffhor3AARABIMe8qRhg4QKgAcaJkdADyAECqAMByAPJBKoEzAFP0LyUjxJsRRHo85FvfQ8zG00AODbZmpLk75YoNOm5ZSoBJ2Z_zma-S-J9Lg6wJ1i7cFvz8P12h-vWNMKfx7m9Xp4ARh9TtFZIvR37KNbfj3TE9pwTof0VVzT5XLKXyMOXd-Scx_SKddhxe1Iub5CzsjJPBXc5eNdfyRPPAQEu5Z4UXecMwQc8zFLia2HBAn5xQkKQTvDJGa5bsznbhvNwe4-2YGtMPM6tIuurGydM3K-ZarV3elWwNSJsRDqfH4EwDxm3OkwVyD93lf7ABIyTyI60BKAGAoAHovbuL6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENHVTtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItMzkwMzA2OTAyMDA1NTM5MxgA&sigh=MeSwRaEl3B4&uach_m=[UACH]&cid=CAQSPABygQiDzfB_mQT2mragSx64Nty7oeBe2p-PMGeCDflczXbG3gS7AypPpL7hixKePEGJWLFjSd3UjZqFbhgB

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Jun 2023 10:06:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 56A2 22 KB
9 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:25:58 GMT

GET
H2 200 redir.html Show response
p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6EBB 247 B
869 B 128ms
44ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4bd339672d7882398b8e73c55fab23cfba5bef9a821bf1c888906254abc32468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-0QV7_548IpKl-8ki50d-yg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 10:06:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 56A2 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5BB9 1 KB
643 B 22ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 57067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 56A2 19 KB
8 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 200 1487781412030859053
tpc.googlesyndication.com/daca_images/simgad/ Frame 56A2 38 KB
38 KB 34ms
32ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1487781412030859053

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

154757bd5ee690ad62c07d875043521b3009bee0232db6426d2032fe15898853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 01:05:16 GMT
x-content-type-options: nosniff
age: 118862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38947
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 11:19:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Jun 2024 01:05:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 56A2 171 KB
53 KB 85ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:06:18 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 56A2 32 KB
13 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4c6817adbcbb4c234205e60f4f844d1cf71df455a4040d25ffcad12bf8326e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:39:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13092
x-xss-protection: 0
server: cafe
etag: 7045245771777150193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:39:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6509 0
11 B 30ms
29ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HOAX2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 iframe.html Show response
p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 6EBB 5 KB
2 KB 83ms
55ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

7a49276f0aebef0bbf4fd98b595947daea85937ba48c16b2daa31ea39e9a4341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-sov08ilDR1yZMkhY7Na9_A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Jun 2023 10:06:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5BB9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFdmeqaKO94jGWkwJ6-JG9s&google_cver=1&google_push=ATf1kGPoPy0s4ntJn7JIs34AUh3i9jVNw3G1PFqDJ7NGcR_YcTAGbnHtGaWUzf3Ew7ltQGlQqp_hEtUR-lGh-KgBM3iT1boguHefMMc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU3Njg3MjIyMzMyOTM4NDc1NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFdmeqaKO94jGWkwJ6-JG9s&google_cver=1

43 B
398 B

37ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFdmeqaKO94jGWkwJ6-JG9s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 10:06:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFdmeqaKO94jGWkwJ6-JG9s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BB9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMCbKLeB8QiJcUq8wx9fVeI&google_cver=1&google_push=ATf1kGNNTKJLPT9SmYPIo-HfK0nIsEI9lGGjZ1WS8r5k32VMVsquBR9VvC7EqRCG6Gx7t_vz6Ngpghr0X1_3QuX_...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNNTKJLPT9SmYPIo-HfK0nIsEI9lGGjZ1WS8r5k32VMVsquBR9VvC7EqRCG6Gx7t_vz6Ngpghr0X1_3QuX_mZcunXkr66KSraI

170 B
188 B

34ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNNTKJLPT9SmYPIo-HfK0nIsEI9lGGjZ1WS8r5k32VMVsquBR9VvC7EqRCG6Gx7t_vz6Ngpghr0X1_3QuX_mZcunXkr66KSraI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 05 Jun 2023 10:06:19 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x28 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGNNTKJLPT9SmYPIo-HfK0nIsEI9lGGjZ1WS8r5k32VMVsquBR9VvC7EqRCG6Gx7t_vz6Ngpghr0X1_3QuX_mZcunXkr66KSraI
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 05 Jun 2023 10:06:18 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5BB9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ7EghmGj6oE1QFll0JVUlw&google_push=ATf1kGMEyTqw25C8kcrAFmdsbmNd6A4MXlBX7FaG1ZM0OpNFXm8oIvoNVS...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ7EghmGj6oE1QFll0JVUlw&google_push=ATf1kGMEyTqw25C8kcrAFmdsbmNd6A4MXlBX7FaG1ZM0OpNFXm8oIvoNVSk0Sir85s4fPYWOmPhwnHwnfG0JKaW1qLvdjI51T2uI2_M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21033-AMS
pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1685959579.066019,VS0,VE179
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJ7EghmGj6oE1QFll0JVUlw&google_push=ATf1kGMEyTqw25C8kcrAFmdsbmNd6A4MXlBX7FaG1ZM0OpNFXm8oIvoNVSk0Sir85s4fPYWOmPhwnHwnfG0JKaW1qLvdjI51T2uI2_M
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5BB9 70 B
265 B 387ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPS0dKAcFwwAvAEm2OiNUsU&google_cver=1&google_push=ATf1kGNCNF0NdkSR553_tuK8ZsPu1yKO0KjBmKKYinByGWNluVbKjixSJ99qxlaNiPuuSnS8amnNJ-RglpH95jjOofln_t5emet89AM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5BB9 43 B
363 B 77ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEIOd_5VYkrm7nANhUZLXhJc&google_cver=1&google_push=ATf1kGPiqnFn5isZ8kFTSE4AOqUeEDO7OERzyUf21nIdWkDhhEtDYMDEnB1_cpaafxDSavtMYPqSReyQxH31XJ3MOQX5hAGF-eAYfcY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:18 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 291408
expires: Mon, 05 Jun 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5BB9
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEDCmURQzPuJqTYRn90fINps&google_cver=1&google_push=ATf1kGOu8Tpa3M1Bkpz8qbiqOtUsa3U0KRUonwbz_fUaByi8EvHEV0gdolqvFr_ZNj...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOu8Tpa3M1Bkpz8qbiqOtUsa3U0KRUonwbz_fUaByi8EvHEV0gdolqvFr_ZNj6S4bV4nYQvNXhlMPngDlS43wpXiTqonBKkPeY&google_hm=...

170 B
243 B

37ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOu8Tpa3M1Bkpz8qbiqOtUsa3U0KRUonwbz_fUaByi8EvHEV0gdolqvFr_ZNj6S4bV4nYQvNXhlMPngDlS43wpXiTqonBKkPeY&google_hm=v456sObzTkmcEjkL2ZsuzjE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:18 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=ATf1kGOu8Tpa3M1Bkpz8qbiqOtUsa3U0KRUonwbz_fUaByi8EvHEV0gdolqvFr_ZNj6S4bV4nYQvNXhlMPngDlS43wpXiTqonBKkPeY&google_hm=v456sObzTkmcEjkL2ZsuzjE
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 5BB9
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFdTEXy74BSNRr-RJmgKEgg&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP-dgS7BPz4bhbCMkKf6e3z2eAl0CyMqz-cH4DcV4TbSoZE7mRA9RA4GjqtNRn_UCKySsJeoCgzz6ivPhajiYzdgJSTye2Fsh7Q
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

50ms
48ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Mon, 05 Jun 2023 10:06:19 GMT
pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5BB9 0
130 B 249ms
53ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLlSY-QJZJ4Bn6zbKEUOqsPtpEIvK_Mj-cLOLVcmCXsiv9MSP_-QfTyhkayCyeogA4VAnXfD0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 3945 14 KB
1 KB 212ms
134ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Jun 2023 10:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:12:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Jun 2023 10:06:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 3945 2 KB
895 B 146ms
136ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/ Frame 3945 22 KB
9 KB 145ms
136ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:25:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 3945 3 KB
1 KB 156ms
147ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Jun 2023 08:52:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5282 1 KB
644 B 144ms
67ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 57068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Jun 2023 18:15:11 GMT
etag: 48472445140208031
expires: Mon, 05 Jun 2023 18:15:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/ Frame 3945 19 KB
8 KB 146ms
137ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sun, 04 Jun 2023 20:26:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7991
x-xss-protection: 0
server: cafe
etag: 2412543371950383451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Jun 2023 20:26:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3945 0
0 139ms
130ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgnxSdiv4TMmROhk1J6WNgO5RiCqcGDKu1bF67tcK_dQKT4BUs_9a1yYqnq72kzrLhtMJdPthP1KlRDSUjv00KFDGdqA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3945 171 KB
53 KB 146ms
138ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54276
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1685532878231373"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Jun 2023 10:06:19 GMT

GET
H2 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 3945 32 KB
14 KB 28ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 31 May 2023 18:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 18:15:09 GMT

GET
DATA 200
OK truncated
/ Frame 56A2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a90adfc4297e9e9dc47a1604be13dc9dd7972a3248e52627e27b4fa03bb7695

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5282 35 B
465 B 94ms
21ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECZCG8nT8wTjQJtNezZwBm0&google_cver=1&google_push=ATf1kGOVQGaAHIp3iNbvkVZ2ODGs-bN3iP03b27_tfEPdhdZaPZS9VYGlJPrQ2ngARgbJhnxBlQ8sIHqMAjtVlK1kYvRZAJ3mt_Y-Kg9WKI45LwzHjXXbhQzy3LVD3MBHvYa1gdRze9KRhN1xmvAPF3f8sqgoKM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5282 70 B
264 B 38ms
35ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPS0dKAcFwwAvAEm2OiNUsU&google_cver=1&google_push=ATf1kGORSCif6D4xuBHLpZpGbUf7dnnpbVeg-jZlNEQuCszvHvgtQChvSVAlSS8EOElRprlR039f6ifAwRvfRzmaV17gS2mNpwvz2-Ml7k2nmqglIbMe3-hXFZZSv56NubqdHgzHfrkJbgV6t8qa_isqUiUVLGA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5282
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEON90xFoMh_-qw-naFdnX10&google_cver=1&google_push=ATf1kGN6qrWIPW9T5-ZT3yyaF_xEUtsJG3cQcc_uhFE3KaMEOOD_Uas5xK3hq-pJdq3bxjwwLHS1OPeee7M6Hsde12-DtcJ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN6qrWIPW9T5-ZT3yyaF_xEUtsJG3cQcc_uhFE3KaMEOOD_Uas5xK3hq-pJdq3bxjwwLHS1OPeee7M6Hsde12-DtcJNUTho7iUQVyR7BCbFsRI3tuItEpIDELq1C5WSE...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN6qrWIPW9T5-ZT3yyaF_xEUtsJG3cQcc_uhFE3KaMEOOD_Uas5xK3hq-pJdq3bxjwwLHS1OPeee7M6Hsde12-DtcJNUTho7iUQVyR7BCbFsRI3tuItEpIDELq1C5WSEZXX2JdV3D_8l0i91SY6j2pVYMo&google_hm=eS1CS0s1UDlwRTJwRmRTRHhBVF9fZnhFbFRGeTNfUUJVVX5B

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 05 Jun 2023 10:06:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGN6qrWIPW9T5-ZT3yyaF_xEUtsJG3cQcc_uhFE3KaMEOOD_Uas5xK3hq-pJdq3bxjwwLHS1OPeee7M6Hsde12-DtcJNUTho7iUQVyR7BCbFsRI3tuItEpIDELq1C5WSEZXX2JdV3D_8l0i91SY6j2pVYMo&google_hm=eS1CS0s1UDlwRTJwRmRTRHhBVF9fZnhFbFRGeTNfUUJVVX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5282
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyxtAreH...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyx...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxMjQ2NDUwMzA0MDE3MDM2NA&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyxtAr...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxMjQ2NDUwMzA0MDE3MDM2NA&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyxtAreHkkypIOnOSaNl1A890zeGZjJTb9MZlSiw_IpGfIoG62keKgnxIVqJFIGOXvIurpjm_kjCzUIXm21fzKU

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYxMjQ2NDUwMzA0MDE3MDM2NA&google_push=ATf1kGPy1TJmp8YFFGZUTbF14Cpzit0gtBBlUw6ywZQZF__nIF4YFCKmaX148k2l21wbtglJbyxtAreHkkypIOnOSaNl1A890zeGZjJTb9MZlSiw_IpGfIoG62keKgnxIVqJFIGOXvIurpjm_kjCzUIXm21fzKU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5282
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5Usvtvh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEG6XBZwPJK9jLdaHORCJso4&google_cver=1&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5U...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3OTk3NjA0OTExMTE0MzkxNA&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5Usvt...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3OTk3NjA0OTExMTE0MzkxNA&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5UsvtvhJa3PIXSkXj6mSM9hJlZw3jf8Biqf_Wg5aQoyotROlU-A8DXk84fdeV-IF9MbrCxbNDWN50wVbfvBww

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA3OTk3NjA0OTExMTE0MzkxNA&google_push=ATf1kGNGrlGINdhZ9qPC4eUUeVNZb-0IWb39E2y2PlzLnm1vGNYHCD2XLRMO6mziJa6Nj0qLP5UsvtvhJa3PIXSkXj6mSM9hJlZw3jf8Biqf_Wg5aQoyotROlU-A8DXk84fdeV-IF9MbrCxbNDWN50wVbfvBww
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5282
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELPujDDEccZq-O05XxDcOTE&google_cver=1&google_push=ATf1kGOVUSk-4MrbB3V2qVvsXiTQ-b3E7pj0Yowx8DioXmvvEXQ0CsBnxODTVz1dVrW9fTuOeYhp81TEH7FQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOVUSk-4MrbB3V2qVvsXiTQ-b3E7pj0Yowx8DioXmvvEXQ0CsBnxODTVz1dVrW9fTuOeYhp81TEH7FQ0Bjz5wS0GbNZHz8VerWQRsAAgNvdCidQDZUd...

170 B
188 B

82ms
81ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOVUSk-4MrbB3V2qVvsXiTQ-b3E7pj0Yowx8DioXmvvEXQ0CsBnxODTVz1dVrW9fTuOeYhp81TEH7FQ0Bjz5wS0GbNZHz8VerWQRsAAgNvdCidQDZUdKjAQQWmO0HwJQcJ9ltQkZHRS7VIJboBZPXXHaCY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOVUSk-4MrbB3V2qVvsXiTQ-b3E7pj0Yowx8DioXmvvEXQ0CsBnxODTVz1dVrW9fTuOeYhp81TEH7FQ0Bjz5wS0GbNZHz8VerWQRsAAgNvdCidQDZUdKjAQQWmO0HwJQcJ9ltQkZHRS7VIJboBZPXXHaCY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET googleredir
googlecm.hit.gemius.pl/ Frame 5282 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5282 0
12 B 33ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IrlxWHg5R9G8Lmqpb95NlSaQZ_p3_zsnWf1nyIofxj0OoRk3kEHrA4fyXN9XjJCid9ySlotQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 10:06:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BEC2 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230531/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:18:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:18:03 GMT

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B1B 37 KB
14 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: redbook-ua.org
URL: https://redbook-ua.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:18:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:18:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230531&jk=599797691981454&bg=!6eql6r7NAAY9J7QfHSc7ADkAdvg8WvUAw5yLiFFKFrZXlc-7swNMT9evDIVakcy0JKK5STL8ily7AzMB9yxVzPdkOMaIrnB3K10CAAAIZ1IAAAAaaAEHCgB9wSA9eQ09L5txZB03unpo3pH56E_c2AXFZlRCp5_Rv3RgScqFyQCHO8amZhF2XxTKeTgr9tGkzev6v0QhcvTiIXK5PUpP2guemDwByTtgJpazZk1buenoWb259yVatePYwOywIdFLS-jsNOhs74DKyzw4_KLAM2zS6vtwoKqZAvMhkILi2DnIYS8F22glTtD0rhiHDA0os8kfXy36xZCCwwMOP3dLKl3F-yJSRvBbV_4A1ZhFy8D9HgVbzEc0XaUr--_2y_YGPrGSz4wvQpm7viPeY_YkdnjWSlGMkaOoEn6HfqT9rpWsXdYajBxRFJ_Hf1TTF5ZVmebA_B87tHuTaO2rGcrry8HVOILPudjduLXFdGygoCGYg1-uMWTZfZwiwSH9rv7CKy8awUxSaZpPuC4RBu-_4NtGPb-l8gHUbIeQOsX9aQgxMQZZ6t3_VyHiKu_r5-MTuiTzXWNbm8BZfTaAOeJHMegfgeig3hU8zZrxwKPq7MW2npkAR9fBcC8VJllJ7z7Uv5LyYu0-eFu4dFitigt0_lXi-VrAqltOQjJtHT6MIhpLjwLn5XStbCmEYUQ_ZbPPEF58CwzGHXcDriGaImoHViaxkVgUEiFUWC-FlofNEL0mTddQ0GyqwrbikOSvZ6hyzi_HpdYpDElTwuvWpwM0Yli-VoCnv0HvhXBE0OMCx_cTuBGtgH8sctzrjflZRqbLBG8UtULu_Zuubv1z1qo746Rh1CYHOVQdkOnoZYNhiTHu6O4GHL09KM1dJg1lg-bmCavaaLEGp5jteig9PDm1Ddef_5bef5qqqm-yqlqRI66rZJOPoJoWBpBxQjulvK5id9dO7dWN9zR7VqoZOCguZm3KSTILCTxwtFxcobkquhggPA5ZxAhl-pt5Im3vdG2V5ujO2-sxToPBPmKbT_QyufZ_WZuCF03MssA6D8LwUYYlFCO8msuyqnISSxSoLdtefE67Iv9VV_uSshGH5TXf9tosLGMg7EdvejI12GNW6so83keAwC-e-ySZqaqyZjJjvqwSpUKw65CkQamK0RBu6J9mmSwhLGOXI6uSINYHzCu1elHMdAPta09EmzV-hgBE9mq6tiSt7wTwAIioCWW56ScNGqyEL-xmBBAPygqvAX5YV0-6UaFjEFqGu6I0gqL7u7seDEMqr4S-bLXQRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://redbook-ua.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 56A2 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8YdDUrHmDxwgxVmmoWGbrgCZ5uM4HSyLLsX9uA4DxP391djWtc_J2u__ykaYQ-jfn06B8JxheCcbeeVAlDE4sH9VNL3n5s-R1o1DhgNGwsmi0Q0ZLIOYj-y80BPH0h7eL05gbp4viGUWaHl6Ro807rFXCUs5rLdMgmLkuHJWGSpaY3OWMidOvpF8ED-T65Lq7anLIt1YNCcDVPgyLV06wDMqL9YofSRHdbY1-HnU4f9pF-oxNhIO1viaP2DU-viwql3TibnrxqvNakwVSMcRZ9kdPjBbpM81Nk_s9pWYZX-u_HjCLS3h6e_z56AW20u855sEcl5e5LNn_YXa-dhL7KQbstSG64rPFaoT6-5Pk2knEVy1tkbzvaNF5PDiw7QdTWHFWBtdj9drdGv8LFycAJFLyMij17LyvMvpxuJc06qT84xJSARQ-P_-aJ4CYhU33yY5dqU2YRm7otuQkcGmWOe9geqasaeqJ63hNR8ZxaqPJOqlgFIHzvawejZ8wOF_hi_7sd6YRbvVuuCvykGJvBM3xXPGd_yBC-WjZGo_DMt-n9PPhaihzMc7nOkdTZYo7S9OozTRQyyqKf0SMgi0soCvjuwdEfhfqNt136ra4BPgdETH-PWD-fLeT5ExWvlK9YUD8SRPHQdCbwIDuETy8p6QU7eX1Q04ZTMnn41Gbar5_x8piULyh4kOGaOjYXq_wzvCx2-opuwsi5L8I6jDfD41i7_Zrtp478PvVIvzIBgYp_m0ODdO7vDYJDR8Xl98KVvlhELZfRGQ37ikmARF-iNAiEvCMORMh9lz1ng_UoIpEst06hn7RCVxke4U2Y5Vb9Rxry7garer5PiHt6io1qvt6-b6qNiu7mYENGX9ePIaMsHqZB8Mcaldc2p66Xl42o6k8cmUWCpF9qOGp3AB9fy_vtaDWXcodreM&sai=AMfl-YS0weZyZoAPrplnoPXnsQpVh3f3D8citUZNKxN2VruroGdZTxMZA0s3lP0rSrijClGye_73k3wS12i16LpQaYL-KVRWzt_qYQi9y3M_YIwLGfGLBHfIb8wbHMDb_ujMFolgA8uN8qTbPA&sig=Cg0ArKJSzBUF6Am-BFfvEAE&cid=CAQSPABygQiDzfB_mQT2mragSx64Nty7oeBe2p-PMGeCDflczXbG3gS7AypPpL7hixKePEGJWLFjSd3UjZqFbhgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=662,1001,1001,1001,1001&tos=662,339,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685959578276&rpt=1064&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 6EBB 35 B
490 B 515ms
32ms Image
image/gif 142.250.184.210

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.210 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 6EBB 35 B
490 B 526ms
56ms Image
image/gif 2a00:1450:4001:80e::2012

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2012 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Jun 2023 10:06:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31j93rd8oukbv.cloudfront.net
URL: https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEG6NxoFOBnMylhzswawWRfI&google_cver=1&google_push=ATf1kGMNoVHhcU38SWU6Bd0-FBINpa3nc1b2LVSMRrMrd0pr9siXQMfz2u0YwWoksU5p1uL94UdcqiCuEU7z2Vd5ksr9LEcG3jCAzzDIO1W3_9Kp1xoHaRU14l_2cqhsXghWjsE7JoBPQydFcYSycRKY0hLZmmNo

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redbook-ua.org/	1970-01-20 21:55:19	Name: __utma Value: 19462075.850470903.1685959574.1685959574.1685959574.1
.redbook-ua.org/	1969-12-31 23:59:59	Name: __utmc Value: 19462075
.redbook-ua.org/	1970-01-20 16:42:07	Name: __utmz Value: 19462075.1685959574.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.redbook-ua.org/	1970-01-20 12:19:20	Name: __utmt Value: 1
.redbook-ua.org/	1970-01-20 12:19:21	Name: __utmb Value: 19462075.1.10.1685959574
redbook-ua.org/	1970-01-20 21:55:19	Name: fid Value: e4aea6f7-9faf-47c7-99cd-71fe8e9584f2
.redbook-ua.org/	1970-01-20 21:40:55	Name: __gads Value: ID=c8ceb46044b9ef3f-224820eb06de003c:T=1685959574:RT=1685959574:S=ALNI_MYa2z5KLgXfv5v7iiTVSgiznV6-Qg
.redbook-ua.org/	1970-01-20 21:40:55	Name: __gpi Value: UID=00000c2ce707a0c6:T=1685959574:RT=1685959574:S=ALNI_MbfOFBV6milJqJSPgJjj4mOSrR0pQ
.acint.net/	1970-01-20 21:55:19	Name: aid Value: fwAAAWR9s5aBngnUppezAozm8jwjoxmnvEnkNoa/7Lu5ka6d
redbook-ua.org/	1970-01-20 21:55:19	Name: _ac_oid Value: a8325618796c322a55c2d03b754d5b76%3A1685963175165
.doubleclick.net/	1970-01-20 21:40:55	Name: IDE Value: AHWqTUlfoo4tCFQmkzY0jksTrog2UAq_LdmdUtYnoXnhrvMHC3ttmMKEyzWZ-WWSJ34
.doubleclick.net/	1970-01-20 12:19:23	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 16:38:31	Name: uid Value: 8576872223329384755
.ctnsnet.com/	1970-01-20 21:04:55	Name: cid_bf8e7ab0e6f34e499c12390bd99b2ece Value: 1
.ctnsnet.com/	1970-01-20 21:04:55	Name: gid_CAESEDCmURQzPuJqTYRn90fINps Value: 1
.mathtag.com/	1970-01-20 21:45:14	Name: uuid Value: be69647d-b39c-4900-8bca-deb43be58f7f
.mathtag.com/	1970-01-20 13:02:31	Name: mt_mop Value: 4:1685959580
.everesttech.net/	1970-01-20 21:04:55	Name: everest_g_v2 Value: g_surferid~ZH2zmwAFM6KHFwAD
.quantserve.com/	1970-01-20 14:28:55	Name: d Value: ECUBCQGUKYEA
.quantserve.com/	1970-01-20 21:49:33	Name: mc Value: 647db39b-adae4-f1655-c6f95
.adform.net/	1970-01-20 13:02:31	Name: C Value: 1
.adform.net/	1970-01-20 13:45:43	Name: uid Value: 2612464503040170364
.yahoo.com/	1970-01-20 21:05:17	Name: A3 Value: d=AQABBJuzfWQCEDt4XYfF7R4i4nOrtY2sCYAFEgEBAQEFf2SHZAAAAAAA_eMAAA&S=AQAAAguhIO7zXOnAalMoW8QiGLA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.nl
agronomist.in.ua
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d31j93rd8oukbv.cloudfront.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
ius.ctnsnet.com
match.adsrvr.org
onetag-sys.com
p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i1-v6exp3.v4.metric.gstatic.com
p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-807673-i2-v6exp3.ds.metric.gstatic.com
p4-ehs2rm2rw4bm4-4gyrbquccejexsi3-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
redbook-ua.org
s0.2mdn.net
ssl.google-analytics.com
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
www.acint.net
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
d31j93rd8oukbv.cloudfront.net
googlecm.hit.gemius.pl
104.111.217.42
142.250.184.210
142.250.185.131
142.250.186.162
151.101.194.49
167.235.177.244
178.250.1.9
185.29.132.245
2001:678:cb4:bbbb::11
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2012
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:7a60:0:10a8::1
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:226e:dde5:5103:25e0
2a06:98c1:3121::3
35.186.193.173
37.157.6.254
51.89.9.252
52.223.40.198
07892dda0857d160a249add47c45c05561f87a002fa79f72fc5ef2e0a92e7d98
0aa32e7354559e007f97fc62242176f5d1250bf12f4cda335c229bc536c7e63d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d76677e8e6e5ba78ad2942c503f7a402c971d21321f97b052f8098e69e2951c
0dea5b2bfbec75acdd536cde55aabfd55d6e185d5757b2fe7a60d16b06405de9
0e39e70d369591989c6ea5138ce676817ce96e76b93715f66bdb19cc860fe97c
0f201fe52208471c863c292da4990ca7bb7ca5d58b3f1ea2a57095ff764c6848
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1504f55e3d35a5beb6a9c739fdb4ff9bf98aebd2eb0bf68874a91bc7ca0331e0
154757bd5ee690ad62c07d875043521b3009bee0232db6426d2032fe15898853
15c32c9e44e6ef7d32971bf5a4f4fcfafc66a75263a278bec23f409ee000ad90
17e0910ce070c529c0eb6e61d31d8d3443bcd1481f9161a881ee1bdea98e62e4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aaf8f3cdbf80944d9fbd2ef9ac62ec9fe976a64ec3c6bc6bcf8dd906b31a5d9
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
1cab04c21dba2f19fcaba7f799a34e3715720ec4ce5a267319ca8be2b7393feb
1e1c5c3f20bf0c6d444fdbb767132b6f7abf5bf4803f0594b470015acd186f64
205c9e7432e6b8274746c31fe312bc3941f8b543f51355af154e742ee6e7a95e
23a3bf8643b636e7d4fd23c1dba6e1a05424e62b1c84a361f9102870c49b2867
26f60fd65a019044a0c02860bf8c3a2794503dd3207577cda423b3a667a8e937
28c091df9ad8e8c31c8ef5678d10e6aaccc9f3277019128199ca4a0c59a4e81f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfbbb4ada850ba359ca9c83bb265e25ac8f0e4319a6819fdb68e75f9fc35ae4
30be3263abd14e733e37e83047dcbe88cb59eb622c74112b4b12e58da8c57f9f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
38a7f18b333e09b558f817aa76119085a686d9b09d45a8f9a7af6da817c85d43
3a90d2a6ce82298b3a88f4c92484132732b618f8e34efcba073417189759d01e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b1e411482a16ce2ef2a1b56195c81e4acf4ded4339ffca9e8d3ed25290d2de7
4bd339672d7882398b8e73c55fab23cfba5bef9a821bf1c888906254abc32468
4c50199b521fc7a6f16ed1d2ed2a5ebbc47046c84c66460cd779bd4616048405
4c8cf1e507dec91a537d7f6aabf32e290b92a2dac632bc2f5d31f37c295016d7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e99867ec7eade9855bbcce2d9b6bfc07765eacddb58ed0c63c64263c380faa2
5041a5ddd9e4726e06a05855ccf8083f2cb04e8889387f8a5fb93f7bd84a2617
52eeff1a7b521cae9529835fe910d11c7d3acbbabb3a00cd1e2f58699aa77685
53c492c9e36c2fcf1cff0a30d82d803c1f52fc4b71d789a7585adaee8982771b
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5756002911aab127200b2ec87b35074ea5c7b189d513b5c4bdcae8f08cc47e07
59789db6c95aafcb83d9dfccfc7224d506a0018b7cde78219b3024bf750bf729
5a90adfc4297e9e9dc47a1604be13dc9dd7972a3248e52627e27b4fa03bb7695
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ccc57a4989042d6926c11ea5fbae397be29ca7f9d56fdd87919397724557de1
5dd5752d240466d066276b41b9f9939f95f5012b924846b8040f135ec42935b9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62207c1a1b5a19e4494fb6bf6f07745c7c6c3cea94b4894efc870f38ee686a94
6312cb2f28d1ded31f3f50e602cc29a8ce05800ce3817d0120efbfabfbe1f5c2
636b7d1182b6c793d7565fafa1ec8c62c03ecfd652fcfd9bfd4ca0965b387834
6b8f46b63db9b2f141abf61e7021ba0f3d793908a09b87d696222d1523f15c49
6e728da92aaf78c09a6989b244868ce6cffb20a6c4787071ca7d41edb8c2f212
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
72b69146068c673ec1ae8d8964dc42d39541ed2e12484074035aa3d108e52532
7750353455871efe3b3b53de0d339817b5d6892ebcb1673f2b731aaec8524ddd
7a49276f0aebef0bbf4fd98b595947daea85937ba48c16b2daa31ea39e9a4341
7b98cf45214e664463bd5dcd0f072ee06ab460723f927368920a1129e215ed02
7c0060c8b59460f7111683fdc04065c23d81cd07b2150b4a5dfe3c8193117e61
80469a59e1b29311f8c6fba899f4bc5584ebd66e2d97883036a93fa561a6a3d0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84332bec040a8c863b108ea667fdfda69c9a7b9ef93d982214201976a2b88c0b
88241e560607c4c7b5d0911a7ddaf616d363809850fc78d0eccbc37a61eb68ee
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9fb0c4a3e8ce44fa09678d796accc5b420ae54d56f7b3bdd522914bfa212a0
8fdfa9cc09ef9dd45423e5488e2d8728b7f45b59b85a50f28b34c9cf7984893a
907ca5b8575b0f8012b0f28d4f809b7c9c7bebda89bd0cdf606ba88afa04dc61
90b72260bf898800959cecd5e54caf3399e5e86d2f66dbd188c5fe5023bf2e1b
9307350e913084f2d9cdc3a554c5272af7d0d1c38094d604e145f7d39a3224b7
97422851eee67c55c5fa6d5cee470911b6074ea910f7c08d348a1c4d5136cf86
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4c6817adbcbb4c234205e60f4f844d1cf71df455a4040d25ffcad12bf8326e
9c0d70abbb1865a393b5a5fd529a5a1fb4b1d88e2011a645c09f5fa761868950
9fddbf02920a7d377870d671c8587dd949bdde8c10c129c6445c63787a9a5888
a008d9abb598f6455667b388dee9eb43e3b9cec1c7a88b96b174d06cd93f1eda
a0ab788ba3beca53a39a13e0283348afc22fed2cd14bd679337ba55017591538
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17814d25d6a5331ead46c5a40259771ce4a2eb87424afc1041f4e3bc571c191
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a907e749830dba85182a077854ff66520bf00c83221cdf703be573be83e5b274
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aae46986adf74afc3f4a5035716e8f8744833bbc0c3c798316d84a5e34e5a496
adb6a16c2b7e8e1b2a4992722ad66753836b6fb60c20afbd48d42dae6a7008f5
aefe4ee80cc078ef30d7be6e5b8544ac998b4ffa6697929e808a76d181af273a
b0140231839b614ccf2fff22f7dfef62039a68a6a1a89c16a1eae732baa324c1
b9efb16ba7a89c02fdb3f5e728f7c9c389d8c55ce3b0b76c8d013e118c23692a
bf7288917e351a089ba37e81822c3eadceb2706d165b28e3f9cc6acb113fc248
c601ab42b595f582d6749e51cf13b944f94e54e5c7eef6c528b4241517b5d7a6
c6fb5002f07132f7cd6dd686d006dd6bd0cf7250d4503675b903f73a50747b4b
c8e36b8fb356df524d7c1de91a170d6b01477f34c23f7206c5a8a7c7c0a164c6
c9ac270f410b22a7fbb54fc87de46fbc88a1f23e14a43179100a1d4d959e1e8e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf75af7bf7ade5d3d161c2dce1acefa5f60fd2906f585714d93c1bfa159e70fc
d93cbc857a41f716f6b402d6ac4495f7adc3b2b1bd0a07119a91ca075a45c479
dbde1e3f8ee5806b7be86adde189aa0e976f286614e0278559b561d4164005bb
dc6e1903956d84a5fb1060c2b120296f5db96abc7ab0fdad75a6027b8957a89b
df8255a85af6ec308b5b9fd9a7e4443afbc777a73c3e506f3a6888ce37b27375
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8102840edf0a45730dbee7b74101b9ec8bc56c721c19e3202a0512afffb0743
e998117eb71b9901d2ac767201e7a0dd69c810c1379c64a2b8bd5c83ae616634
eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a9fb47d973cb755573f25b5f55329a0f85be4ef4759674bac474edf4587816
f3d0d5968222b3e776445ca4ff56f6a17b59f31d7db40ad1c7c11c4af8b06dd4
f53e78028e37fe6cf01e600bdf3ae08109ae1be4ab6b8c2640b84b2fca6f653c
f6ea1f9a0bc57adc7fe4100d801d0b91e8e9853feee08111f97f6320098ae498
f903d452f62591697ad66fe6e26fb576a93fa8fc0259e63664c1f59a96d4b23e
f9423c1d6584c8c0c15c3bee20e36a0ac831bdd0613df137324aea2e25896058
fe516c3bdb81a14010e66cf4b4cfeaaea6fbd495f2b6fd9bb1fa1a01f338516d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

redbook-ua.org Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

93 %HTTPS

61 %IPv6

28 Domains

36 Subdomains

26 IPs

7 Countries

1983 kBTransfer

3838 kBSize

23 Cookies

12 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redbook-ua.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

93 %
HTTPS

61 %
IPv6

28
Domains

36
Subdomains

26
IPs

7
Countries

1983 kB
Transfer

3838 kB
Size

23
Cookies

160 HTTP transactions
2 data transactions