dnepr.news Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dnepr.news/
Submission: On January 05 via api (January 5th 2023, 6:10:19 am UTC) from TR — Scanned from NL

Summary HTTP 203 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 32 domains to perform 203 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is dnepr.news.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time dnepr.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:802::2008	15169 (GOOGLE) (GOOGLE)
7	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
17	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	138.201.61.243 138.201.61.243	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1 28	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:f40... 2a02:6ea0:f400::4	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
4 7	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
1 2	149.5.244.20 149.5.244.20	174 (COGENT-174) (COGENT-174)
5	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	18.197.12.31 18.197.12.31	16509 (AMAZON-02) (AMAZON-02)
3 3	54.93.225.243 54.93.225.243	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
2 2	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1 1	2600:9000:206... 2600:9000:206e:3c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
203	34

35 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

dnepr.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.61.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.61.201.138.clients.your-server.de

top-js-metrics.top.my.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
landing.top.my.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.top.my.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:f400::4 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80c::2004 (Ireland) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.5.244.20 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.12.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-12-31.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.93.225.243 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-225-243.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.252 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:3c00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	575 KB
35	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 static.doubleclick.net — Cisco Umbrella Rank: 393 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	203 KB
35	dnepr.news dnepr.news	350 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	174 KB
9	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 323 fonts.googleapis.com — Cisco Umbrella Rank: 127	34 KB
9	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	16 KB
9	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 1851	4 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	828 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 23097 id.gravitec.net — Cisco Umbrella Rank: 111165	60 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	283 KB
5	my.ua top-js-metrics.top.my.ua — Cisco Umbrella Rank: 420918 landing.top.my.ua — Cisco Umbrella Rank: 470024 api.top.my.ua — Cisco Umbrella Rank: 445087	10 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	2 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4333	1 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 107	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 871	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 6188	746 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 16031	862 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 56643 api.gravitec.media — Cisco Umbrella Rank: 40542	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 113835 i.bigmir.net — Cisco Umbrella Rank: 202250	1 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 5399	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	87 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 914	445 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 998	764 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 35086	609 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 679	864 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1004	463 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	23 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 204	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	694 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	84 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	43 KB
203	32

	Domain	Requested by
35	dnepr.news	dnepr.news
34	tpc.googlesyndication.com	googleads.g.doubleclick.net dnepr.news pagead2.googlesyndication.com tpc.googlesyndication.com
26	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net dnepr.news
17	pagead2.googlesyndication.com	dnepr.news pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net www.gstatic.com
9	mc.yandex.ru	3 redirects dnepr.news cdn.jsdelivr.net
9	www.youtube.com	dnepr.news www.youtube.com
7	cm.g.doubleclick.net	dnepr.news googleads.g.doubleclick.net
7	www.google.com	4 redirects www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	cdn.gravitec.net	dnepr.news cdn.gravitec.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	jnn-pa.googleapis.com	www.youtube.com
3	x.bidswitch.net	3 redirects
3	adservice.google.co.uk	pagead2.googlesyndication.com
2	www.facebook.com	1 redirects connect.facebook.net
2	c1.adform.net	2 redirects
2	pool.admedo.com	2 redirects
2	mc.webvisor.org	1 redirects dnepr.news
2	adservice.google.com	pagead2.googlesyndication.com
2	api.top.my.ua	top-js-metrics.top.my.ua
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	landing.top.my.ua	top-js-metrics.top.my.ua landing.top.my.ua
2	counter.yadro.ru	1 redirects dnepr.news
2	connect.facebook.net	dnepr.news connect.facebook.net
1	s.ad.smaato.net	1 redirects
1	d.agkn.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api.gravitec.media	cdn.gravitec.media
1	cdn.gravitec.media	cdn.gravitec.net
1	id.gravitec.net	cdn.gravitec.net
1	i.bigmir.net	dnepr.news
1	c.bigmir.net	1 redirects
1	cdn.jsdelivr.net	dnepr.news
1	top-js-metrics.top.my.ua	dnepr.news
1	www.googletagmanager.com	dnepr.news
203	44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
bank.gov.ua
secure.wayforpay.com
lapa.shop
twitter.com
www.youtube.com
webkolba.com
www.liveinternet.ru
www.bigmir.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
top-js-metrics.top.my.ua R3	`2022-12-24` - `2023-03-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
landing.top.my.ua R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.gravitec.media R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
api.gravitec.media R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh
api.top.my.ua R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://dnepr.news/
Frame ID: 71DC47FA83FDEFEC96EBF41C9992F8EE
Requests: 75 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZcWpu_QpZdo
Frame ID: 4355BB394E42FF5F84C8C6ACD3A0BDDD
Requests: 22 HTTP requests in this frame

Frame: https://landing.top.my.ua/frame/index.html
Frame ID: 6928B090747E06470D0138B647309984
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 6F45763D942E88214DBA251CEB35871B
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 220313A600E2834F92E56AD738197503
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&adk=1812271804&adf=3025194257&lmt=1672899011&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fdnepr.news%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011327&bpp=9&bdt=310&idt=297&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5835925142171&frm=20&pv=2&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
Frame ID: 2F5E6D2FEEA66824B715AF5DC71511AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=198&slotname=5555673117&adk=4232816909&adf=4174843616&pi=t.ma~as.5555673117&w=737&lmt=1672899011&rafmt=11&format=737x198&url=https%3A%2F%2Fdnepr.news%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011336&bpp=3&bdt=318&idt=336&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=1317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SlxWSJ1hJ0&p=https%3A//dnepr.news&dtd=342
Frame ID: CD5BA6F595297F83B32C4357F74CDD84
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=600&slotname=5421064950&adk=3449364599&adf=2973740273&pi=t.ma~as.5421064950&w=244&fwrn=4&fwrnh=100&lmt=1672899011&rafmt=1&format=244x600&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011339&bpp=2&bdt=321&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C737x198&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j6lSQqKWNO&p=https%3A//dnepr.news&dtd=415
Frame ID: C9999C3A3FE21367AD5E7D97792B92F0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=280&adk=2704140506&adf=4232220864&pi=t.aa~a.3426647147~i.6~rp.1&w=377&fwrn=4&fwrnh=100&lmt=1672899012&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2108587065&ad_type=text_image&format=377x280&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rh=315&rw=377&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012581&bpp=3&bdt=1564&idt=3&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600&nras=2&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=674&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3RbULdnwzc&p=https%3A//dnepr.news&dtd=71
Frame ID: DD782E07B0A445043FEE66B8B287670D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=600&adk=3747730733&adf=734411604&pi=t.aa~a.2683937889~rp.4&w=244&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=244x600&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280&nras=3&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=xJVf57UZ97&p=https%3A//dnepr.news&dtd=31
Frame ID: E13962D2372CA848B2F0A5C70AE8B660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=100&adk=1651983405&adf=2175003167&pi=t.aa~a.3238863489~rp.2&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x100&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=3&bdt=1728&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600&nras=4&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=3246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sEfpC1NULq&p=https%3A//dnepr.news&dtd=40
Frame ID: EE6F5FF9BE2291E3BD692AD90DAE37C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=50&adk=2117658922&adf=3095314358&pi=t.aa~a.1737323695~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x50&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600%2C375x100&nras=5&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=78Mu2kvZzM&p=https%3A//dnepr.news&dtd=52
Frame ID: 6E05F47412FFC25B62D3C375F5EB9008
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0FB945BC87E739FA209C72B5AC3614BB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: AD305FAB225394A1C99F6269A7BDDD84
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: B6433249707942B7AB6AF2F7D3909948
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3E384DB9F04CF9D843169FA1A35869A5
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 3E7C4482F85C68A09DBAB3A5364DD7E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46B818CB8FDA9A5D2D0F175F552B58CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E217CC7CAA7F3D35B6E96316400B234A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: B5F2F13DB11ED89F395D194BD1DF02A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 523CC49185B75ED869011C4D2EF0E02A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3FF7B831708C517678A9E10707325B5C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: AD6DDC63CD21CDBE8B28141DD066739D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 0AA24B56B46EB35FB9B2087A98F8BCF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F0A16017D8FC5D88531884B768C5B34
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 5AB246E4855E746DBAA9CDB1F86E2FEB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33cdb6ee532d54%2526domain%253Ddnepr.news%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdnepr.news%25252Ff3eaaed0784ee1%2526relation%253Dparent.parent%26container_width%3D239%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdnipronews%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D240
Frame ID: E8862577804FC57044E1953DB642AAC6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D52E81C463DA568D0EEF70FA624E40D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C406680B56D4FF5A525E280E834C8B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Днепра | Dnepr.news

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

203
Requests

94 %
HTTPS

63 %
IPv6

32
Domains

44
Subdomains

34
IPs

9
Countries

2800 kB
Transfer

8189 kB
Size

46
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/dnipronews
Title: «Фейсбуке»

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAEKh2uITX_fWyvnNnw
Title: Телеграм-канале

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/news/all/natsionalniy-bank-vidkriv-spetsrahunok-dlya-zboru-koshtiv-na-potrebi-armiyi

Search URL Search Domain Scan URL

URL: https://secure.wayforpay.com/button/b6600bd8446dd

Search URL Search Domain Scan URL

URL: https://lapa.shop/ru/cats/

Search URL Search Domain Scan URL

URL: https://twitter.com/SobytiyaDp

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCDpTDgx1ondqdXl6k4X1OOQ

Search URL Search Domain Scan URL

URL: https://t.me/dnipro_news

Search URL Search Domain Scan URL

URL: https://webkolba.com/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://counter.yadro.ru/hit?t50.11;r;s1600*1200*24;uhttps%3A//dnepr.news/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0414%u043D%u0435%u043F%u0440%u0430%20%7C%20Dnepr.news;0.9746325688966742 HTTP 302
https://counter.yadro.ru/hit?q;t50.11;r;s1600*1200*24;uhttps%3A//dnepr.news/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0414%u043D%u0435%u043F%u0440%u0430%20%7C%20Dnepr.news;0.9746325688966742

Request Chain 35

https://c.bigmir.net/?v16933830&s16934285&t2&c1&n867344&w0&y0&d24&r1600 HTTP 302
https://i.bigmir.net/cnt/02.png

Request Chain 49

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A814253629936%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A269130918%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Ast%3A1672899011&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A814253629936%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A269130918%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Ast%3A1672899011&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 50

https://mc.yandex.ru/watch/56984335?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A810785873578%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A492489810%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Arqnl%3A1%3Ast%3A1672899011%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BD%D0%B5%D0%BF%D1%80%D0%B0%20%7C%20Dnepr.news&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/56984335/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A810785873578%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A492489810%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Arqnl%3A1%3Ast%3A1672899011%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BD%D0%B5%D0%BF%D1%80%D0%B0%20%7C%20Dnepr.news&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 67

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 80

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9874.lb6L7CpIx70ojWHwSxZ5TGeajLd8oQDZZatQq3Bj1zkVBK5eZ0YkxnhFc3YVoDzt.wY-cnRhQlbUCpVbUdjaE3E4YFN0%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9874.D7NnnMGYL4VaB--J4OlWcRu8kM0uFcGdX8VVZHdkcq3dgHQ-fIqDd_JqDy9wKUMZusjSd7OEKlLaHXhApOfxhE7fXq6ih7qKUlNojfviYJJ1kxSVIK867YaYi_-dBlQDwBEW0GU3acdEdIOFjgdFlijPs0cuoW1tCv8qu9_m60ezXhbfE9TIQ7Kg0yGBtPwzsTPPrDSg6qi1Ic6wXHeMUlFQrQyTJ8cw-P_T_Ni8ow0%2C.mdZbm4ixvUk5NtQ-wxgnrrgLTdg%2C

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 168

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJvyllcGw4mU-zgwH7dNJpk&google_cver=1&google_push=AavPq0PRmmU1YdwjqOLGKdHCseDlD0NzEf1TtYmRD8pG7pYyWjVwMosG0mFWeDtaQ3Unc31r71Ghgd9VSj5BYm1H-aPDJ-PFbVfWo_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PRmmU1YdwjqOLGKdHCseDlD0NzEf1TtYmRD8pG7pYyWjVwMosG0mFWeDtaQ3Unc31r71Ghgd9VSj5BYm1H-aPDJ-PFbVfWo_A

Request Chain 169

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM3-d5N-40dPOJ3ymZ0u4G8&google_cver=1&google_push=AavPq0Pb0_AaL4fhL139WKaffo-GIEbThDk797pm3oMaW_NbVjXuySip-nUX20q8Y4CvTWs82dOR5zK2MFwTM-B6Xzevrjc-JvrP2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pb0_AaL4fhL139WKaffo-GIEbThDk797pm3oMaW_NbVjXuySip-nUX20q8Y4CvTWs82dOR5zK2MFwTM-B6Xzevrjc-JvrP2g&google_hm=ssAUw0LFSg2Tj1V8o5NNyjA

Request Chain 170

https://d.agkn.com/pixel/2175/?google_gid=CAESEIB5kf99G6VKOCihyKCJ4ko&google_cver=1&google_push=AavPq0OAq-Dwn58T5bYCZmBSwk5p9d2kI4FTU1iNzH4rIcQPfUB8NWhsxfHNO-bR1w5sVmWQZDeYsUfGSb8kmLxju9QKSbyhOXP0lQc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0OAq-Dwn58T5bYCZmBSwk5p9d2kI4FTU1iNzH4rIcQPfUB8NWhsxfHNO-bR1w5sVmWQZDeYsUfGSb8kmLxju9QKSbyhOXP0lQc&google_hm=Q0FFU0VJQjVrZjk5RzZWS09DaWh5S0NKNGtv

Request Chain 171

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFPGe2cY9Qc84KA2mR5Hcds&google_cver=1&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9MWeX2UGOe6cWhmBbHU HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFPGe2cY9Qc84KA2mR5Hcds&google_cver=1&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9MWeX2UGOe6cWhmBbHU HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f043b651-914e-438d-be5e-4db804208b75 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f043b651-914e-438d-be5e-4db804208b75 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=87b31578-6415-45da-9514-0f1a21b30f31&user_group=1&ssp=google&bsw_param=f043b651-914e-438d-be5e-4db804208b75 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9MWeX2UGOe6cWhmBbHU&google_hm=8EO2UZFOQ42-Xk24BCCLdQ==

Request Chain 172

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOcbDfe4flQtAgomWukoel8&google_cver=1&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF1Wo57VD8KN_zXb7xdWOFRvPInKQk HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOcbDfe4flQtAgomWukoel8&google_cver=1&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF1Wo57VD8KN_zXb7xdWOFRvPInKQk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODk4MTIxOTkxMzk3MzQxMDczMQ&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF1Wo57VD8KN_zXb7xdWOFRvPInKQk

Request Chain 173

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKjiXoLCnuprjnRBlvHfQAA&google_cver=1&google_push=AavPq0OzLxxVD1wFYFuEV7rrwom1bF9WSl5l1kBvlZJY_ASGX1PG9_VYaZdEO0wYSnFP6FvVLaJSc0iYvjOm6gdHULVZTplBm96kivs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OzLxxVD1wFYFuEV7rrwom1bF9WSl5l1kBvlZJY_ASGX1PG9_VYaZdEO0wYSnFP6FvVLaJSc0iYvjOm6gdHULVZTplBm96kivs

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 185

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33cdb6ee532d54%26domain%3Ddnepr.news%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fdnepr.news%252Ff3eaaed0784ee1%26relation%3Dparent.parent&container_width=239&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fdnipronews&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=240 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33cdb6ee532d54%2526domain%253Ddnepr.news%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdnepr.news%25252Ff3eaaed0784ee1%2526relation%253Dparent.parent%26container_width%3D239%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdnipronews%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D240

203 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dnepr.news/ 78 KB
17 KB 715ms
588ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f10c802414c8a22c9de5774e5457a0818e0e4e0fd75bbfc27beb560109f018

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 784a0c9f3e5e90ef-FRA
content-encoding: br
content-type: text/html; charset=windows-1251
date: Thu, 05 Jan 2023 06:10:10 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NKGWPQi9LQYeLzrp4krGPJPXuAwgCQEE%2FMwrI6ktfymqDCR1fMmCyUPMhEH78sZDtCh2e2yCclxTT33MH%2BIYwdxVgQ%2B644DTwJh3i84%2F3CM7P8MxTgxQwaBUv4GhwAdkK8yq0P0etNY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 157ms
63ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-71772614-1

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56287bda35de26a900f9eb7bc75300f4423eb5c990ab82fa8978e7cc2b052819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 06:10:11 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/fdc259668c5bdad8a4dad9da87d6d821/ 64 KB
18 KB 73ms
29ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/fdc259668c5bdad8a4dad9da87d6d821/client.js
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e85473a35a2eb4d4988d33a68f1d75a9a79aafb98d3ec2309d51590f5ecbd3d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 20:07:39 GMT
date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 19:57:49 GMT
server: nginx
etag: W/"636028bd-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 placeholder.svg
dnepr.news/img/ 1 KB
943 B 35ms
28ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/img/placeholder.svg
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5b75f90f16f43565cf61e38247d1ea7cca6faebfe20c99adad2d5316a2950a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Feb 2020 14:39:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8293370
etag: W/"1dab8e-453-59e760faed980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrjbS%2FuwWPVGh9Or3kE%2FwNiOxIiwb5%2Fl2qZ8huregZOIwjskjAE0LzJJxWCXqV9oT%2F15Cd6iPkgfq00aIMO%2FQHqSz%2B2FO1wM79BbfXwg0bAjnT%2B4dYi709CBYQUgHcjTYeaa%2FLUGfvAn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=30844800
cf-ray: 784a0ca32a1590ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 23 Sep 2023 06:27:21 GMT

GET
H2 200 c-logod1.webp
dnepr.news/images/cache/img/ 61 KB
61 KB 37ms
30ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/img/c-logod1.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7afa9429f86f20726ac32840787a24a59fac13978e33faf4af17b346049129ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 07:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17092
etag: "3203e2-f428-5a363cd436022"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqP7o7HPfXYphTn%2BedmNzqImjlOaxd0RRfkOonR4yRzywDpBZsiibFLIWZNfRAK5CRwzzEFTyH0%2B499BO8LyNtsxebHfsSHLv4TBDNeRs1LedMjlzAezmXfXlTS8lnJzJbFQXoHD9yZo"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca32a1690ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62504
expires: Thu, 05 Jan 2023 13:25:19 GMT

GET
H2 200 373-289-obstrel_13_12_22.webp
dnepr.news/images/cache/imagesthumbMainNewsfeed/ 20 KB
21 KB 77ms
70ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbMainNewsfeed/373-289-obstrel_13_12_22.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9975cdc8f2db4390fe53c1658dbba78d97d3e2408c503b1ff4197213d1ff8ec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Dec 2022 06:20:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "281420-5151-5efaf9d8dd4ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OP4%2FzMcDEXl6Pf1dc%2F8L%2F%2FJEb%2F354dgFxz9fQdfbs%2BmNKwRwnFzh5wmOV83YjCgkZpF2jOauYK%2BrAA1F02OM%2Ba6mnhKG%2FstJd36QaZgqRhahYcVC4Itp49SpeSH0P4gi5U8mQcEuaJs7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca32a1790ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20817
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H2 200 calendar.png
dnepr.news/imagesBG/icons/ 280 B
620 B 36ms
30ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/imagesBG/icons/calendar.png
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aec483ffc038effca48717c07bba00f3ca25551bca1f288806136fea103cce66

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8293370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280
last-modified: Thu, 05 Oct 2017 14:25:57 GMT
server: cloudflare
etag: "1c9219-118-55acd80ae1cc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb50JiemHH736B4TBt4BMtezSeS5beLbfCBnRPoauIy1aKGAlOSVQA%2Fuz0pDxqq0a%2BtCpWDzneEmyaZEPdbxBCfn%2FypbpbgMH%2BkdwU0TAMA%2Fkd5DFXT1eJgugHkwh04gbGS0l%2BwVJpF%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca32a1890ef-FRA
expires: Sat, 23 Sep 2023 06:27:21 GMT

GET
H2 200 eye.png
dnepr.news/imagesBG/icons/ 288 B
747 B 55ms
50ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/imagesBG/icons/eye.png
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d34d46ecd0f5f89ffaea1e329e1547d2aca97d033ad73a7e4cbba822daa6da9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8293369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 288
last-modified: Thu, 05 Oct 2017 14:26:19 GMT
server: cloudflare
etag: "1c9236-120-55acd8202a2fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzEiTfi%2FB9oEVZautR9Cvz%2FwjNYNdb4URNAQfgdf10uAxcncnmXmbPOqwJpUBQHPQkv1%2B3GR7EcUiQQUDts6qJNzLi%2Bpnq6oIHBtnlowsLjyeUZ4Rkd2fcjZ9k5WpjlD4TFniGfJ5n5F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca32a1990ef-FRA
expires: Sat, 23 Sep 2023 06:27:22 GMT

GET
H2 200 comments.png
dnepr.news/imagesBG/icons/ 254 B
608 B 54ms
48ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/imagesBG/icons/comments.png
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02a13a132896eb26b59961a977b648637b99a83e3dacf83f32f0a4e18ea968e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8293368
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 254
last-modified: Thu, 05 Oct 2017 14:25:58 GMT
server: cloudflare
etag: "1c9223-fe-55acd80c13789"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mekjEZl%2FKtCi4MC0%2Fj3dQcf2Om89sPv0TGvn26hoGsdqFkpUDnZOCRvGJqRQEaF5WGblcS0RXOtf25ED7K73TfQJ9UXwNtnpTYsRP%2BQeb98q0yjFv8g%2BFJx0o7UuOJ6LPjCelVy1j4P8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca32a1a90ef-FRA
expires: Sat, 23 Sep 2023 06:27:23 GMT

GET
H2 200 icoTitleVideo_26.gif
dnepr.news/imagesBG/ 1 KB
2 KB 54ms
49ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/imagesBG/icoTitleVideo_26.gif
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 269b5b15022ed3b421ebe84399c296dd16df8ed821f3e675d61f2b58dabb672d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1734164
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1326
last-modified: Mon, 21 Aug 2017 12:08:11 GMT
server: cloudflare
etag: "1c1990-52e-55742551d60c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ao7l%2BzI467gt%2BTGniz2qqG4zPC1eL%2FU4sKLhtkpjr5OhhIrYYnZVBfpusR9Jqw5iHUMnP%2FBLINgc5Ou7meSV5Px6zc2%2B7cwV55zA94WLYobiJcIpdnHCw73boNgXD1So1ELAdn%2FxB6V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca32a1c90ef-FRA
expires: Fri, 08 Dec 2023 04:27:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 137ms
72ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5856576556842586

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82da7c73e2d074affed53227ec94b27a1e3a64ff07449b069a56e6da7d22bb51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Origin: https://dnepr.news
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
server: cafe
etag: 27398797697851901
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:11 GMT

GET
H2 200 army.jpg
dnepr.news/adv/ 16 KB
16 KB 55ms
50ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/adv/army.jpg
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 756d1b4acb5cc91af64eb18700d03d524365fc4b91f6063b5b896c157c9275d0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8293368
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15886
last-modified: Fri, 08 Apr 2022 13:29:06 GMT
server: cloudflare
etag: "140959-3e0e-5dc2494305128"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxjx9GynPaWrUX0NI64E5Z%2Bg16dDct2qrpH4XV7ht116LG5UuFbtZf3o6m4aoVrUwleRy2NhtAVh6Ffb%2BY3znnv7x1%2FgHBIk6fwEoxzfgwCeIl9qDh3Qf%2FYNBUhvqCwjQJGpYQG0R8tR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca32a1e90ef-FRA
expires: Sat, 23 Sep 2023 06:27:23 GMT

GET
H2 200 dnepr.jpg
dnepr.news/adv/ 20 KB
21 KB 62ms
57ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/adv/dnepr.jpg
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37aae8256c019413b80300fad81e8719f1ad67b62104c9cdb76d98af6480e980

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8293370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20961
last-modified: Fri, 08 Apr 2022 13:29:17 GMT
server: cloudflare
etag: "1420d4-51e1-5dc2494d17342"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yD%2B02xw1GHy4yAOHjM3zTH2n55%2Bu4RU1u10OaZaV0c%2BgkXZ8dGn6IZKgNeXe3Vg5HQYVz71Lrgv5px3joA%2BIYlAlFmEkmkwbhv8lm5P2jwH%2FWx9SbHM%2BKF8E6umsLaMpmm9ZoLjECxz0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca34a3d90ef-FRA
expires: Sat, 23 Sep 2023 06:27:21 GMT

GET
H2 200 lapabanner.jpg
dnepr.news/adv/ 36 KB
37 KB 60ms
55ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/adv/lapabanner.jpg
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe0c4629f51f492b9c0b172ca3f7a8e9ef42ae8fe0d029e524a9d1a5fd94932

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8293370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37143
last-modified: Fri, 05 Nov 2021 15:53:05 GMT
server: cloudflare
etag: "140012-9117-5d00ca38810ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC6r6hnRtSHQ%2Blet2VobO4qkPL44xwMTKvAOTffqUHKqnxFTFRzvg%2BE2l6yuLEgj4fcHXovPG5gx32ovZ42bBldDbYwGuKPD4kVMwAaqhG9ceN6D%2BJo29C5VtuMV5crlr1R8aPtTCk96"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca34a3e90ef-FRA
expires: Sat, 23 Sep 2023 06:27:21 GMT

GET
H2 200 css-collection.php
dnepr.news/ 24 KB
5 KB 79ms
73ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dnepr.news/css-collection.php?v=20200524
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5037e87ed1356066b523da67acdab734613230ad579e6924f7195fa656eb86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 04 May 2020 16:10:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2B%2Fqj4bwmOCXnXN3HsJjbgpVUVyzcuQNFYrpFazUlEuHineTkhoDk%2FpNpTW%2Fbl6gTyFAtdhDOaEzvwx41HEMsLaFB0VZCYyvkp8RfQ740Osryx74%2FQ0xRJjo2IcObTsKgVuQYnWVST%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 784a0ca32a0c90ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 12 Jan 2023 06:10:11 GMT

GET
H2 200 js-collection.php Show response
dnepr.news/ 310 KB
91 KB 98ms
91ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dnepr.news/js-collection.php?v=20200430
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 810d8ed2000458419df14bef7aa2daa78604fff9de26687fee3ff9e1ec2a24e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 16 Apr 2020 08:31:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZvu6c2JCzO5V1WXnuixTY6D9K5D44ssRVtpe9H5iwSgT63HKZJewK%2BMY9BRBH7A3iBfX%2F5JJbhKFAMlaNqAIyozypH7h9lWQdczfaSC38dKMAj%2BcplAswzANg55k1qe6ti5H9YFv7w5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 784a0ca32a1390ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 12 Jan 2023 06:10:11 GMT

GET
H2 200 findTop.png
dnepr.news/imagesBG/ 537 B
870 B 61ms
56ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/imagesBG/findTop.png
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8db04bf653cd921ae815d2180c5b0e27a2e2c9b6cae167aefd37a4c0c827dc9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8293370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 537
last-modified: Mon, 21 Aug 2017 12:08:08 GMT
server: cloudflare
etag: "1c19cf-219-5574254ef9a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOQbdwGjhFT9DswMiBJCD90EHp%2FQ7mkQ9Tl%2B%2BV2AoUoWwn9Zq0IsbnA9cweNTbtPvbR4LTMfZbkNBsEcU1zpzD5VuV1DseXr8aCeg0nhts7AmXOm0n177zWjCCPgLAyTxgJyM7845%2Bzv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca34a4090ef-FRA
expires: Sat, 23 Sep 2023 06:27:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 142ms
78ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72d2a0a6a7932828891af8ca6f56ecf109962670f59e0e07ddb245abb4ee5561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49923
x-xss-protection: 0
server: cafe
etag: 18142556943468012394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:11 GMT

GET
H2 200 script.js Show response
top-js-metrics.top.my.ua/ 23 KB
9 KB 110ms
27ms Script
application/javascript 138.201.61.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-js-metrics.top.my.ua/script.js

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.61.243 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.243.61.201.138.clients.your-server.de

Software

nginx/1.17.7 /

Resource Hash

023da60f004e8f3a52e1863381e0d3cf0ffe8a239a8712c81d1090330c4ee60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 11:51:40 GMT
server: nginx/1.17.7
etag: W/"6361084c-5dfe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
expires: Thu, 05 Jan 2023 06:15:11 GMT

GET
H2 200 ZcWpu_QpZdo Show response
www.youtube.com/embed/ Frame 4355 68 KB
28 KB 197ms
98ms Document
text/html 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ZcWpu_QpZdo

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d016e80492f06e7fa9a51ed34e7a6944123bfff28b5f05a14649049848ababe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 70ms
21ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17234b119928dcf13051ef276436dc2a0191a2eb9dd21dcfc3f1a638b7c03e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:10:11 GMT
content-md5: Q23BE5PFi8KTBx3ewn09rg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 7XnuDZZh4aEraWLbL9F1dn6LmzMOS4YWs1aODoNBXvXw6tie61ouyxQZ1eCzmi2mig7AlrhaDf6MRnu1mNCm0A==
x-fb-trip-id: 2050670934
x-fb-content-md5: 5e016656817490a0e10886e5c2a2d387
cross-origin-opener-policy: same-origin-allow-popups
etag: "64907273675abb528ee858caeea36261"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:13:24 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 3 KB
1 KB 45ms
18ms Fetch
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=fdc259668c5bdad8a4dad9da87d6d821
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/fdc259668c5bdad8a4dad9da87d6d821/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 88ef06309ed1144e38945d453a9495926361a489ca33ddfcb6b00f664850b37b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
x-correlation-id: c885372a9de75798d2d779142d88c38d
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H3 200 bgInputButton.png
dnepr.news/imagesBG/ 1 KB
2 KB 32ms
32ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/imagesBG/bgInputButton.png
Requested by: Host: dnepr.news
URL: https://dnepr.news/css-collection.php?v=20200524
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e650b6c686ddeb9a20e6e00c4e31f14365ece01a60510351df286e95f534272

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/css-collection.php?v=20200524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8292410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1265
last-modified: Mon, 21 Aug 2017 12:08:08 GMT
server: cloudflare
etag: "1c19cd-4f1-5574254ef9a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbybj7zMn3lcgMzmSbND0W7OWBuVPUlGFBks1h2cU8Cu6ceD36bm8E86ppwuh58Ggi2yJH1VwchfaDcpfezkqlRgCLeixDPEZXTBqBCRvACBPFE%2Fzsv0zdDN7%2B%2F3hzcVx5HYYvH%2BY4tL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=30844800
accept-ranges: bytes
cf-ray: 784a0ca3da016910-FRA
expires: Sat, 23 Sep 2023 06:43:21 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 51ms
25ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=287640a5c303fe046621c8b73d75a4cf

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e144fc1f4c3e69699e70030abd55f37d7b1c3c82ffbeec915644da60f5d66f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dnepr.news/
Origin: https://dnepr.news
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:10:11 GMT
content-md5: rrXi/OI9PMa8sWL9z3fgAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86939
x-fb-rlafr: 0
x-fb-debug: OC6y1MmhH5HoYAKFpOi5GeAxkgVR6BxBLDFqPCqQartrM8kWhCcC2M/2BxO5ljztJz8lxPW3ulfAax1KJFuubw==
x-fb-content-md5: 20100757bf86b06834434ccba626c545
cross-origin-opener-policy: same-origin-allow-popups
etag: "b47ef34578679f95eb0f5975d4300c44"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 05:31:14 GMT

GET
H3 200 40-40-kalendar.webp
dnepr.news/images/cache/imagesthumbNewstext/ 1 KB
2 KB 30ms
29ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewstext/40-40-kalendar.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f09981b3c39e1100ee62ec8a42bc9feed5cc4a8ad885adb9fcdd6e5c149a176

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Apr 2020 17:37:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19097
etag: "1d37db-506-5a357c414dd7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQhfSAX%2FehKtKqeu3wRpSwXr877lMpdy3FF9fp7%2Bg%2BEOR6OvugXb0gp9kSfgVnuEEAA3NoDj9qj9%2F2K5llL1OIbrKu1KmgPqu%2FHtWZXJ7V8jSuIOQCiXDRsV6dm75NVn38EeUrRhf5fh"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45a8b6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1286
expires: Thu, 05 Jan 2023 12:51:54 GMT

GET
H3 200 40-40-ranenye_1456920911.webp
dnepr.news/images/cache/imagesthumbNewstext/ 1 KB
2 KB 36ms
34ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewstext/40-40-ranenye_1456920911.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8744b359b1c7d37890c7a2185c3679288f27dc58ea4b7548adda4b832e38c5f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 12:32:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19097
etag: "2807ff-423-5e66f0db6a7c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqo5as8ugO1jvdT2Mc3Tjaw9vAIDeypCcD4FcGMdY0Nklkim6%2BoeLSQjD1LJfZgO2GBFVpjUoLLdtqSZ40zku5Vq1vfFATFY%2FB9u0Pfu1BfLFAZh12AjKg3o3PhwNdrR%2BXDuq7GNE85%2B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45a8f6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1059
expires: Thu, 05 Jan 2023 12:51:54 GMT

GET
H3 200 40-40-ato_1408085711.webp
dnepr.news/images/cache/imagesthumbNewstext/ 933 B
1 KB 39ms
37ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewstext/40-40-ato_1408085711.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab935ef979766947a5fdefd793e02a3defe44637ca3af6b49fad97a8c7e66c3e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Feb 2022 12:59:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19097
etag: "48083c-3a5-5d85e91bbe32c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q73BJQ%2FtXSKY6vdoIvA3EZgJRPM829pr0eAwH0JrWpVXWWS0a0QVO62sqBP%2FS%2BGJ8Vd3KQjsZJO3Z5YB6Ys%2F72pFWQM9avyY76njt2Zvq1Uizf8fvAB24%2FRRuEju7TBb%2B660eqr%2F3%2Fa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45a916910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 933
expires: Thu, 05 Jan 2023 12:51:54 GMT

GET
H3 200 40-40-electricestvo.webp
dnepr.news/images/cache/imagesthumbNewstext/ 957 B
1 KB 41ms
39ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewstext/40-40-electricestvo.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5222edb695cd85a319a4f5035c583e3f8ea6830a1386dd03ceb77e7a3bc8da6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 11:40:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19097
etag: "2a0471-3bd-5eb39704c781c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy8i6LN08lTfo3%2FU7vbYnKtBeCLvEyshtQA6Oqb9%2BjSNfmHEXgCbBpF5IbYXu35M8afPc4znKvAXgqQi%2BnUidxJZzoa6VZOAvkiUfUl6%2FnIMB%2FonKYr7iL1hPPXa9HanTaGsNJu5Jm8E"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45a956910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 957
expires: Thu, 05 Jan 2023 12:51:54 GMT

GET
H3 200 c-mediaklub.webp
dnepr.news/images/cache/img/ 34 KB
35 KB 43ms
41ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/img/c-mediaklub.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190665911363af602f0170f8839b1a8817e59d2f566c5790569b1b667260318b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 07:53:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19096
etag: "3203e0-89bc-5a363bbf52544"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZg32QOLlPUEyAks0MixSFriGcj9AHpNn2ER83O1%2FQDambjyO78lQOFRjYMp7RK%2Fz6G%2FluUcumCvn%2BmxRII0iUzO13VdtjscNaF9vIt08DE%2Bcu9injWe0rTM%2FEARVHkxnC1q2jbw21Fw"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45a966910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35260
expires: Thu, 05 Jan 2023 12:51:55 GMT

GET
H3 200 70-47-obstrel_14_10_22.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 96ms
94ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-obstrel_14_10_22.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7607eada6be10437483ae91184548fc094519a3e117fbc49aa0739523f2cc05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Oct 2022 05:54:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2c00cd-7ae-5eaf84107cbfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvBlquHhNl1kDVtRgm4IBXGskKlbeZH6g9CmjfU%2FUwCtUhDQtfe1ols%2BsvMU2mvcxjDmPSIaNzHFn9vjg%2Fuv8b%2Flx7sUjyC4m%2BbS%2FA7BDmcBp1PPnhmAvuILRzFix5r2HRVlgz37huXv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45a986910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1966
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H3 200 70-47-novostidnepra.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 41ms
40ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-novostidnepra.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c881c6b7f8b7d67c3d94abaa66c40bc7442f969c890d3056ed064340c60ae38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Apr 2020 17:37:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19097
etag: "1d3811-7c9-5a357c4944f51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE%2F%2BWWwp2%2FUe8i%2BHViMMEBjmIovPmD6k3I2SW7KNresMcn8ZOHCkqa0XSni8VIEcr4BC3dAmpWr4DNyTIQGBdUL%2FP0U6Pnua2h1U2NnHY10ylZjMNoexril5HPheEdXwgrF2u%2B5dnYzo"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45a9c6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1993
expires: Thu, 05 Jan 2023 12:51:54 GMT

GET
H3 200 70-47-rozhdestvo.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 106ms
105ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-rozhdestvo.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e85501f60ba2b5ff7ad1f76f816147464239ebe38e1e0a4734257ba0c60f1396

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Jan 2023 16:03:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e19c1-783-5f17254d13c0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yk5WNjhJ6EnylcThAWcvm0DpM0fP9Bl3%2BCbPiU1g8eBGp8b0cE4dX7caWOIbUxrPM%2Fyo90BNNJrKOfhwBQS6YHfYS4nHFxKmfyLsz5Mk17u3D%2Bd9oVYOxyS55IX%2B5R15dEF2sRm8oN4k"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45aa06910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1923
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H3 200 70-47-planetarij.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 1 KB
2 KB 107ms
106ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-planetarij.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a544048eccf66671ece0d1d2d62389486067337646e49499d1bf4bc563ffe4b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Jan 2023 15:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e19bc-5ab-5f171775a0bb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8HAnY89slTollQsrDFYZXtmGmu7cC5Xx0LBrArRtCUOpkWmC%2B8LLw1U7E50MmBhuMY0UgkyH87hidUy9PZy9uQWQOkqmc9iq8xIqU%2F2AhUhHLIuZtb%2BfNquo7%2B1ERgqbs2Ct8irXWzS"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45aa26910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1451
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H3 200 70-47-obstrel0_13_12_22.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 108ms
106ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-obstrel0_13_12_22.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac647a5da1260fccbee14f0436e89f0866bb062b367b93dedef417b1e03d2b52

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Dec 2022 06:18:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e1781-61a-5efaf97612eb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXi%2FaF8G800Yzn87%2FVJkbmbsbjm%2Bcx8jRqEnNIgaZT7w0hxzbLLAjdzZpu0AiZcrjkYqMKqYmBkT86sjFzMtUowTveQUaUjZ1QtrX9b5CrGR8C2L598R5DcMKj6UrUTvuolMCTqSdjkZ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca45aa46910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1562
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 211 KB
84 KB 81ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d51fb3da034945987b624f6f771a9489b35f196d83f43ecab125869af5ae4bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:10:11 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 42297
x-jsd-version: 1.255.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85687
x-served-by: cache-fra-eddf8230060-FRA, cache-ams21061-AMS
x-jsd-version-type: version
etag: W/"34dfe-lTaq29MlUt6eCLmFLZo4qfZAEqA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t50.11;r;s1600*1200*24;uhttps%3A//dnepr.news/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0414%u043D%u0435%u043F%u0440%u0430%20%7C%20Dnepr.news;0.9746325688966742
https://counter.yadro.ru/hit?q;t50.11;r;s1600*1200*24;uhttps%3A//dnepr.news/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0414%u043D%u0435%u043F%u0440%u0430%20%7C%20Dnepr.news;0.9746325688966742

132 B
618 B

52ms
52ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t50.11;r;s1600*1200*24;uhttps%3A//dnepr.news/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0414%u043D%u0435%u043F%u0440%u0430%20%7C%20Dnepr.news;0.9746325688966742

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

d13b6ce9be0abdc496f6a381705f48838bb7016a492fc9c35b6311af2347072b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:11 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Tue, 04 Jan 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:11 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t50.11;r;s1600*1200*24;uhttps%3A//dnepr.news/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0414%u043D%u0435%u043F%u0440%u0430%20%7C%20Dnepr.news;0.9746325688966742
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 04 Jan 2022 21:00:00 GMT

GET
H2

200

02.png
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?v16933830&s16934285&t2&c1&n867344&w0&y0&d24&r1600
https://i.bigmir.net/cnt/02.png

829 B
1003 B

164ms
45ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/02.png
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: b0aa183fd7ea4e99287a573281bcfe35d9804292c63e15a47a911eda79d90a89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
last-modified: Sun, 02 Oct 2005 23:04:59 GMT
server: nginx
etag: "4340679b-33d"
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 829
expires: Sun, 08 Jan 2023 06:10:11 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:11 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/02.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/e5f6cbd5/ Frame 4355 360 KB
49 KB 135ms
36ms Stylesheet
text/css 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:47 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/ Frame 4355 339 KB
107 KB 132ms
35ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109069
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:47 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/ Frame 4355 2 MB
597 KB 177ms
79ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b9a8ffca5554c798c1c6b2aeffad8f114ffa5794111956e98db604ff90fbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 610858
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 21:04:58 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/ Frame 4355 9 KB
3 KB 174ms
76ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:47 GMT

GET
H2 200 index.html Show response
landing.top.my.ua/frame/ Frame 6928 169 B
360 B 97ms
24ms Document
text/html 138.201.61.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.top.my.ua/frame/index.html

Requested by

Host: top-js-metrics.top.my.ua
URL: https://top-js-metrics.top.my.ua/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.61.243 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.243.61.201.138.clients.your-server.de

Software

nginx/1.17.7 /

Resource Hash

c5046234db951b30525f735b4d5d583bc383d9ceb9868b2053e9b95500da0bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
content-length: 169
content-type: text/html
date: Thu, 05 Jan 2023 06:10:11 GMT
etag: "61f03839-a9"
last-modified: Tue, 25 Jan 2022 17:49:45 GMT
server: nginx/1.17.7
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 132ms
85ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5856576556842586&plah=dnepr.news&bust=31071168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8359d92bb56a99ff09b00679727bb1102292ce9f7249aa8c122e0c36f64742a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119972
x-xss-protection: 0
server: cafe
etag: 11931501220923732020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 6F45 10 KB
5 KB 75ms
17ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 6077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:28:54 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 04:28:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
id.gravitec.net/ Frame 2203 621 B
761 B 167ms
42ms Document
text/html 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/fdc259668c5bdad8a4dad9da87d6d821/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 06:10:11 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AamW8opfVpj/yjxpAA
x-77-nzt-ray: bcd92b1f6ab3394bc369b663abb1d31e
x-77-pop: zagrebHR
x-accel-expires: @1981362169
x-age: 6896842
x-cache: HIT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
35ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71772614-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 04:27:17 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6174
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 06:27:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4355 15 KB
16 KB 74ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 409941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4355 15 KB
15 KB 86ms
32ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 200932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 22:21:19 GMT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 59ms
12ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/fdc259668c5bdad8a4dad9da87d6d821/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 05 Apr 2023 06:10:11 GMT
date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H2 200 script.js Show response
landing.top.my.ua/frame/ Frame 6928 2 KB
1020 B 27ms
26ms Script
application/javascript 138.201.61.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://landing.top.my.ua/frame/script.js

Requested by

Host: landing.top.my.ua
URL: https://landing.top.my.ua/frame/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.61.243 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.243.61.201.138.clients.your-server.de

Software

nginx/1.17.7 /

Resource Hash

a49ccfdf4bc7bb30b43ec2854208eb04da9496a066fd77cc668d396296a32521

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://landing.top.my.ua/frame/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 25 Jan 2022 17:49:45 GMT
server: nginx/1.17.7
etag: W/"61f03839-82e"
vary: Accept-Encoding
content-type: application/javascript

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Ae...

264 B
346 B

61ms
60ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A814253629936%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A269130918%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Ast%3A1672899011&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3fd94f374ef26ee23508d48319e84a6ccc10ecb7e539ee1a4655d898e03f8806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 05-Jan-2023 06:10:11 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dnepr.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:11 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 05-Jan-2023 06:10:11 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A0%3Als%3A814253629936%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A269130918%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Ast%3A1672899011&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://dnepr.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:11 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/56984335/
Redirect Chain

https://mc.yandex.ru/watch/56984335?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US...
https://mc.yandex.ru/watch/56984335/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-...

482 B
517 B

70ms
70ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56984335/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A810785873578%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A492489810%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Arqnl%3A1%3Ast%3A1672899011%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BD%D0%B5%D0%BF%D1%80%D0%B0%20%7C%20Dnepr.news&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4bf98f6744f9c77fcef4057e8cf38c3852a9cade09e3bb1ecb123f62a65106c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 05-Jan-2023 06:10:11 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dnepr.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 482
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:11 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 05-Jan-2023 06:10:11 GMT
location: /watch/56984335/1?wmode=7&page-url=https%3A%2F%2Fdnepr.news%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A14qzoz81s4a176hik6jd9j%3Afp%3A810%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A810785873578%3Ahid%3A716205510%3Az%3A0%3Ai%3A20230105061011%3Aet%3A1672899011%3Ac%3A1%3Arn%3A492489810%3Arqn%3A1%3Au%3A1672899011783504690%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A78%2C49%2C588%2C6%2C%2C0%2C%2C287%2C6%2C%2C%2C%2C1009%3Aco%3A0%3Acpf%3A1%3Ans%3A1672899010296%3Arqnl%3A1%3Ast%3A1672899011%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BD%D0%B5%D0%BF%D1%80%D0%B0%20%7C%20Dnepr.news&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://dnepr.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:11 GMT

GET
H3 200 70-47-znak_ostanovka.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 48ms
47ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-znak_ostanovka.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c855c4aef7333dfa098c16b6c230fa5cebed336124a664761b63b9a916a7ea05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Jan 2023 13:59:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e19b1-645-5f1709987f7bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djHkpj3JCibp8kh1GuO23OrhKECxdstnsvislQYmPcd2WxbODa%2F%2Bz7i4SWKJVgzXSsD7FMcg7pkA5sk46m3WoKeC5AjxRupiTwkxrBoQW5RZufuqAQdB0PVTK4tN7k278f1NxVqOjPnY"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca5ec706910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1605
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H3 200 70-47-policiya_1464953325.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 50ms
48ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-policiya_1464953325.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e56c5ec2f058769dbf2f30e08136efd50ca00da4a5312363bb749227299bcc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 15 Apr 2020 17:37:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1d3823-7c0-5a357c4ddbcac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwFu24rjSuy%2BlovES%2FaNn48PRrQeCGNCe%2BQWcbaFZyTm0abtN%2FWz82EsNwkxThcLVTjTZedEQIljv3Tg8Tj%2BTaXxOJM8eD2kjqhAqCZ5EwPU9zuJpZr3SwNfw4AyPfWaPn1pq7XNtXGw"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca5ec726910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1984
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H3 200 70-47-tro_dnepr.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 1 KB
2 KB 30ms
28ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-tro_dnepr.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 805865d229ebe3e7a35b5913ff1f842d6aef43eda8983d553105019021c5ef60

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Oct 2022 11:36:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6614
etag: "1c72ef-5a5-5eb3962958050"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyxXRE8G5hFDWPkHgwYG%2FDDV48Sb6xOEe%2BCpCcTTGZs%2FdnI7wxLDzjD2zSv%2BU43uawmVBI2fFXnOc8ds8FtJGIfmaHOCwUe4%2B5nqJPICQIdw5Nk8p5M029pA0W6297Uew76SjCsXODmd"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca5ec736910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1445
expires: Thu, 05 Jan 2023 16:19:57 GMT

GET
H3 200 70-47-tank_demontazh.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 31ms
30ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-tank_demontazh.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7a0715b98dc3aafacf51b37865579e0af701f8b2c61796d6dc4a103df8a78a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Jan 2023 11:11:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19096
etag: "2e19a8-70d-5f16e3f68fdcb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuEMhaboah%2FVsarBUHldU9sm0VDBfRWoE19EI7RBCsI7LBiFhKRbahdPoESBec9Qdxa%2BKHh1C%2B88SBNhNCsKFqsixfeztDxKTpeZbio%2Fn7p%2FFaDJ8YlR%2B%2BCrbOtrGnU8szbyvUO3dNAw"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca5ec746910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1805
expires: Thu, 05 Jan 2023 12:51:55 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
185 B 162ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
etag: "63ae6ee1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 05 Jan 2023 07:10:11 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 84ms
27ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=fdc259668c5bdad8a4dad9da87d6d821&user_id=6132ad6a-13fc-4701-9a01-92264bf07552&utmb=f4c14bef-78b0-44dc-b60f-d238af470400&path=https%3A%2F%2Fdnepr.news%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:11 GMT
x-correlation-id: f993128045f943198535a0c98ee3df6b
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 128ms
55ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1934267667&t=pageview&_s=1&dl=https%3A%2F%2Fdnepr.news%2F&ul=en-us&de=windows-1251&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BD%D0%B5%D0%BF%D1%80%D0%B0%20%7C%20Dnepr.news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=563568998&gjid=958114519&cid=285645658.1672899012&tid=UA-71772614-1&_gid=1805172740.1672899012&_r=1&gtm=2oubu0&z=904239620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dnepr.news/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dnepr.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 view Show response
api.top.my.ua/api/v1/statistic/n/ 68 B
312 B 32ms
31ms Fetch
application/json 138.201.61.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.top.my.ua/api/v1/statistic/n/view

Requested by

Host: top-js-metrics.top.my.ua
URL: https://top-js-metrics.top.my.ua/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.61.243 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.243.61.201.138.clients.your-server.de

Software

nginx/1.17.7 /

Resource Hash

a26213bf54d623b217d36aa2cf43ac255748c13664e5b597b4ed999faeb15a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://dnepr.news/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.17.7
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dnepr.news
access-control-expose-headers
cache-control: no-transform
access-control-allow-credentials: true
content-length: 68

OPTIONS
H2 200 view
api.top.my.ua/api/v1/statistic/n/ Frame 0
0 96ms
24ms Preflight
application/octet-stream 138.201.61.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.top.my.ua/api/v1/statistic/n/view

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.61.243 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.243.61.201.138.clients.your-server.de

Software

nginx/1.17.7 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dnepr.news
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: CONTENT-TYPE
access-control-allow-methods: POST
access-control-allow-origin: https://dnepr.news
cache-control: no-transform
content-length: 0
content-type: application/octet-stream
date: Thu, 05 Jan 2023 06:10:11 GMT
server: nginx/1.17.7
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 78ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dnepr.news&callback=_gfp_s_&client=ca-pub-5856576556842586&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5856576556842586&plah=dnepr.news&bust=31071168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06680ca4297b48fb4cfee8400168679f2050485e705a7388410bc7ca2661ec48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 159ms
57ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=dnepr.news

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 146ms
56ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dnepr.news

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F5E 475 KB
89 KB 349ms
306ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&adk=1812271804&adf=3025194257&lmt=1672899011&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fdnepr.news%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011327&bpp=9&bdt=310&idt=297&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5835925142171&frm=20&pv=2&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a816f9462c01ee6ae4bf633fe1d2f17f7d55a6c7527761e57765d0767c8c208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 90815
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:11 GMT
expires: Thu, 05 Jan 2023 06:10:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD5B 101 KB
34 KB 275ms
242ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=198&slotname=5555673117&adk=4232816909&adf=4174843616&pi=t.ma~as.5555673117&w=737&lmt=1672899011&rafmt=11&format=737x198&url=https%3A%2F%2Fdnepr.news%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011336&bpp=3&bdt=318&idt=336&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=1317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SlxWSJ1hJ0&p=https%3A//dnepr.news&dtd=342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35582a5e51f01b4ce48197c88f4a6d90e60b215f78852e0dedb253ebd03525b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35267
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:11 GMT
expires: Thu, 05 Jan 2023 06:10:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C999 96 KB
34 KB 277ms
276ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=600&slotname=5421064950&adk=3449364599&adf=2973740273&pi=t.ma~as.5421064950&w=244&fwrn=4&fwrnh=100&lmt=1672899011&rafmt=1&format=244x600&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011339&bpp=2&bdt=321&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C737x198&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j6lSQqKWNO&p=https%3A//dnepr.news&dtd=415

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3239086cc63cb7c30987b8560a56eee660bd01c8ea3370338a54b6ebf05415f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34952
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:12 GMT
expires: Thu, 05 Jan 2023 06:10:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
435 B 76ms
29ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-71772614-1&cid=285645658.1672899012&jid=563568998&gjid=958114519&_gid=1805172740.1672899012&_u=YEBAAUAAAAAAACAAI~&z=62428982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dnepr.news/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:10:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dnepr.news
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4355
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
28ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d14a713e488c4e6d91c09313423f8443229d4e643c1f7b40c8e3e73b7ecb754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:11 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4355 29 B
587 B 128ms
37ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:19 GMT
x-content-type-options: nosniff
age: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:24:19 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 151ms
56ms Preflight
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 06:10:11 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4355 66 KB
30 KB 164ms
80ms XHR
application/json+protobuf 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb05aff1a3f1507781e5289aad0893dc83ceb8c455c8270b0924619ef9c4f989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30659
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/ Frame 4355 119 KB
36 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2375c7e1db09ed070014f03f82c4b5f9c43443da3b7c8f577a5bfb75953ebdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 22:00:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37284
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 22:00:32 GMT

GET
H2 200 ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js Show response
www.google.com/js/th/ Frame 4355 36 KB
14 KB 130ms
35ms Script
text/javascript 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:40:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14218
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Dec 2023 07:40:56 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/ Frame 4355 26 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a695e39554a03d18a1df407bb52ebcaa4aadb356360703b92b2fc174af501dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 21:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8353
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 21:51:35 GMT

GET
DATA 200
OK truncated
/ Frame 4355 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu9cgla5x4SUCx-6FOMA8rqjIov-PG6f5osWL8l8VYBzmKvAoJ2kRR8QGd9gbG9Q4A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4355 1022 B
1 KB 132ms
36ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9cgla5x4SUCx-6FOMA8rqjIov-PG6f5osWL8l8VYBzmKvAoJ2kRR8QGd9gbG9Q4A=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3a08041caeac5aad2afd76684c7235288dcdd38ad275bc284509f3186411ab28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:06:31 GMT
x-content-type-options: nosniff
server: fife
age: 7421
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
expires: Fri, 06 Jan 2023 04:06:31 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/ZcWpu_QpZdo/ Frame 4355 23 KB
23 KB 101ms
29ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ZcWpu_QpZdo/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgTig_MA8=&rs=AOn4CLDHlKgTT6XdQj7BXumLbe5p3Z9aoA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b39579067c27b1d00adf5f5cf41c7d2fb74f42c2ae23868cab33365ce52cf0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:20 GMT
x-content-type-options: nosniff
age: 4971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23214
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 06:47:20 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4355 10 KB
10 KB 84ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 21:29:26 GMT
x-content-type-options: nosniff
age: 204045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 02 Jan 2024 21:29:26 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 15ms
13ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/fdc259668c5bdad8a4dad9da87d6d821/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:30 GMT
date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 17ms
16ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/fdc259668c5bdad8a4dad9da87d6d821/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:30 GMT
date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9874.lb6L7CpIx70ojWHwSxZ5TGeajLd8oQDZZatQq3Bj1zkVBK5eZ0YkxnhFc3YVoDzt.wY-cnRhQlbUCpVbUdjaE3E4YFN0%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9874.D7NnnMGYL4VaB--J4OlWcRu8kM0uFcGdX8VVZHdkcq3dgHQ-fIqDd_JqDy9wKUMZusjSd7OEKlLaHXhApOfxhE7fXq6ih7qKUlNojfviYJJ1kxSVIK867YaYi_-dBlQDwBEW0GU3a...

43 B
507 B

77ms
77ms

Image
image/gif

149.5.244.20
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9874.D7NnnMGYL4VaB--J4OlWcRu8kM0uFcGdX8VVZHdkcq3dgHQ-fIqDd_JqDy9wKUMZusjSd7OEKlLaHXhApOfxhE7fXq6ih7qKUlNojfviYJJ1kxSVIK867YaYi_-dBlQDwBEW0GU3acdEdIOFjgdFlijPs0cuoW1tCv8qu9_m60ezXhbfE9TIQ7Kg0yGBtPwzsTPPrDSg6qi1Ic6wXHeMUlFQrQyTJ8cw-P_T_Ni8ow0%2C.mdZbm4ixvUk5NtQ-wxgnrrgLTdg%2C

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

149.5.244.20 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9874.D7NnnMGYL4VaB--J4OlWcRu8kM0uFcGdX8VVZHdkcq3dgHQ-fIqDd_JqDy9wKUMZusjSd7OEKlLaHXhApOfxhE7fXq6ih7qKUlNojfviYJJ1kxSVIK867YaYi_-dBlQDwBEW0GU3acdEdIOFjgdFlijPs0cuoW1tCv8qu9_m60ezXhbfE9TIQ7Kg0yGBtPwzsTPPrDSg6qi1Ic6wXHeMUlFQrQyTJ8cw-P_T_Ni8ow0%2C.mdZbm4ixvUk5NtQ-wxgnrrgLTdg%2C
date: Thu, 05 Jan 2023 06:10:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 70-47-politsia_19_10_22.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 187ms
186ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-politsia_19_10_22.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dcf10c1b732d51f53838d4cf4cd47175967311ff4c813198edf55fe97afa265

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Oct 2022 09:19:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e1076-73e-5eb5fb58ccdae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FeH2f5e4CxPKM8C2hQiyVXy5lrDuZ0U%2FrHMQOexqpoSHYfUl7xE3aFSlMZcIASCxrluZENile7xYwcEGP0Nl7vsgCwWsoMUj3qd1a9weL45JTBeeYYS0osGcKvocpWRLBILL1vM%2BJ57"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0ca8bf1c6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1854
expires: Thu, 05 Jan 2023 18:10:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CD5B 2 KB
1 KB 187ms
80ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=en

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=198&slotname=5555673117&adk=4232816909&adf=4174843616&pi=t.ma~as.5555673117&w=737&lmt=1672899011&rafmt=11&format=737x198&url=https%3A%2F%2Fdnepr.news%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011336&bpp=3&bdt=318&idt=336&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=1317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SlxWSJ1hJ0&p=https%3A//dnepr.news&dtd=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:01:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:12 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame CD5B 35 KB
14 KB 131ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34507612671884f0dfaff03895673df5df313499a4276be9eed4dea170d2c6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 11:11:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14239
x-xss-protection: 0
server: cafe
etag: 10435366731557746102
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 11:11:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD5B 154 KB
48 KB 193ms
91ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:12 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8689624723742267043/ Frame CD5B 10 KB
10 KB 57ms
56ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8689624723742267043/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d7b2a03ac7ac589262d03ee26946822e3b36607e96e1f272ba1fe3912fa520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 21:25:23 GMT
x-content-type-options: nosniff
age: 377089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10312
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 12:44:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Dec 2023 21:25:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame CD5B 24 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame CD5B 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame CD5B 18 KB
7 KB 50ms
50ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4355 4 KB
3 KB 277ms
160ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:12 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4355 0
10 B 38ms
38ms Image
text/plain 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?FsRliw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ZcWpu_QpZdo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame C999 7 KB
3 KB 118ms
36ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=600&slotname=5421064950&adk=3449364599&adf=2973740273&pi=t.ma~as.5421064950&w=244&fwrn=4&fwrnh=100&lmt=1672899011&rafmt=1&format=244x600&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011339&bpp=2&bdt=321&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C737x198&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j6lSQqKWNO&p=https%3A//dnepr.news&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 09:53:57 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame C999 225 B
249 B 117ms
35ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:20:58 GMT
x-content-type-options: nosniff
server: cafe
age: 74954
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Thu, 05 Jan 2023 09:20:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame C999 2 KB
765 B 41ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame C999 24 KB
9 KB 63ms
63ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame C999 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame C999 18 KB
7 KB 63ms
62ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C999 154 KB
47 KB 181ms
102ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame C999 34 KB
14 KB 108ms
38ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4355 90 B
134 B 63ms
63ms XHR
application/json+protobuf 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af1b210374bf6e839bef83f2c645387cd8f31afdcd46ae59ec64e27ceaba1421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 60ms
55ms Preflight
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 06:10:12 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1abbdd682c5913d52b6f0d768b391019a0c6ab40dcd155a43e3b5dacf0d8ec06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52351
x-xss-protection: 0
server: cafe
etag: 10220262568231890452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:12 GMT

GET
H3 200 70-47-obstrel0_13_12_22.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 30ms
29ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-obstrel0_13_12_22.webp
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac647a5da1260fccbee14f0436e89f0866bb062b367b93dedef417b1e03d2b52

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 06:18:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "2e1781-61a-5efaf97612eb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FO%2FBuvaoxlBhUBj0%2BAJ8dF9v2%2BC46Rxw3wCo5OM5GIVBfu20X%2F4dxMq8G%2FK3ccc1QbYe9ZlqgybhwkZgyFxea3%2B4%2B0f%2Fl5wot3UDAEPbWQoSiPWMIo1ZcSF7TRTPob8vrcNluV2I%2FijD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0cac3afa6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1562
expires: Thu, 05 Jan 2023 18:10:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CD5B 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL7N6w2m2Y5CmLdG9tweKyoiACJKe0aNug47cp_sQvOH2mP4OEAEg5tarG2C7BqAB4IHw-CjIAQapAgZhoAiUyrE-qAMByAPLBKoEvgFP0Hh0hxEzq2uCVmJW36dyVBDGewuDbpstz-OaKdydE603BuFDjhc8VMNdJoOFeM9hNMrNRfR7jmIhpoLTMLzlh3ud1gFXfeKrBG51Oyw0q_jrO2eKaOWmsKaNRTiruahGRNkv7y0QFCNWd1dH-lTD4iLUR3A1FU6fugdGj--Gq1HBNCYW7u2R-cx8nQlVsX8LjBHn9wVkjNn6ugkmdjsC1zGuT6eT2gJYFUJDIh6nSAu87gNGHfjqZzkmL8q-wASyqsPOmASSBQQIBBgBkgUECAUYBKAGN4AH4LnA2AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCCggLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01ODU2NTc2NTU2ODQyNTg2GAA&sigh=GLA-iTNmu3o&uach_m=[UACH]&cid=CAQSGwDq26N9Wq7vJACVcaGhTwb4eDuMGYFhLTo55BgBIBM&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=198&slotname=5555673117&adk=4232816909&adf=4174843616&pi=t.ma~as.5555673117&w=737&lmt=1672899011&rafmt=11&format=737x198&url=https%3A%2F%2Fdnepr.news%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011336&bpp=3&bdt=318&idt=336&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=1317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SlxWSJ1hJ0&p=https%3A//dnepr.news&dtd=342
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:12 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 123ms
45ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=dnepr.news

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 167ms
60ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dnepr.news

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD78 436 B
230 B 299ms
295ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=280&adk=2704140506&adf=4232220864&pi=t.aa~a.3426647147~i.6~rp.1&w=377&fwrn=4&fwrnh=100&lmt=1672899012&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=2108587065&ad_type=text_image&format=377x280&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rh=315&rw=377&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012581&bpp=3&bdt=1564&idt=3&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600&nras=2&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=674&ady=4727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3RbULdnwzc&p=https%3A//dnepr.news&dtd=71

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a69a33ad2f79f25ab188eec341182afa6a57ffea8b674b852848f8f0132945aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CD5B 9 KB
9 KB 50ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 12:01:13 GMT
x-content-type-options: nosniff
age: 583739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 12:01:13 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E139 436 B
230 B 230ms
221ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=600&adk=3747730733&adf=734411604&pi=t.aa~a.2683937889~rp.4&w=244&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=244x600&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280&nras=3&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2517&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=xJVf57UZ97&p=https%3A//dnepr.news&dtd=31

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d55ed5c477efb9e3272e14232c7a9189031e82c1c75adadd0712b2e3bf7b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE6F 436 B
231 B 187ms
185ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=100&adk=1651983405&adf=2175003167&pi=t.aa~a.3238863489~rp.2&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x100&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=3&bdt=1728&idt=-M&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600&nras=4&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=3246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=sEfpC1NULq&p=https%3A//dnepr.news&dtd=40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9efb7d984d39d698ae90a807b5a69170e9814f15178bd624a135d39bbdc5d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E05 82 KB
24 KB 232ms
232ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=50&adk=2117658922&adf=3095314358&pi=t.aa~a.1737323695~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x50&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600%2C375x100&nras=5&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=78Mu2kvZzM&p=https%3A//dnepr.news&dtd=52

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63de6432bef2b9bde83485f644c4d154eca5129463fc0db6b60cc24db4610894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 24878
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame 4355 52 KB
15 KB 118ms
36ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 06 Jan 2023 05:34:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C999 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C50qrw2m2Y4-lMImbtwfPp4rYC6Tfx6Nupsqh2_IQh8u9_McBEAEg5tarG2C7BqABorG8nQHIAQGpAqm0qoTc7kk-qAMByAPLBKoExQFP0MSCXXwtNS6JwAHGi36rHsdbQ2Rphu4oIaRjB88DUFiUTWuQSFUCFq05o6aAzias4jWzM5A0mAD5UOqIjEjGbTXIWwZcQ0rFrD7OI5E0p-Q_6hfNOnWLZUFzffEFpLU3oH2agJUDDs14P95YCnJRXr6-Hy-mX4oIblEgv-RBKE10PSSPdDazwb44qKRFsoyPv-ucCQ58qDUS2hjYr3lqJKfQgRDOqEfxg-O2PrOCo4035Y95kA2AtJDXWD5qNBBHWtZFtsAEz5Gn5ZgEkgUECAQYAZIFBAgFGASgBgKAB8bOw-ICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQz48B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTg1NjU3NjU1Njg0MjU4NhgA&sigh=6JRagpRri20&uach_m=[UACH]&cid=CAQSGwDq26N9xs6SgwUL2KPQf8_ly2IevtvSbXDzrRgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=600&slotname=5421064950&adk=3449364599&adf=2973740273&pi=t.ma~as.5421064950&w=244&fwrn=4&fwrnh=100&lmt=1672899011&rafmt=1&format=244x600&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011339&bpp=2&bdt=321&idt=411&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C737x198&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=j6lSQqKWNO&p=https%3A//dnepr.news&dtd=415
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14356405756363550819
tpc.googlesyndication.com/daca_images/simgad/ Frame C999 27 KB
27 KB 191ms
190ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14356405756363550819?w=360&h=720

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03be95d9489507044f25fdd6d57f095b69728822a4749c5ffeeb4de4f79bc6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27885
x-xss-protection: 0
last-modified: Sun, 01 Jan 2023 18:49:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Jan 2023 06:10:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FB9 143 B
166 B 25ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=198&slotname=5555673117&adk=4232816909&adf=4174843616&pi=t.ma~as.5555673117&w=737&lmt=1672899011&rafmt=11&format=737x198&url=https%3A%2F%2Fdnepr.news%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899011336&bpp=3&bdt=318&idt=336&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=293&ady=1317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=Mo%7C%7CpEebr%7Cp&abl=XS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SlxWSJ1hJ0&p=https%3A//dnepr.news&dtd=342
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 40ms
39ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=dnepr.news

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame AD30 10 KB
4 KB 22ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:02:02 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame B643 10 KB
4 KB 42ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:02:02 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame 3E38 10 KB
4 KB 38ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:02:02 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CD5B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 100d6d01944aeac964ec98e0ce2573e99415760ed85157c46e32fef47140ef94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C999 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05122f5f747965aec80acdca6950d7a530ec1411d91d90b94d4a229683ac67a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 6E05 8 KB
895 B 135ms
61ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=50&adk=2117658922&adf=3095314358&pi=t.aa~a.1737323695~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x50&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600%2C375x100&nras=5&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=78Mu2kvZzM&p=https%3A//dnepr.news&dtd=52

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 05:34:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6E05 2 KB
765 B 35ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 6E05 24 KB
9 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6E05 3 KB
1 KB 39ms
37ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6E05 18 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6E05 0
0 146ms
55ms Image
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-28JwEu7RtVtkteY4w3EaucY7wwPftEZkVazBRQm898wjnQMyGg4Ep62NNOJiGC-qHvdBT4p-ikPTgij8zFoco6rsKA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=50&adk=2117658922&adf=3095314358&pi=t.aa~a.1737323695~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x50&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600%2C375x100&nras=5&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=78Mu2kvZzM&p=https%3A//dnepr.news&dtd=52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E05 154 KB
47 KB 88ms
85ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 6E05 34 KB
14 KB 37ms
35ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame AD30 4 KB
636 B 100ms
59ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 05:44:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD30 205 B
229 B 35ms
34ms Image
image/png 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:09:19 GMT
x-content-type-options: nosniff
age: 3654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jan 2024 05:09:19 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AD30 604 B
628 B 35ms
35ms Image
image/png 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:37:45 GMT
x-content-type-options: nosniff
age: 12748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jan 2024 02:37:45 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame AD30 19 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8195
x-xss-protection: 0
server: cafe
etag: 298254208257092395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6E05 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cu34axGm2Y7HqMpGrtwfzlIuQAofkzaNu54fMk9wQzNr2mP4OEAEg5tarG2C7BqABorG8nQHIAQGpAqm0qoTc7kk-qAMBqgTEAU_QlYFuJdz6Mjlx5YOKr1fpTDPUR_xsL7j9IlisOZq0SWn2WrUr9GAYF71WMz9VhUaHRkyEqY88D4facA7iTpCq3ixGVdHD1aOjX4w2lOWCUlnsSmS_8tvgtRBjULyjXjdR0QO6KVsSXHjstvzi2slFq6l_fuJCO0kuVC6kvXU78ysuUFFHwsQ0Nv4EMwJMtaxogS8BEBd93WiXxFGznZYtIxaUYIbfRplTcmvTbP-cQKOR_wWEO9PAlsbYTDNLWsXdmkjABLWCm56UBJIFBAgEGAGSBQQIBRgEgAfGzsPiAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEKg40ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNTg1NjU3NjU1Njg0MjU4NhgA&sigh=t8j7AB8mLT0&uach_m=[UACH]&cid=CAQSOwDq26N9gPfjIDh4e2mJI2DAkofLF4d3SJN6VyGeTWDlHlPI5j7nOOumys19rvW3N1bYv_BLOTj0_jChGAEgEw&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=50&adk=2117658922&adf=3095314358&pi=t.aa~a.1737323695~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x50&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600%2C375x100&nras=5&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=78Mu2kvZzM&p=https%3A//dnepr.news&dtd=52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame B643 2 KB
765 B 35ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame B643 24 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame B643 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame B643 18 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B643 154 KB
47 KB 85ms
85ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame B643 34 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame 3E38 9 KB
4 KB 40ms
35ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:50:48 GMT

GET
H3 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame 3E38 10 KB
4 KB 51ms
46ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 00:30:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3E38 8 KB
895 B 65ms
62ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:07:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3E38 2 KB
765 B 58ms
55ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 3E38 24 KB
9 KB 47ms
44ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3E38 3 KB
1 KB 59ms
56ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3E38 18 KB
7 KB 55ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E38 154 KB
47 KB 90ms
86ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 3E38 34 KB
14 KB 51ms
48ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7510152428876016890/ Frame 6E05 7 KB
7 KB 39ms
39ms Image
image/png 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7510152428876016890/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b34a3f23576608170ed883a2e0d79fe93efb59d49b782cf74b81e939623bd2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:31:01 GMT
x-content-type-options: nosniff
age: 49152
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6752
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 08:31:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 16:31:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:13 GMT
expires: Thu, 05 Jan 2023 06:10:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E7C 36 KB
16 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:41:01 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 46B8 143 B
166 B 25ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5856576556842586&output=html&h=50&adk=2117658922&adf=3095314358&pi=t.aa~a.1737323695~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1672899012&rafmt=1&to=qs&pwprc=2108587065&format=375x50&url=https%3A%2F%2Fdnepr.news%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672899012745&bpp=2&bdt=1727&idt=2&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7c14bbb9242472f7-22e830fdf8da00b3%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ&gpic=UID%3D00000b9d5beb9396%3AT%3D1672899011%3ART%3D1672899011%3AS%3DALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og&prev_fmts=0x0%2C737x198%2C244x600%2C377x280%2C244x600%2C375x100&nras=5&correlator=5835925142171&frm=20&pv=1&ga_vid=285645658.1672899012&ga_sid=1672899012&ga_hid=1934267667&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=3925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071168%2C44774606%2C44779793%2C44780792&oid=2&pvsid=4131206543490449&tmod=1247376469&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=78Mu2kvZzM&p=https%3A//dnepr.news&dtd=52
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E217 1 KB
643 B 21ms
19ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 54383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 15:03:50 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 15:03:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame B5F2 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:41:01 GMT

GET
DATA 200
OK truncated
/ Frame 6E05 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd316e6e58221f660277ee6dd6175d935674a722e982a1668c3d5de14b759317

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 523C 143 B
166 B 19ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3FF7 8 KB
895 B 58ms
57ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:14:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3FF7 2 KB
765 B 35ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 3FF7 24 KB
9 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3FF7 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3FF7 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FF7 154 KB
47 KB 71ms
71ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:13 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 3FF7 34 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6E05 28 KB
28 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 549272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 21:35:41 GMT

GET
H3 200 9413129798462399971
tpc.googlesyndication.com/daca_images/simgad/ Frame B643 10 KB
10 KB 175ms
174ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9413129798462399971?w=180&h=360

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce49c16ea90c1cde34a680b9f6ff89055bda0084a9c283621bf8699c51aa40c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10001
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 21:15:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Jan 2023 06:10:13 GMT

GET
DATA 200
OK truncated
/ Frame B643 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25bba7f12fc15e48d9d474e466a8cb36fc8bd76e77f19b84c1410bed19f4483a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame E217 35 B
463 B 76ms
21ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKxJ0xs-XzRRJohA5KQ9u3g&google_cver=1&google_push=AavPq0MXrcykCYNvN0LmQ08Vqtnfmvgg3DO6vUdmSFWAZMOvpjieZPC4Pouh7pMEa646qBrANceLdHPRYuDBQQPkiBw2roFWXedKHQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E217
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJvyllcGw4mU-zgwH7dNJpk&google_cver=1&google_push=AavPq0PRmmU1YdwjqOLGKdHCseDlD0NzEf1TtYmRD8pG7pYyWjVwMosG0mFWeDtaQ3Unc31r71Ghgd9VSj5BYm1H...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PRmmU1YdwjqOLGKdHCseDlD0NzEf1TtYmRD8pG7pYyWjVwMosG0mFWeDtaQ3Unc31r71Ghgd9VSj5BYm1H-aPDJ-PFbVfWo_A

170 B
329 B

83ms
59ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PRmmU1YdwjqOLGKdHCseDlD0NzEf1TtYmRD8pG7pYyWjVwMosG0mFWeDtaQ3Unc31r71Ghgd9VSj5BYm1H-aPDJ-PFbVfWo_A

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 06:10:13 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0PRmmU1YdwjqOLGKdHCseDlD0NzEf1TtYmRD8pG7pYyWjVwMosG0mFWeDtaQ3Unc31r71Ghgd9VSj5BYm1H-aPDJ-PFbVfWo_A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 05 Jan 2023 06:10:12 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E217
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM3-d5N-40dPOJ3ymZ0u4G8&google_cver=1&google_push=AavPq0Pb0_AaL4fhL139WKaffo-GIEbThDk797pm3oMaW_NbVjXuySip-nUX20q8Y4CvTWs82dOR5zK2MFw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pb0_AaL4fhL139WKaffo-GIEbThDk797pm3oMaW_NbVjXuySip-nUX20q8Y4CvTWs82dOR5zK2MFwTM-B6Xzevrjc-JvrP2g&google_hm=ssAUw0LFSg2Tj1V8o5...

170 B
232 B

99ms
61ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pb0_AaL4fhL139WKaffo-GIEbThDk797pm3oMaW_NbVjXuySip-nUX20q8Y4CvTWs82dOR5zK2MFwTM-B6Xzevrjc-JvrP2g&google_hm=ssAUw0LFSg2Tj1V8o5NNyjA

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pb0_AaL4fhL139WKaffo-GIEbThDk797pm3oMaW_NbVjXuySip-nUX20q8Y4CvTWs82dOR5zK2MFwTM-B6Xzevrjc-JvrP2g&google_hm=ssAUw0LFSg2Tj1V8o5NNyjA
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E217
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIB5kf99G6VKOCihyKCJ4ko&google_cver=1&google_push=AavPq0OAq-Dwn58T5bYCZmBSwk5p9d2kI4FTU1iNzH4rIcQPfUB8NWhsxfHNO-bR1w5sVmWQZDeYsUfGSb8kmLxju9QKSbyhOXP0lQc
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0OAq-Dwn58T5bYCZmBSwk5p9d2kI4FTU1iNzH4rIcQPfUB8NWhsxfHNO-bR1w5sVmWQZDeYsUfGSb8kmLxju9QKSbyhOXP0lQc&google_hm=Q0FFU0VJQjVrZjk5Rz...

170 B
188 B

58ms
58ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0OAq-Dwn58T5bYCZmBSwk5p9d2kI4FTU1iNzH4rIcQPfUB8NWhsxfHNO-bR1w5sVmWQZDeYsUfGSb8kmLxju9QKSbyhOXP0lQc&google_hm=Q0FFU0VJQjVrZjk5RzZWS09DaWh5S0NKNGtv

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AavPq0OAq-Dwn58T5bYCZmBSwk5p9d2kI4FTU1iNzH4rIcQPfUB8NWhsxfHNO-bR1w5sVmWQZDeYsUfGSb8kmLxju9QKSbyhOXP0lQc&google_hm=Q0FFU0VJQjVrZjk5RzZWS09DaWh5S0NKNGtv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E217
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFPGe2cY9Qc84KA2mR5Hcds&google_cver=1&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9MWeX2UG...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFPGe2cY9Qc84KA2mR5Hcds&google_cver=1&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9M...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f043b651-914e-438d-be5e-4db804208b75
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=f043b651-914e-438d-be5e-4db804208b75
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=87b31578-6415-45da-9514-0f1a21b30f31&user_group=1&ssp=google&bsw_param=f043b651-914e-438d-be5e-4db804208b75
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9MWeX2UGOe6cWhmBbHU&google_hm=8EO2UZFOQ42-Xk24BCCL...

170 B
188 B

58ms
58ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9MWeX2UGOe6cWhmBbHU&google_hm=8EO2UZFOQ42-Xk24BCCLdQ==

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0Om9GhQAF7O4YZuKkGTuATgOncIejRMkY4i5Oi487SfGCDDk6P-DAwI-meDI4tCI8PEeqLDmHhDyHTU9MWeX2UGOe6cWhmBbHU&google_hm=8EO2UZFOQ42-Xk24BCCLdQ==
date: Thu, 05 Jan 2023 06:10:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E217
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOcbDfe4flQtAgomWukoel8&google_cver=1&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF1Wo57...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOcbDfe4flQtAgomWukoel8&google_cver=1&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODk4MTIxOTkxMzk3MzQxMDczMQ&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF1Wo...

170 B
188 B

130ms
59ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODk4MTIxOTkxMzk3MzQxMDczMQ&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF1Wo57VD8KN_zXb7xdWOFRvPInKQk

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODk4MTIxOTkxMzk3MzQxMDczMQ&google_push=AavPq0MNAbdMQojSjigxuXHFjBx3R66GiNHZZYst4iptanXDhyEmcvS5nRLftxRKyN1XzUkhZtF1Wo57VD8KN_zXb7xdWOFRvPInKQk
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E217
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKjiXoLCnuprjnRBlvHfQAA&google_cver=1&google_push=AavPq0OzLxxVD1wFYFuEV7rrwom1bF9WSl5l1kBvlZJY_ASGX1PG9_VYaZdEO0wYSnFP6FvVLaJSc0iYvjOm6gdH...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OzLxxVD1wFYFuEV7rrwom1bF9WSl5l1kBvlZJY_ASGX1PG9_VYaZdEO0wYSnFP6FvVLaJSc0iYvjOm6gdHULVZTplBm96kivs

170 B
232 B

60ms
60ms

Image
image/png

142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OzLxxVD1wFYFuEV7rrwom1bF9WSl5l1kBvlZJY_ASGX1PG9_VYaZdEO0wYSnFP6FvVLaJSc0iYvjOm6gdHULVZTplBm96kivs

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:13 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OzLxxVD1wFYFuEV7rrwom1bF9WSl5l1kBvlZJY_ASGX1PG9_VYaZdEO0wYSnFP6FvVLaJSc0iYvjOm6gdHULVZTplBm96kivs
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 3fIp7BiOGHRA9KxLg61SnVIXEstWVmAuMYhUBglRbUoUMtup8JjpBA==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E217 0
223 B 185ms
56ms Image
text/html 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQZdipZQRMKs-RXkPMBOqgC9_jQCILiEQZlI92w0dqLo915RBAEeXPlrCG0tfbCRA3Uh-r

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 3E38 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ce1b4a305bb4b47f8bb8f2fbd5cb98360cb9ae7731aacbca2f66bb7f044dac1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B643 0
17 B 62ms
61ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFokww2m2Y5GVLeqR7_UP5LWL6AqJ-Iinbpm7mIn3EK6TxMuNDhABIObWqxtguwagAee61ZQpyAEBqQIGYaAIlMqxPqgDAcgDywSqBL0BT9AX4PXu6P2XKfmRXNZpzdIAMYzOvKYRCOoWg6PQEwED9rdE6t6383O2FqjIF_rKgp8BY4HgwiaJw4MbG131e6eHI7ZTfzHiI_TqVX8-q9GTsV0SYizPsQaqXuys-nxCRpcy1IBAIwUsbbxYRt-Ci4m47fqmeo9INX__kje6KCkfltCiyeHawktrUwr_LGSE3rHxjyUuBw3w7HXlsoLgXl6Kx-hG_z31Hw2ruwIjudqcApjMjB61h79vbRo1wASH8aOvnASSBQQIBBgBkgUECAUYBKAGAoAH5_Kl9AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDLLtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTU4NTY1NzY1NTY4NDI1ODYYAA&sigh=OZZxfwrpSFc&uach_m=[UACH]&cid=CAQSGwDq26N9hDVWlrUOu4Kfn4j9GD0JOTjmFSbMyhgBIBM&vis=1

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame AD6D 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:41:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 46B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:13 GMT
expires: Thu, 05 Jan 2023 06:10:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 523C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:13 GMT
expires: Thu, 05 Jan 2023 06:10:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AA2 36 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:41:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E38 0
17 B 64ms
63ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3LbWw2m2Y5KVLeqR7_UP5LWL6ArM9_6tbLrVtfb_D8CNtwEQASDm1qsbYLsGoAHAw-jDA8gBAagDAcgDwwSqBL0BT9A-j2sXsYnrwPkqas3G7g6gescyGCm6iZ5L8Pd7B5lVeFDlHENVqrHJEkgn1iMiI81LvwXbfSYxBwT1aBav4O9CJNlDJGghuGPt2iG9RC-2nhREB8hOicUOLEE2cU5rWTS5_azfRSVG6jppyuv2LT5XycTwllxrj_oWljjXXCCHTj-blaybkTgOjz_nifvfZacJ5cp4ln1tEfO4oNfrT54EaKO0uQEJ99qwGzX0ovHjd4io3ZNUBNVwW8W6wASnlqbt8gOSBQQIBBgBkgUECAUYBKAGZoAHqLyXPKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEIVP0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTg1NjU3NjU1Njg0MjU4NhgA&sigh=GmUU0QdipWo&uach_m=[UACH]&cid=CAQSGwDq26N9hDVWlrUOu4Kfn4j9GD0JOTjmFSbMyhgBIBM&vis=1

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:10:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F0A 143 B
166 B 20ms
19ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F0A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:14 GMT
expires: Thu, 05 Jan 2023 06:10:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AB2 36 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: dnepr.news
URL: https://dnepr.news/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:41:01 GMT

GET
H3

200

/
www.facebook.com/login/ Frame E886
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33cdb6ee532d54%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

196ms
172ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33cdb6ee532d54%2526domain%253Ddnepr.news%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdnepr.news%25252Ff3eaaed0784ee1%2526relation%253Dparent.parent%26container_width%3D239%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdnipronews%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D240

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=287640a5c303fe046621c8b73d75a4cf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 Jan 2023 06:10:14 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: zE0OloyvUuqvUKpz9fW6snfrINcy7F4Lz9MLZrw3r1+PzdJM8hs3pE6mrJ+e77Synli6YVkKcTKymmuZpNh6Pw==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Thu, 05 Jan 2023 06:10:14 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df33cdb6ee532d54%2526domain%253Ddnepr.news%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fdnepr.news%25252Ff3eaaed0784ee1%2526relation%253Dparent.parent%26container_width%3D239%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdnipronews%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D240
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: G7CY1rcHgUnJTmNDaINQvP4mA3zENUC9vjSwF7jI68FVok++MxKT8J4o9r4EIS2rWXA4aU7kzuzBt9KDk+/AsA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 115ms
74ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34caf7ffd90ce2a8b3fefb8cc7bf99fb6cd458dafd32b1280a3ef2ab50e84058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11187
x-xss-protection: 0

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 16ms
16ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://dnepr.news/
Origin: https://dnepr.news
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:32 GMT
date: Thu, 05 Jan 2023 06:10:14 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 15ms
14ms Font
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: dnepr.news
URL: https://dnepr.news/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://dnepr.news/
Origin: https://dnepr.news
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:31 GMT
date: Thu, 05 Jan 2023 06:10:14 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H3 200 70-47-policia1_03-01-23.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 52ms
51ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-policia1_03-01-23.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a907f4218a5c3998ec3e3685ff09561c265aa0893a0026c6f992706b142fb4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:14 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 03 Jan 2023 08:56:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e1975-6d9-5f1583fa78bee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDnb5DWcQapH7Mc21uz%2Bwq0bSwlaosHcqkgbEnjRTckA%2FICIMizK4raYhDrkUGH9XxLO0B140MNhcj6ewtQf45LccwCxi1r17ZW5utdyvTcFlQeyrfNRyxyMg6UY5M8oTUWYDbD08IiX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0cb65edd6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1753
expires: Thu, 05 Jan 2023 18:10:14 GMT

GET
H3 200 70-47-antares_bony.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 50ms
49ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-antares_bony.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16dafd682552b26ce63895206bdc32aa7f1ff03d4cbceb332e8e3fcf08a6c10d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:14 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 30 Dec 2022 14:52:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2e1953-68d-5f10cbecf49e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNkcbPvfR0ob496MtvQj9MkZNMZslN%2BPS2AuX7pIXsYEUUrg4lC%2F7N%2BHAhsrw9wQ%2BTEmaY3rAmSIxWiS4043xIPn7IZLaeA%2FjPsHeGE6jOauSV6MuTAD0Ig06RKDdwEBbQsQ0yJNblnm"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0cb65ede6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1677
expires: Thu, 05 Jan 2023 18:10:14 GMT

GET
H3 200 70-47-valuta-kurs.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 26ms
25ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-valuta-kurs.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07c3ac3d8bcd7d0f429f60e21ff5c1245916ebdba6f3dbcf678b25a23b44e1dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:14 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Apr 2020 17:37:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6616
etag: "1d37e9-67d-5a357c43805b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xOKE0ddpYS6ncgj3dD4AlkqzSTp5tDe9YIUFf3jptYAQoBKZajCjkJDN8EHWTQlT%2BBe38iZzXL9WYljh3pwcK6ciqseda2W29kQlMkslsdu9zHtH3oLXY3jMwSB3s0phkJS1umSMagI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0cb65edf6910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1661
expires: Thu, 05 Jan 2023 16:19:58 GMT

GET
H2 200 751119241.jpeg
cdn.gravitec.net/images/users/1643025773401997312/ 6 KB
6 KB 14ms
14ms Image
image/jpeg 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1643025773401997312/751119241.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 85c268b27cb3720341807d95bd69c7833c45dc948ac18d0d465749cc9c2d1753

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
date: Thu, 05 Jan 2023 06:10:14 GMT
last-modified: Tue, 27 Aug 2019 13:19:03 GMT
server: nginx
etag: "5d652dc7-1790"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6032
x-proxy-cache: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 644ms
644ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:14 GMT

GET
H3 200 70-47-obstrel1_27_09_22.webp
dnepr.news/images/cache/imagesthumbNewsfeed/ 2 KB
2 KB 25ms
25ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnepr.news/images/cache/imagesthumbNewsfeed/70-47-obstrel1_27_09_22.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae73f95abbdc339df6a5b655720b57e1972b645c6f51c956c2c42b74880a8826

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:14 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Sep 2022 06:20:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6615
etag: "2810ff-6b8-5e9a2a27853e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKtHgDkt4KNCQdiCby9jAW0fdaNjJjc%2FD0oXEUiz%2B1cz6teG6AA7TfVlb8YYeNM8jhVFUrBKPwO2jIpRlTcv%2Bfu6ng4WUb77oyJkDPt8reF1cphMdmCVLtA0sDL2sVr2MjeNpltpyyXO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 784a0cb72fd66910-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1720
expires: Thu, 05 Jan 2023 16:19:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C999 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYrCxqwJmbZUllnGJcdyZ27BtplvTI3a7_fw0pNaOX89J24jYr7NVH1yaTldOsRoy9d4KH2wCtbJAXAgVS_I-xTh1Ks09DzB58Rv7W0tBeqnfBd6lsZEpA_9bsPUO7LVpfGcsjGw&sai=AMfl-YSlJRATBpIWJo125r-slfpDk1Sr68dc70EmYENfUEQKo8GUnJp58alb-X_-cCfv-crB6tHmBE5S5ye3768&sig=Cg0ArKJSzA3sNxgJdXDgEAE&cid=CAQSGwDq26N9xs6SgwUL2KPQf8_ly2IevtvSbXDzrRgBIBM&id=lidar2&mcvt=1000&p=0,0,600,244&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3449364599&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672899011756&rpt=1565&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B643 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWGcA3hRPsYcJrKCGmSw9I6c1oOpaCfG7B_-MTecvFKSc6z9py6ejWJ8clovAeFD6B5Do3K-1RHeS88fr3SOX5fHEohYCXcL9mHuvj5MtXMyeZ7Nc67h7R0Ao56SfJnFPd8tP1lA&sai=AMfl-YSD7DMjZwijzT0RXmp-OL4MVDRyi6jKg18zxJajWDDehNdt8hd7V7fXeFPqUMbdZTBOV81DGoaT8e-N6_w&sig=Cg0ArKJSzFXX2VlNEsKzEAE&cid=CAQSGwDq26N9hDVWlrUOu4Kfn4j9GD0JOTjmFSbMyhgBIBM&id=lidar2&mcvt=1000&p=-70,0,430,180&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672899013003&rpt=616&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3E38 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviGUh0IogYfgR7uEEL9gTwvHooPof9X2A-73tMMouB2865XSgGqQ-4F0FvvW9XX4YmjHYGMts6ucvX3Br0-X2DPCUIrGeq3g1py02LuBxZBdud1mvdf9PUAhfw7gyK9bPN1vPzAg&sai=AMfl-YTU7qGEZeVST_8ep8-XGOIUX5SFc3WQgFoD6cSgtRfLoWROM576-vCmNWmvMYPThwHHbZt64l8iY82me9o&sig=Cg0ArKJSzK0mJ7eLwUkhEAE&cid=CAQSGwDq26N9hDVWlrUOu4Kfn4j9GD0JOTjmFSbMyhgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672899013008&rpt=693&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D52 13 KB
5 KB 37ms
35ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 31268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:29:06 GMT
expires: Thu, 04 Jan 2024 21:29:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0C40 783 B
534 B 59ms
58ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

edd8aa2b25be78be58b94493c7086bb0eafcb2b46da5ba4c947bd7092d0b95b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HeJz5JuHcbFl21BCa1Or1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dnepr.news/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-HeJz5JuHcbFl21BCa1Or1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:14 GMT
expires: Thu, 05 Jan 2023 06:10:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D52 36 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:41:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0C40 0
0 54ms
53ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=4131206543490449&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2D52 0
11 B 41ms
40ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Q-7PXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4355 28 B
54 B 66ms
66ms XHR
application/json 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1672899015295
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ZcWpu_QpZdo
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt5SER6UldsZ01vdyjD09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899011566&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C375%2C241&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 05 Jan 2023 06:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=4131206543490449&bg=!lJell9PNAAYDMoyoIzI7ACkAdvg8WvrMHFVGxLa8V9D1EePJhtqsEkaQLPmPTG47Y6Iu1rIA2GxrRwIAAACcUgAAAARoAQcKAENDMysrX9m-ttCDy9IEfDqOxRcGl4vhGnAgqnCdS9rWeG0rQ2ErOVSgUy8f7EqmuwQmOBexeCYBNfPDCvIh6ecg_Z-VmQKZz7uT8L1anBFxRoEZbVFi2lTNwbvK6jW5bBIkWfvjzbUaPW8mVNC774gOlPu0s0QRt7iI9hIhzkNlGh6Udulj8C1En6omzMLDdmu73eDmigUk4S2HTTagMsmOzhUC8eZg7PopAwZUGqXHkqBShR7r-z5o3tlmBY8Ek6qTYjnGGCbKXU_jLGfQLNHZ6d_GgPvqQn0_qCCJ5rPkqorE97W4F-8oEnLEZnxv9PMcnWNKarY01u3z91bHFlOx1H1zM_M_yZPcdqvxbKZ2U5VDglzyVqEu2VkHgU8KqsGV2OQQIItUqRWS6c_otFDcCDZuFaz-9JKT2jZNP8m8ZxfeSEB3QnC4lwtGKd-gWzXiQDQgqfP-bCox3gIDY9NNyUPtCSL934MNYA4oRwflqWnLOuzPeIVrh0jXTAXolxw8hEvku4oQaCekSWxdmEVkMbjzZ5Rx-_DRAvoKGjOUdrQjzZm7aI7EXjMVGqQ9PMicrXImkYYgItI8TFVgEW_GZ36gIEc-azqG1blVr0-XaEnciJH5wWMH680CQG_PFzqoFxp9KTbMEuu36UdEfs0r47APhiAmNrRJVjhC1Yna1EmBsdNvuiwTCNfPzzkg9On7pPt5j2AUW3uZcKzwjrQVvQmptOEnrpDwwy8sDWMVAkc4fnY6aTBKvQYSIr9lE95ch4k-e9P3cwotG9RxgOyQpnJAYdsZhl_MXVguZJKvCubLnvUI3rweBuw-x5tfR5me1r3uMPfsh9Q4u6bGYWq_yD1UMe1_2dFXlDziaGjDsQ8hK8e0wLbFWfuV8BgmC8bEc054bGMGqL625yJRiycQabVyG37gERTgqdzwbeby7PTW0oTiImU5yoWmlhJMTT31meMtFxJ5fodOlSynZNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dnepr.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

POST
H2 200 56984335 Show response
mc.yandex.ru/webvisor/ 43 B
160 B 302ms
63ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/56984335?wmode=0&wv-part=1&wv-hit=716205510&page-url=https%3A%2F%2Fdnepr.news%2F&rn=820879742&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672899016%3Aw%3A1600x1200%3Av%3A952%3Az%3A0%3Ai%3A20230105061015%3Au%3A1672899011783504690%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672899016&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dnepr.news/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 05-Jan-2023 06:10:16 GMT
content-type: image/gif
access-control-allow-origin: https://dnepr.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:16 GMT

POST
H2 200 56984335 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 64ms
63ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/56984335?wmode=0&wv-part=1&wv-hit=716205510&page-url=https%3A%2F%2Fdnepr.news%2F&rn=621553165&wv-type=3&browser-info=we%3A1%3Aet%3A1672899016%3Aw%3A1600x1200%3Av%3A952%3Az%3A0%3Ai%3A20230105061016%3Au%3A1672899011783504690%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672899016&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dnepr.news/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 05-Jan-2023 06:10:16 GMT
content-type: image/gif
access-control-allow-origin: https://dnepr.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:16 GMT

POST
H2 200 56984335 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 74ms
73ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/56984335?wmode=0&wv-part=2&wv-hit=716205510&page-url=https%3A%2F%2Fdnepr.news%2F&rn=620889140&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1672899017%3Aw%3A1600x1200%3Av%3A952%3Az%3A0%3Ai%3A20230105061017%3Au%3A1672899011783504690%3Avf%3A14qzoz81s4a176hik6jd9j%3Ast%3A1672899017&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dnepr.news/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 05-Jan-2023 06:10:17 GMT
content-type: image/gif
access-control-allow-origin: https://dnepr.news
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 05-Jan-2023 06:10:17 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dnepr.news/	1969-12-31 23:59:59	Name: PHPSESSID Value: 98jusopgr8v80mt2b02t2u2os1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: gpQM_UGzgSk
.youtube.com/	1970-01-20 13:00:51	Name: VISITOR_INFO1_LIVE Value: yHDzRWlgMow
dnepr.news/	1969-12-31 23:59:59	Name: b Value: b
.yadro.ru/	1970-01-20 17:26:42	Name: FTID Value: 1Zjcd32OaEeT1Zjcd3001Fad
.dnepr.news/	1970-01-20 17:27:15	Name: _ym_uid Value: 1672899011783504690
.dnepr.news/	1970-01-20 17:27:15	Name: _ym_d Value: 1672899011
.yadro.ru/	1970-01-20 17:26:42	Name: VID Value: 15tOSb1RX2OT1Zjcd3001FbJ
dnepr.news/	1970-01-20 18:17:39	Name: GN_USER_ID_KEY Value: 6132ad6a-13fc-4701-9a01-92264bf07552
dnepr.news/	1970-01-20 08:41:40	Name: GN_SESSION_ID_KEY Value: f4c14bef-78b0-44dc-b60f-d238af470400
.dnepr.news/	1970-01-20 18:17:39	Name: _ga Value: GA1.2.285645658.1672899012
.dnepr.news/	1970-01-20 08:43:05	Name: _gid Value: GA1.2.1805172740.1672899012
.dnepr.news/	1970-01-20 08:41:39	Name: _gat_gtag_UA_71772614_1 Value: 1
.yandex.ru/	1970-01-20 17:27:15	Name: ymex Value: 1704435011.yc.1672899011#1704435011.yrts.1672899011#1704435011.yrtsi.1672899011
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1438316361672899011
.yandex.ru/	1970-01-20 18:17:39	Name: i Value: FkTTnx82Qf6afVzEK9m+kPzP7ZIhK6syWfICmdm1U+/dGFIQM4jeRpRD2rPyQDmLzrAkAZxfUGGxlWlxn5/jAAiJbW4=
.yandex.ru/	1970-01-20 17:27:15	Name: yandexuid Value: 4632134961672899011
.yandex.ru/	1970-01-20 17:27:15	Name: yuidss Value: 4632134961672899011
.dnepr.news/	1970-01-20 08:42:51	Name: _ym_isad Value: 2
.dnepr.news/	1970-01-20 18:03:15	Name: __gads Value: ID=7c14bbb9242472f7-22e830fdf8da00b3:T=1672899011:RT=1672899011:S=ALNI_MbLRaLi2JHnKe3RjTQkjbJmNNUkEQ
.dnepr.news/	1970-01-20 18:03:15	Name: __gpi Value: UID=00000b9d5beb9396:T=1672899011:RT=1672899011:S=ALNI_MbnIFEyL9MGUI4qmFBL9orHMA44og
.mc.webvisor.org/	1970-01-20 08:41:39	Name: sync_cookie_csrf Value: 4002384501fake
.dnepr.news/	1970-01-20 08:41:40	Name: _ym_visorc Value: w
.mc.yandex.ru/	1970-01-20 08:41:39	Name: sync_cookie_csrf Value: 731628623fake
.doubleclick.net/	1970-01-20 18:03:15	Name: IDE Value: AHWqTUnX0r8jil4UqdOo6ogef2iScxFBRAKthUm75Vrq2ellqp6pneJfKPYPwADaml0
.webvisor.org/	1970-01-20 18:17:39	Name: yandexuid Value: 4632134961672899011
.webvisor.org/	1970-01-20 18:17:39	Name: yuidss Value: 4632134961672899011
.webvisor.org/	1970-01-20 18:17:39	Name: i Value: FkTTnx82Qf6afVzEK9m+kPzP7ZIhK6syWfICmdm1U+/dGFIQM4jeRpRD2rPyQDmLzrAkAZxfUGGxlWlxn5/jAAiJbW4=
.mc.webvisor.org/	1970-01-20 08:43:05	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 08:41:42	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-20 17:27:15	Name: cid_b2c014c342c54a0d938f557ca3934dca Value: 1
.ctnsnet.com/	1970-01-20 17:27:15	Name: gid_CAESEM3-d5N-40dPOJ3ymZ0u4G8 Value: 1
.quantserve.com/	1970-01-20 10:51:15	Name: d Value: EEIBCQH9J4EA
.quantserve.com/	1970-01-20 18:11:53	Name: mc Value: 63b669c5-a9ee3-03e43-1f3bf
.mathtag.com/	1970-01-20 18:07:34	Name: uuid Value: 101863b6-69c6-4200-bac4-95f3cd8a96a1
.mathtag.com/	1970-01-20 09:24:51	Name: mt_mop Value: 4:1672899014
.adform.net/	1970-01-20 09:26:17	Name: C Value: 1
.bidswitch.net/	1970-01-20 17:27:15	Name: tuuid Value: f043b651-914e-438d-be5e-4db804208b75
.bidswitch.net/	1970-01-20 17:27:15	Name: c Value: 1672899013
.bidswitch.net/	1970-01-20 17:27:15	Name: tuuid_lu Value: 1672899013
.adform.net/	1970-01-20 10:08:03	Name: uid Value: 8981219913973410731
.agkn.com/	1970-01-20 17:27:15	Name: ab Value: 0001%3AimoEvLc73QO%2B0T6jxxhm33kDdAaJ7IKe
.agkn.com/	1970-01-20 17:27:15	Name: u Value: C\|0CEArSSZFK0kmRQAAAAAAAQ13AQCAAQpAAAAAAA
pool.admedo.com/	1970-01-20 17:27:15	Name: tuuid Value: 87b31578-6415-45da-9514-0f1a21b30f31
pool.admedo.com/	1970-01-20 17:27:15	Name: c Value: 1672899014
pool.admedo.com/	1970-01-20 17:27:15	Name: tuuid_lu Value: 1672899014

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-5856576556842586&fa=4&ifi=11&uci=a!b&btvi=7&xpc=Gwfwq1PnHc&p=https%3A//dnepr.news Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
api.gravitec.media
api.top.my.ua
c.bigmir.net
c1.adform.net
cdn.gravitec.media
cdn.gravitec.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
d.agkn.com
dnepr.news
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i.bigmir.net
i.ytimg.com
id.gravitec.net
jnn-pa.googleapis.com
landing.top.my.ua
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pool.admedo.com
s.ad.smaato.net
static.doubleclick.net
stats.g.doubleclick.net
sync.mathtag.com
top-js-metrics.top.my.ua
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
138.201.61.243
142.250.180.226
149.5.244.20
18.197.12.31
185.29.132.241
193.239.68.97
193.239.71.100
2600:9000:206e:3c00:1b:5138:8a40:93a1
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2016
2a00:1450:4001:80e::2002
2a00:1450:4001:829::2003
2a00:1450:400c:c07::9c
2a00:1450:400d:802::2008
2a00:1450:400d:803::2001
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::200a
2a00:1450:400d:808::200e
2a00:1450:400d:80a::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2004
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2003
2a00:1450:400d:80e::2006
2a02:6b8::1:119
2a02:6ea0:f400::4
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::485
2a06:98c1:3120::c
35.186.193.173
35.210.53.219
35.214.184.209
37.157.6.252
45.133.44.3
45.133.44.4
54.93.225.243
88.212.201.198
023da60f004e8f3a52e1863381e0d3cf0ffe8a239a8712c81d1090330c4ee60e
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
03be95d9489507044f25fdd6d57f095b69728822a4749c5ffeeb4de4f79bc6e6
05122f5f747965aec80acdca6950d7a530ec1411d91d90b94d4a229683ac67a2
06680ca4297b48fb4cfee8400168679f2050485e705a7388410bc7ca2661ec48
07c3ac3d8bcd7d0f429f60e21ff5c1245916ebdba6f3dbcf678b25a23b44e1dc
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b34a3f23576608170ed883a2e0d79fe93efb59d49b782cf74b81e939623bd2c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce1b4a305bb4b47f8bb8f2fbd5cb98360cb9ae7731aacbca2f66bb7f044dac1
0d14a713e488c4e6d91c09313423f8443229d4e643c1f7b40c8e3e73b7ecb754
0d34d46ecd0f5f89ffaea1e329e1547d2aca97d033ad73a7e4cbba822daa6da9
100d6d01944aeac964ec98e0ce2573e99415760ed85157c46e32fef47140ef94
1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04
16dafd682552b26ce63895206bdc32aa7f1ff03d4cbceb332e8e3fcf08a6c10d
17234b119928dcf13051ef276436dc2a0191a2eb9dd21dcfc3f1a638b7c03e71
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190665911363af602f0170f8839b1a8817e59d2f566c5790569b1b667260318b
1a816f9462c01ee6ae4bf633fe1d2f17f7d55a6c7527761e57765d0767c8c208
1abbdd682c5913d52b6f0d768b391019a0c6ab40dcd155a43e3b5dacf0d8ec06
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
22e56c5ec2f058769dbf2f30e08136efd50ca00da4a5312363bb749227299bcc
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
23d7b2a03ac7ac589262d03ee26946822e3b36607e96e1f272ba1fe3912fa520
25bba7f12fc15e48d9d474e466a8cb36fc8bd76e77f19b84c1410bed19f4483a
269b5b15022ed3b421ebe84399c296dd16df8ed821f3e675d61f2b58dabb672d
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3239086cc63cb7c30987b8560a56eee660bd01c8ea3370338a54b6ebf05415f4
34507612671884f0dfaff03895673df5df313499a4276be9eed4dea170d2c6d7
34caf7ffd90ce2a8b3fefb8cc7bf99fb6cd458dafd32b1280a3ef2ab50e84058
35582a5e51f01b4ce48197c88f4a6d90e60b215f78852e0dedb253ebd03525b8
37aae8256c019413b80300fad81e8719f1ad67b62104c9cdb76d98af6480e980
3a08041caeac5aad2afd76684c7235288dcdd38ad275bc284509f3186411ab28
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fd94f374ef26ee23508d48319e84a6ccc10ecb7e539ee1a4655d898e03f8806
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49a907f4218a5c3998ec3e3685ff09561c265aa0893a0026c6f992706b142fb4
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4bf98f6744f9c77fcef4057e8cf38c3852a9cade09e3bb1ecb123f62a65106c5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fe0c4629f51f492b9c0b172ca3f7a8e9ef42ae8fe0d029e524a9d1a5fd94932
51972b5bc3e0a6286b3b4f20004da5c1900cd569fb6432d8ac1033311b7d4ea7
5222edb695cd85a319a4f5035c583e3f8ea6830a1386dd03ceb77e7a3bc8da6c
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56287bda35de26a900f9eb7bc75300f4423eb5c990ab82fa8978e7cc2b052819
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b39579067c27b1d00adf5f5cf41c7d2fb74f42c2ae23868cab33365ce52cf0e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7a0715b98dc3aafacf51b37865579e0af701f8b2c61796d6dc4a103df8a78a
5dcf10c1b732d51f53838d4cf4cd47175967311ff4c813198edf55fe97afa265
5e144fc1f4c3e69699e70030abd55f37d7b1c3c82ffbeec915644da60f5d66f4
5e650b6c686ddeb9a20e6e00c4e31f14365ece01a60510351df286e95f534272
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63de6432bef2b9bde83485f644c4d154eca5129463fc0db6b60cc24db4610894
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b27fe6579f4e90f9b7f692f2fb1ef667fba1a680874c71a3560b36ffface662
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c881c6b7f8b7d67c3d94abaa66c40bc7442f969c890d3056ed064340c60ae38
6d5b75f90f16f43565cf61e38247d1ea7cca6faebfe20c99adad2d5316a2950a
6f09981b3c39e1100ee62ec8a42bc9feed5cc4a8ad885adb9fcdd6e5c149a176
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72d2a0a6a7932828891af8ca6f56ecf109962670f59e0e07ddb245abb4ee5561
756d1b4acb5cc91af64eb18700d03d524365fc4b91f6063b5b896c157c9275d0
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7afa9429f86f20726ac32840787a24a59fac13978e33faf4af17b346049129ff
7c5037e87ed1356066b523da67acdab734613230ad579e6924f7195fa656eb86
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
805865d229ebe3e7a35b5913ff1f842d6aef43eda8983d553105019021c5ef60
810d8ed2000458419df14bef7aa2daa78604fff9de26687fee3ff9e1ec2a24e6
82da7c73e2d074affed53227ec94b27a1e3a64ff07449b069a56e6da7d22bb51
8359d92bb56a99ff09b00679727bb1102292ce9f7249aa8c122e0c36f64742a8
85c268b27cb3720341807d95bd69c7833c45dc948ac18d0d465749cc9c2d1753
86f10c802414c8a22c9de5774e5457a0818e0e4e0fd75bbfc27beb560109f018
8744b359b1c7d37890c7a2185c3679288f27dc58ea4b7548adda4b832e38c5f9
88ef06309ed1144e38945d453a9495926361a489ca33ddfcb6b00f664850b37b
8db04bf653cd921ae815d2180c5b0e27a2e2c9b6cae167aefd37a4c0c827dc9c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a26213bf54d623b217d36aa2cf43ac255748c13664e5b597b4ed999faeb15a3d
a49ccfdf4bc7bb30b43ec2854208eb04da9496a066fd77cc668d396296a32521
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a544048eccf66671ece0d1d2d62389486067337646e49499d1bf4bc563ffe4b4
a695e39554a03d18a1df407bb52ebcaa4aadb356360703b92b2fc174af501dd4
a69a33ad2f79f25ab188eec341182afa6a57ffea8b674b852848f8f0132945aa
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9975cdc8f2db4390fe53c1658dbba78d97d3e2408c503b1ff4197213d1ff8ec
ab935ef979766947a5fdefd793e02a3defe44637ca3af6b49fad97a8c7e66c3e
ac647a5da1260fccbee14f0436e89f0866bb062b367b93dedef417b1e03d2b52
ae73f95abbdc339df6a5b655720b57e1972b645c6f51c956c2c42b74880a8826
aec483ffc038effca48717c07bba00f3ca25551bca1f288806136fea103cce66
af1b210374bf6e839bef83f2c645387cd8f31afdcd46ae59ec64e27ceaba1421
b0aa183fd7ea4e99287a573281bcfe35d9804292c63e15a47a911eda79d90a89
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb05aff1a3f1507781e5289aad0893dc83ceb8c455c8270b0924619ef9c4f989
bd316e6e58221f660277ee6dd6175d935674a722e982a1668c3d5de14b759317
c2375c7e1db09ed070014f03f82c4b5f9c43443da3b7c8f577a5bfb75953ebdf
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5046234db951b30525f735b4d5d583bc383d9ceb9868b2053e9b95500da0bee
c855c4aef7333dfa098c16b6c230fa5cebed336124a664761b63b9a916a7ea05
c9b9a8ffca5554c798c1c6b2aeffad8f114ffa5794111956e98db604ff90fbf4
c9efb7d984d39d698ae90a807b5a69170e9814f15178bd624a135d39bbdc5d5e
ce49c16ea90c1cde34a680b9f6ff89055bda0084a9c283621bf8699c51aa40c0
d016e80492f06e7fa9a51ed34e7a6944123bfff28b5f05a14649049848ababe8
d02a13a132896eb26b59961a977b648637b99a83e3dacf83f32f0a4e18ea968e
d13b6ce9be0abdc496f6a381705f48838bb7016a492fc9c35b6311af2347072b
d51fb3da034945987b624f6f771a9489b35f196d83f43ecab125869af5ae4bd0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85473a35a2eb4d4988d33a68f1d75a9a79aafb98d3ec2309d51590f5ecbd3d5
e85501f60ba2b5ff7ad1f76f816147464239ebe38e1e0a4734257ba0c60f1396
eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b
edd8aa2b25be78be58b94493c7086bb0eafcb2b46da5ba4c947bd7092d0b95b4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7607eada6be10437483ae91184548fc094519a3e117fbc49aa0739523f2cc05
f8d55ed5c477efb9e3272e14232c7a9189031e82c1c75adadd0712b2e3bf7b9e
fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

dnepr.news Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

203 Requests

94 %HTTPS

63 %IPv6

32 Domains

44 Subdomains

34 IPs

9 Countries

2800 kBTransfer

8189 kBSize

46 Cookies

11 Outgoing links

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dnepr.news Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

94 %
HTTPS

63 %
IPv6

32
Domains

44
Subdomains

34
IPs

9
Countries

2800 kB
Transfer

8189 kB
Size

46
Cookies

203 HTTP transactions
6 data transactions