xn--kodw-pocztowych-xrb.cybo.com Open in urlscan Pro Puny
kodów-pocztowych.cybo.com IDN
172.67.23.160  Public Scan

Submitted URL: http://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Effective URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Submission: On November 12 via manual from SG — Scanned from SG

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 38 HTTP transactions. The main IP is 172.67.23.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn--kodw-pocztowych-xrb.cybo.com.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time xn--kodw-pocztowych-xrb.cybo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
www.google.com — Cisco Umbrella Rank: 3
73 KB
8 cloudfront.net
dssdm2l6bhbrm.cloudfront.net
134 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
255 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
20 KB
2 cybo.com
xn--kodw-pocztowych-xrb.cybo.com
28 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
38 7
Domain Requested by
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 dssdm2l6bhbrm.cloudfront.net xn--kodw-pocztowych-xrb.cybo.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 pagead2.googlesyndication.com xn--kodw-pocztowych-xrb.cybo.com
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 xn--kodw-pocztowych-xrb.cybo.com static.cloudflareinsights.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 static.cloudflareinsights.com xn--kodw-pocztowych-xrb.cybo.com
38 9

This site contains links to these domains. Also see Links.

Domain
katalog-firm.cybo.com
numery-kierunkowe.cybo.com
pl.wikipedia.org
support.cybo.com
Subject Issuer Validity Valid
cybo.com
WE1
2024-11-11 -
2025-02-09
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
adtrafficquality.google
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 8 frames:

Primary Page: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Frame ID: 8C31280B70A066EBCB5E8241DED6F7F2
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html
Frame ID: 25E1E61F8C6A0CF73BF3FC5E84F639B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731408356&plaf=1%3A1%2C7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&fba=1&format=0x0&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357177&bpp=4&bdt=596&idt=389&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3572232808772&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=411
Frame ID: 31D033EF2BE53186623F948CDF5BE4A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&h=600&slotname=7180311471&adk=1674610719&adf=1682808983&pi=t.ma~as.7180311471&w=176&abgtt=6&fwrn=4&fwrnh=100&lmt=1731408356&rafmt=1&format=176x600&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357181&bpp=2&bdt=600&idt=428&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3572232808772&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=438
Frame ID: 71462F9F30215005BFA769738B9A2A1D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&h=100&slotname=6101257423&adk=1526841504&adf=1403521067&pi=t.ma~as.6101257423&w=776&abgtt=6&fwrn=4&fwrnh=100&lmt=1731408356&rafmt=12&format=776x100&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&fwr=0&fwrattr=true&rh=100&rw=776&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357183&bpp=3&bdt=602&idt=445&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C176x600&nras=1&correlator=3572232808772&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=448
Frame ID: 0E1E250512B6500951A481EC755B6F73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&h=280&slotname=1310486336&adk=3544125777&adf=54630664&pi=t.ma~as.1310486336&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1731408356&rafmt=1&format=1200x280&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357186&bpp=1&bdt=605&idt=453&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C176x600%2C776x100&nras=1&correlator=3572232808772&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=456
Frame ID: 321D1174AF5C1689D994008446288EA7
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 210F3EBC87FDB5C239307515DDA99EE7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 18714997E59FFA487313845F63CFE943
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Lista Drużkiwka, Obwód doniecki Kod Pocztowy - Cybo

Page URL History Show full URLs

  1. http://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/ HTTP 307
    https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

38
Requests

97 %
HTTPS

45 %
IPv6

7
Domains

9
Subdomains

12
IPs

2
Countries

516 kB
Transfer

1278 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/ HTTP 307
    https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Redirect Chain
  • http://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
  • https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
122 KB
28 KB
Document
General
Full URL
https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.23.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81501838459149b9ac3a6a1c8115ad31a48d062b770c9c220532f93bc1c90201
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=2592000
cf-cache-status
MISS
cf-ray
8e15ef716867ce8d-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 12 Nov 2024 10:45:56 GMT
expires
Thu, 12 Dec 2024 10:45:56 GMT
last-modified
Tue, 12 Nov 2024 10:45:56 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="MISS"
vary
Accept-Encoding
x-frame-options
DENY

Redirect headers

Location
https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Non-Authoritative-Reason
HttpsUpgrades
CyboFont.woff2
dssdm2l6bhbrm.cloudfront.net/lyra011/fonts/custom/
14 KB
15 KB
Font
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/fonts/custom/CyboFont.woff2
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:a800:a:163a:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3abddd1d081e07ca95b8231ac655760ee1822bdcefcfbc6219e48ed04e895

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://xn--kodw-pocztowych-xrb.cybo.com
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

cf-cache-status
MISS
etag
"624bd7cb-39d4"
age
7749139
expires
Fri, 20 Dec 2024 18:13:38 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
QB_Wg2KHgcrAIQHkUrlaFmkl3Vn9TfkljZrNWw3Nt8fG8FWF3fYP3w==
date
Wed, 14 Aug 2024 18:13:38 GMT
content-type
application/octet-stream
last-modified
Tue, 05 Apr 2022 05:46:51 GMT
vary
Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
cf-ray
8b32eb82d91fa12c-SIN
accept-ranges
bytes
access-control-allow-origin
*
content-length
14804
x-amz-cf-pop
SIN52-C2
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
159 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3277611669278962
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
d75f9f2cc0b6a0d3579dd1938826ab08487363ace236caf183a36009be7b6b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://xn--kodw-pocztowych-xrb.cybo.com
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
br
etag
2109208181632711386
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 10:45:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 12 Nov 2024 10:45:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54083
x-xss-protection
0
server
cafe
logo_reg.png
dssdm2l6bhbrm.cloudfront.net/lyra011/img/
452 B
915 B
Image
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/img/logo_reg.png
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:a800:a:163a:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23fa83603cf949c3bf89647d203d8a907aa094191abf96cedc7245e3f8579b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"62e06ad8-1c4"
age
7749202
expires
Fri, 20 Dec 2024 18:12:34 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
H9jKLjBKkWjy5--bgLMyr08AwPcQwurdUk3RT4gkUh1AnAX0h8j5oA==
date
Wed, 14 Aug 2024 18:12:34 GMT
content-type
image/png
last-modified
Tue, 26 Jul 2022 22:29:44 GMT
vary
Accept-Encoding,Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
cf-ray
8b32e9efed1b4ca7-SIN
access-control-allow-origin
*
x-amz-cf-pop
SIN52-C2
server
cloudflare
down.png
dssdm2l6bhbrm.cloudfront.net/lyra011/img/
200 B
705 B
Image
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/img/down.png
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:a800:a:163a:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93cc47d3c75885ec13b152d5d84189d1fa5ecb34e47aac99d1d7d03501a61865

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"624bd7cb-c8"
age
7749202
expires
Fri, 20 Dec 2024 18:12:34 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
r2BTK_I2eZWplwk6zq8GNCCgPvhudTruAx5Dyyu1sBlxArcdGjqe2w==
date
Wed, 14 Aug 2024 18:12:34 GMT
content-type
image/png
last-modified
Tue, 05 Apr 2022 05:46:51 GMT
vary
Accept-Encoding,Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
cf-ray
8b32e9f008afce7a-SIN
access-control-allow-origin
*
x-amz-cf-pop
SIN52-C2
server
cloudflare
sf20-s01df029539.png
dssdm2l6bhbrm.cloudfront.net/lyra011/img/
107 KB
107 KB
Image
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/img/sf20-s01df029539.png
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:a800:a:163a:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90851fc083e026c892ace2d5cc1d19574b396c41e450879c01d328789d31f2ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"624bd7cc-1aa7f"
age
7749057
expires
Fri, 20 Dec 2024 18:14:59 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
muY1Hv51sIgPldVxrOSxspwyI1uwgLcY6AgInLEVQwoEQjyIBMLuBQ==
date
Wed, 14 Aug 2024 18:14:59 GMT
content-type
image/png
last-modified
Tue, 05 Apr 2022 05:46:52 GMT
vary
Accept-Encoding,Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
cf-ray
8b32ed79cb469c56-SIN
access-control-allow-origin
*
x-amz-cf-pop
SIN52-C2
server
cloudflare
header-bg.png
dssdm2l6bhbrm.cloudfront.net/lyra011/django_tables2/themes/paleblue/img/
130 B
629 B
Image
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/django_tables2/themes/paleblue/img/header-bg.png
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:a800:a:163a:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23ac8d42f2d183d9e7c00c3434b15db58c79df23d9b54c81f6b257113f4a320

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"624bd7cb-82"
age
7748999
expires
Fri, 20 Dec 2024 18:15:57 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Nl-kKYZBcHQJ7oamSRsjpafyHaMb87zkgVWEBz50ayN_W3Ezr6pdYQ==
date
Wed, 14 Aug 2024 18:15:57 GMT
content-type
image/png
last-modified
Tue, 05 Apr 2022 05:46:51 GMT
vary
Accept-Encoding,Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
cf-ray
8b32eee8ca889fe9-SIN
access-control-allow-origin
*
x-amz-cf-pop
SIN52-C2
server
cloudflare
arrow-active-up.png
dssdm2l6bhbrm.cloudfront.net/lyra011/django_tables2/themes/paleblue/img/
195 B
691 B
Image
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/django_tables2/themes/paleblue/img/arrow-active-up.png
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:a800:a:163a:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c94664e46d9ad836620f6f9442d1062b227bdd2bfd89763a1329633a614c9a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"624bd7cb-c3"
age
7748998
expires
Fri, 20 Dec 2024 18:15:58 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
bOImFCZtDkWd-ChiYIdAUlyudGmjcMpUBFpxgCUxymIe2wg2ueFGkQ==
date
Wed, 14 Aug 2024 18:15:58 GMT
content-type
image/png
last-modified
Tue, 05 Apr 2022 05:46:51 GMT
vary
Accept-Encoding,Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
cf-ray
8b32eee91bdace6a-SIN
access-control-allow-origin
*
x-amz-cf-pop
SIN52-C2
server
cloudflare
arrow-inactive-up.png
dssdm2l6bhbrm.cloudfront.net/lyra011/django_tables2/themes/paleblue/img/
195 B
691 B
Image
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/django_tables2/themes/paleblue/img/arrow-inactive-up.png
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b4:a800:a:163a:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96232474af786c6453558dcd3c0008fb7fedb5aa9ab23cbd3a0f61a4ebc3b0fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"624bd7cb-c3"
age
7748999
expires
Fri, 20 Dec 2024 18:15:58 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SjHRi8NUV4qIA2AydhqXv52GxryOsdJvyV94l858JXZ3xwnkrJMIgg==
date
Wed, 14 Aug 2024 18:15:58 GMT
content-type
image/png
last-modified
Tue, 05 Apr 2022 05:46:51 GMT
vary
Accept-Encoding,Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
cf-ray
8b32eeeb0d17ce4e-SIN
access-control-allow-origin
*
x-amz-cf-pop
SIN52-C2
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: xn--kodw-pocztowych-xrb.cybo.com
URL: https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://xn--kodw-pocztowych-xrb.cybo.com
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e15ef7c4c0181ec-SIN
access-control-allow-origin
*
date
Tue, 12 Nov 2024 10:45:57 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/
91 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3277611669278962
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
9b5a8157a9aa1b889c539d4d33fc7a1048af17cb3d220df484f4178541eadd66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
br
etag
1696987270560818977
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 10:45:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 12 Nov 2024 10:45:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
32269
x-xss-protection
0
server
cafe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3277611669278962
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
d298fd0d24ac5b49fa1afe5bdc6dbec86b2cd3578b248da66a7038f7250bac3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
br
etag
4944268857041203062
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 10:45:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 12 Nov 2024 10:45:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147806
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/ Frame 25E1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--kodw-pocztowych-xrb.cybo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
19437
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 05:22:00 GMT
etag
4475648825157136472
expires
Tue, 26 Nov 2024 05:22:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 31D0
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731408356&plaf=1%3A1%2C7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&fba=1&format=0x0&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357177&bpp=4&bdt=596&idt=389&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3572232808772&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--kodw-pocztowych-xrb.cybo.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 10:45:57 GMT
expires
Tue, 12 Nov 2024 10:45:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7146
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&h=600&slotname=7180311471&adk=1674610719&adf=1682808983&pi=t.ma~as.7180311471&w=176&abgtt=6&fwrn=4&fwrnh=100&lmt=1731408356&rafmt=1&format=176x600&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357181&bpp=2&bdt=600&idt=428&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3572232808772&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=304&ady=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=438
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--kodw-pocztowych-xrb.cybo.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 10:45:58 GMT
expires
Tue, 12 Nov 2024 10:45:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3277611669278962
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

ads
googleads.g.doubleclick.net/pagead/ Frame 0E1E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&h=100&slotname=6101257423&adk=1526841504&adf=1403521067&pi=t.ma~as.6101257423&w=776&abgtt=6&fwrn=4&fwrnh=100&lmt=1731408356&rafmt=12&format=776x100&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&fwr=0&fwrattr=true&rh=100&rw=776&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357183&bpp=3&bdt=602&idt=445&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C176x600&nras=1&correlator=3572232808772&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=448
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--kodw-pocztowych-xrb.cybo.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 10:45:58 GMT
expires
Tue, 12 Nov 2024 10:45:58 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 321D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3277611669278962&output=html&h=280&slotname=1310486336&adk=3544125777&adf=54630664&pi=t.ma~as.1310486336&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1731408356&rafmt=1&format=1200x280&url=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731408357186&bpp=1&bdt=605&idt=453&shv=r20241107&mjsv=m202410310101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C176x600%2C776x100&nras=1&correlator=3572232808772&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2732&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95343681%2C95344189%2C95346760%2C95335246%2C95345472%2C95345967&oid=2&pvsid=926545150560913&tmod=38808478&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=456
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--kodw-pocztowych-xrb.cybo.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
406
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 10:45:57 GMT
expires
Tue, 12 Nov 2024 10:45:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-3277611669278962
fundingchoicesmessages.google.com/i/
195 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3277611669278962?href=https%3A%2F%2Fxn--kodw-pocztowych-xrb.cybo.com%2Fukraina%2Fdru%25C5%25BCkiwka&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0adab8f4efc37f22b490970bd540d78dde839f91900a6b28ba7f292d6ef0d8a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--eKD5UQm-mZhviwecbepBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:58 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4nj0-s5NNoOPN1KlMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYGegbm8QUGAIuQQC0"
content-security-policy
script-src 'report-sample' 'nonce--eKD5UQm-mZhviwecbepBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b2pwuh-AsrLZJbK7OeOvJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:58 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF49vjMTjaBBw1L5jMruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MDPQPz-AIDAEwBKRw"
content-security-policy
script-src 'report-sample' 'nonce-b2pwuh-AsrLZJbK7OeOvJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWqN5cWJcSOnnLM4_D-Er4aFy561ydhJDDj0nBPu3i0IDDc_U9tIWF5YoW77-O9gj4sX17VrVKUOfCDCoRe-x09ptp_menK0KnFO6gtpLs4MVXaN9UrUShjk4ZHNPQTfGql2DDTIw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWqN5cWJcSOnnLM4_D-Er4aFy561ydhJDDj0nBPu3i0IDDc_U9tIWF5YoW77-O9gj4sX17VrVKUOfCDCoRe-x09ptp_menK0KnFO6gtpLs4MVXaN9UrUShjk4ZHNPQTfGql2DDTIw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNDA4MzU4LDczODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly94bi0ta29kdy1wb2N6dG93eWNoLXhyYi5jeWJvLmNvbS91a3JhaW5hL2RydSVDNSVCQ2tpd2thLyIsbnVsbCxbWzgsIm1TYW1SSlZ6UkI0Il0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4246e933615def602fcc06248ed346b14e542d6a2ee312ff3ec5c4d3edd2b3a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3qjuaCTZvJH_FY_1A8xEGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:58 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4nj0-s5NN4ELPp99MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYGegbm8QUGAKx1QN0"
content-security-policy
script-src 'report-sample' 'nonce-3qjuaCTZvJH_FY_1A8xEGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxW6RH7QPOZFH61JUdNYsIGibhgAQU83qJHCFRgRWL9kLzQbkX2WUF8vZSqO_AgGr4ZmGYirsbhXmSjbaLXbZXw3cECjiEIEgHwOVuTyFsUaRuOK6xRchadkoAdFiZP8AuvC9kQZug==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW6RH7QPOZFH61JUdNYsIGibhgAQU83qJHCFRgRWL9kLzQbkX2WUF8vZSqO_AgGr4ZmGYirsbhXmSjbaLXbZXw3cECjiEIEgHwOVuTyFsUaRuOK6xRchadkoAdFiZP8AuvC9kQZug==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNDA4MzU4LDgzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuLUdCIl0sImh0dHBzOi8veG4tLWtvZHctcG9jenRvd3ljaC14cmIuY3liby5jb20vdWtyYWluYS9kcnUlQzUlQkNraXdrYS8iLG51bGwsW1s4LCJtU2FtUkpWelJCNCJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a149b38e90745cc680156a21fa083d46d749db20d0258f1450e58c11fd466672
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P1DsNhYH8CfT1gvEkV_M3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:58 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4nj0-s5NNYMKubweZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ0N9AzM4wsMAJ4MQJM"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P1DsNhYH8CfT1gvEkV_M3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241107&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6fb6afe8f474049e19d969be69c2c859d9b48b411d9ae363af11e56cdbe0c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12864
date
Tue, 12 Nov 2024 10:46:00 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
rum
xn--kodw-pocztowych-xrb.cybo.com/cdn-cgi/
0
154 B
XHR
General
Full URL
https://xn--kodw-pocztowych-xrb.cybo.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.23.160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/ukraina/dru%C5%BCkiwka/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e15ef83eba4ce8d-SIN
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
date
Tue, 12 Nov 2024 10:45:59 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
cy_icon.ico
dssdm2l6bhbrm.cloudfront.net/lyra011/img/
15 KB
8 KB
Other
General
Full URL
https://dssdm2l6bhbrm.cloudfront.net/lyra011/img/cy_icon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.4.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-4-65.sin52.r.cloudfront.net
Software
cloudflare /
Resource Hash
0aae90d3e368e0f1d32e91b4c1316617ef089ecace9cee6de74f0cc8994d459b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"624bd7cb-3aee"
age
7749204
expires
Fri, 20 Dec 2024 18:12:35 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
THIGOI2aLIk573-IkvNCqhPu9ZGbwgsOuj3y6vBM1kVw8eS5wOsdmw==
date
Wed, 14 Aug 2024 18:12:35 GMT
content-type
image/x-icon
last-modified
Tue, 05 Apr 2022 05:46:51 GMT
vary
Accept-Encoding,Accept-Encoding
cache-control
public, max-age=11059200
via
1.1 db8d6eb1919ade2943f4a573a505ba66.cloudfront.net (CloudFront)
cf-ray
8b32e9f66ad0ce5f-SIN
access-control-allow-origin
*
x-amz-cf-pop
SIN52-C2
server
cloudflare
dyn_banner.
fundingchoicesmessages.google.com/f/AGSKWxWNQ70f9raWVUIxiPujjiWrSDldNb_cYy1h_9kSAXbCuqxsk_ocPHz6cB6IycI92fY_6b5R11EsNrBiO9L9BPTsI3VDm_7o9dEd7eQYcEc2rUYA2pl4h-Yk46WDMa84c6TXG8mBx33E_NfQaDXgxVuuO7Bm5...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWNQ70f9raWVUIxiPujjiWrSDldNb_cYy1h_9kSAXbCuqxsk_ocPHz6cB6IycI92fY_6b5R11EsNrBiO9L9BPTsI3VDm_7o9dEd7eQYcEc2rUYA2pl4h-Yk46WDMa84c6TXG8mBx33E_NfQaDXgxVuuO7Bm5bJnPMank88UxG7WZgDDsC5KVUsI9vy-/__468x80-/ad/adp_-160x600_/virtuagirl./dyn_banner.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw5W9I9cB61le1NNt2KiDGHche-lw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
088b555c0697feea977260070013c8136e43e409551f7bdf8558ac5862eeae35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GS8qmkqlsik8RIPzaOtdsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4nj8-s5NN4MesK6uYlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ0N9AzM4wsMAKK4QKQ"
content-security-policy
script-src 'report-sample' 'nonce-GS8qmkqlsik8RIPzaOtdsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum.js
pagead2.googlesyndication.com/pagead/js/
71 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw5W9I9cB61le1NNt2KiDGHche-lw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
fa1f18382b8bf40874edf89cf3311b80340755704bf1eef196510e244f19d915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
br
etag
12247655307629566185
age
1673
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 11:18:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 12 Nov 2024 10:18:06 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
26315
x-xss-protection
0
server
cafe
AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xsyb1I9ko4FtzUbzsMT3dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4_vjMTjaBA0cvLGFScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYGegbm8QUGAGuRKYI"
content-security-policy
script-src 'report-sample' 'nonce-xsyb1I9ko4FtzUbzsMT3dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pX2j9nuKM8cwS8TgX9_2Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4_vjMTjaBG7s69zApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MDPQPz-AIDAFysKVQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pX2j9nuKM8cwS8TgX9_2Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6XUZHJiP-06h4YnRC52rbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4_vjMTjaBjqPzDjApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQ0MDPQPz-AIDAFFHKSw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6XUZHJiP-06h4YnRC52rbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zbQLb1VAV5ttphA5HlxT1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4_vjMTjaBGZfvHmBScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYGegbm8QUGAG26KY0"
content-security-policy
script-src 'report-sample' 'nonce-zbQLb1VAV5ttphA5HlxT1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXG01VGo7lxueI10FqHkRPNdXZxufQsgDz_OYLWPQMWvTwwMzDlDRZRUoMdAesrdhmmy_yGcuBahwg0dmthuB0hKh7MVO_U1dvVaL7uTe-pEWDXQDsAn3jtY004aXLWtQJmHhvUbA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXG01VGo7lxueI10FqHkRPNdXZxufQsgDz_OYLWPQMWvTwwMzDlDRZRUoMdAesrdhmmy_yGcuBahwg0dmthuB0hKh7MVO_U1dvVaL7uTe-pEWDXQDsAn3jtY004aXLWtQJmHhvUbA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNDA4MzU5LDY1MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly94bi0ta29kdy1wb2N6dG93eWNoLXhyYi5jeWJvLmNvbS91a3JhaW5hL2RydSVDNSVCQ2tpd2thLyIsbnVsbCxbWzgsIm1TYW1SSlZ6UkI0Il0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
3d3f0c2c4836185bb57681d4347aa43e8dbcbe0ef3e3c275da4e86c318e9163c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PIRRk7hkMK2fVZG55xvoBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4nj8-s5NN4EXzwWNMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYGegbm8QUGAKDHQIw"
content-security-policy
script-src 'report-sample' 'nonce-PIRRk7hkMK2fVZG55xvoBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWEW_fEiLRwZdKkWRBHEUu1Qro8MK8xipGHL3eq5GEPRLIYQ2Ex-M_TLWMMMlbaDMpvNKhYpMP2bBC444ZhPKUyLax8Y2hYMeuojePJ_uj6oDhhkvW1B60hbH10XaW_uUjYtruVyQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWEW_fEiLRwZdKkWRBHEUu1Qro8MK8xipGHL3eq5GEPRLIYQ2Ex-M_TLWMMMlbaDMpvNKhYpMP2bBC444ZhPKUyLax8Y2hYMeuojePJ_uj6oDhhkvW1B60hbH10XaW_uUjYtruVyQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7dBCGiKlL5QADBbFOnUL4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4_vjMTjaBF1ePXWdScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYGegbm8QUGAIaHKeE"
content-security-policy
script-src 'report-sample' 'nonce-7dBCGiKlL5QADBbFOnUL4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUKu0w5sGEotIpKrGX3ekQiGxdjQdBIxqpRZH_PiKdLzv_a3KcJ7g1D_QHENr3MutmkTbdkjl77zRvbdDFVw-RbIsis8pwlvhrWWRVr1x4XNXX2Xw4-9siodEvHs0Dta1o05dOTeA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMyjT0BOjoqXqcWrSSi_uRh7wp3X-A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VUVxLehJ3DxOO-S6CQ79wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:45:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uF4_vjMTjaBBQdX3GBScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYGegbm8QUGAGIRKWU"
content-security-policy
script-src 'report-sample' 'nonce-VUVxLehJ3DxOO-S6CQ79wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://xn--kodw-pocztowych-xrb.cybo.com
content-length
0
x-xss-protection
0
server
ESF
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xn--kodw-pocztowych-xrb.cybo.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 10:46:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 10:46:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 210F
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--kodw-pocztowych-xrb.cybo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 10:08:04 GMT
expires
Tue, 12 Nov 2024 10:58:04 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1871
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f99.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8ELHu-ptbQGU94FU1aJGvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--kodw-pocztowych-xrb.cybo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8ELHu-ptbQGU94FU1aJGvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Nov 2024 10:46:00 GMT
expires
Tue, 12 Nov 2024 10:46:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241107&jk=926545150560913&bg=!5-Sl5KvNAAYQZ9WPMGc7ADQBe5WfOKZFCvJ7eht6dUFDwrO9g8z6PKmrBuwdOJxTyF9i-GfbZpAMbYgMHsuBtUXal_UUAgAAAFNSAAAAA2gBB34ANvYlBW5f1G5Egm69Zhz6a7jOof4KELRInxVsX5TE5GcJdMZpdTAZFPYZbqCF06w8j957H2J4uAoAL3p1MSotdknZ4VoI8gL6fUCBpG7NhpBJdgocp0-gELr3E0GaWj2nLR5Hpb6DC0DGmQKlM1ZqSZyoEjEXSPAdt62SkayE78CEiOZXnm7Fac9wVSbY_oA73BUZdwgoINET7hCB84GUSlUrpVAeroXrhEXrDb4-yY4CIdhQrDu-qAJej0zD0SQtENDtXb2hJjb-YZspO_Ouz2DZ7uYMUtjDk3u801iYhQ384rib5zIbfRn0JR6-0spe4KzeJtsxLUecpm7j8HXlrmOqT8txJ86nbNshpkT_WH_3b5Mqc7WIyH4oI9IeZCXE78pFv_g9zU89KdI3R_GQB_3Yea95G0yz8UPqlKUMpLZ8bArGt3UadI2Q8pgGOA5qofJ92VlELRuOa7qcCJXgPtvINuje_9TS8YAddG-LcmuU7zy_GG2SPR0DBCeoadISRUeUcKD12pA_g-lo6od2pZ_hKTyg4IP9r5SHcQDL-heEwzoHC_NAIfvCBQe4XiGSBMF9GDlri-9NxgNqxKkDukgU8G3rEW4exOEXcCkMST83olEJEr5KA1fygizPPaP0NoF-Waqgvrim9b5wDdx9A1llcWdWT4GIkAT1B_lQXFyr8SIhuuKtgwqB36d2sUjbQUbGPwpvmxhebqf4YmW2i0qO5sxeZhj4nT78yk3FrqhKNShUY3a8F3k3GIYXDARO9xJf0MX7ailG7zPboD7TVR4cefKQoiClw_q5vQ3IlvwqAbwLHbqHDJxatoeyzX49TL2UVwBOJ1Sp2sw6Sk-I3ZqwqdZHO_V2vUORM4WRzN83HhLaqcVw9BPeXG94dd8gVMsXr5zsqNOpPtUWeMkZRVT8ZSHc2aWsOMZ0Guz5cbzfiK1LnOLa8SBDq2otCclvqUq2dcQof-hLbhMusCCy5fgyH3wiNAPJC7ynAb-nxG3jQslv5W3AjA_QA480Lw22TelDjtDqnC_v2Cwb_7QcRLU

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| ge function| preventDF function| geid function| qs function| qsa function| addEvent function| removeEvent function| addEventsQsa function| addEventById function| addEventsByClassName function| addClass function| removeClass function| scrollob function| createXMLHttp object| dts_fire function| runDelays function| delayTilScroll object| $jscomp function| docReady string| spinner_url string| yp_netloc string| cur_netloc string| generic_err_msg object| adsbygoogle object| geo_options string| retrieving_geo_str string| current_loc_str string| timeout_msg string| loc_unavailable_msg string| loc_unsupported_msg string| loc_denied_msg function| autoit function| hasClass function| hideobjs function| showobjs function| toggle object| modalizer object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_llp object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __cfBeacon object| prependoptions number| minchars function| vfunc object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YjQ1NzYwMWM5NjY0NGM5ZmxvYWRlcl9qcw== string| YjQ1NzYwMWM5NjY0NGM5ZmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| _google_rum_ns_ boolean| eb0946b9-773b-4392-b806-af0cc6074876 object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cybo.com/ Name: __gads
Value: ID=349dff080aaf43ff:T=1731408357:RT=1731408357:S=ALNI_MY1EpkbnyGDR0ERi9M6MYhVjHVMsw
.cybo.com/ Name: __gpi
Value: UID=00000f666e6c2f0f:T=1731408357:RT=1731408357:S=ALNI_MZ_FMFEcEEGcGfwScDxw3iMbT6dDg
.cybo.com/ Name: __eoi
Value: ID=e02c52b9456b6d97:T=1731408357:RT=1731408357:S=AA-AfjZWJuV6XeKSQEfeILeX4ens
.cybo.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-vHK5mNgDkuWIYbyHcPTsnuHXQWBBJXIrlTZmXny5Urkb7vn6zSf4QBZPAgJ5qLX_t-ga9D2fvEzz6NLIEmqdrJajWFBU3FhJKDMsm7D_725CuzJu3JRHFkQgVNUB_ZYH2vQIP6ylhupRsBAzNcIPLgxX5_A%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dssdm2l6bhbrm.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.cloudflareinsights.com
www.google.com
xn--kodw-pocztowych-xrb.cybo.com
ep1.adtrafficquality.google
13.225.4.65
142.251.175.157
172.67.23.160
2404:6800:4003:c00::64
2404:6800:4003:c01::84
2404:6800:4003:c04::9c
2600:9000:21b4:a800:a:163a:3480:93a1
2606:4700::6810:4f49
74.125.130.155
74.125.200.100
74.125.68.99
088b555c0697feea977260070013c8136e43e409551f7bdf8558ac5862eeae35
0aae90d3e368e0f1d32e91b4c1316617ef089ecace9cee6de74f0cc8994d459b
0adab8f4efc37f22b490970bd540d78dde839f91900a6b28ba7f292d6ef0d8a9
1c94664e46d9ad836620f6f9442d1062b227bdd2bfd89763a1329633a614c9a5
34c3abddd1d081e07ca95b8231ac655760ee1822bdcefcfbc6219e48ed04e895
3d3f0c2c4836185bb57681d4347aa43e8dbcbe0ef3e3c275da4e86c318e9163c
81501838459149b9ac3a6a1c8115ad31a48d062b770c9c220532f93bc1c90201
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
90851fc083e026c892ace2d5cc1d19574b396c41e450879c01d328789d31f2ba
93cc47d3c75885ec13b152d5d84189d1fa5ecb34e47aac99d1d7d03501a61865
96232474af786c6453558dcd3c0008fb7fedb5aa9ab23cbd3a0f61a4ebc3b0fe
9b5a8157a9aa1b889c539d4d33fc7a1048af17cb3d220df484f4178541eadd66
a149b38e90745cc680156a21fa083d46d749db20d0258f1450e58c11fd466672
b4246e933615def602fcc06248ed346b14e542d6a2ee312ff3ec5c4d3edd2b3a
d298fd0d24ac5b49fa1afe5bdc6dbec86b2cd3578b248da66a7038f7250bac3c
d75f9f2cc0b6a0d3579dd1938826ab08487363ace236caf183a36009be7b6b52
e23ac8d42f2d183d9e7c00c3434b15db58c79df23d9b54c81f6b257113f4a320
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f23fa83603cf949c3bf89647d203d8a907aa094191abf96cedc7245e3f8579b7
f6fb6afe8f474049e19d969be69c2c859d9b48b411d9ae363af11e56cdbe0c90
fa1f18382b8bf40874edf89cf3311b80340755704bf1eef196510e244f19d915
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99