www.imgonline.com.ua Open in urlscan Pro
176.9.147.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://srv4.imgonline.com.ua/
Effective URL:
https://www.imgonline.com.ua/index.php
Submission: On March 03 via api (March 3rd 2024, 7:16:11 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 56 HTTP transactions. The main IP is 176.9.147.119, located in Bayreuth, Germany and belongs to HETZNER-AS, DE. The main domain is www.imgonline.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 19th 2024. Valid for: a year.

This is the only time www.imgonline.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	148.251.126.238 148.251.126.238	24940 (HETZNER-AS) (HETZNER-AS)
24	176.9.147.119 176.9.147.119	24940 (HETZNER-AS) (HETZNER-AS)
16	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
56	9

1 148.251.126.238 (Wernigerode, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.126.251.148.clients.your-server.de

srv4.imgonline.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 176.9.147.119 (Bayreuth, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.119.147.9.176.clients.your-server.de

www.imgonline.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	imgonline.com.ua 1 redirects srv4.imgonline.com.ua www.imgonline.com.ua	415 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	360 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	67 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	47 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
0	bannerka.ua Failed www.bannerka.ua Failed
56	7

	Domain	Requested by
24	www.imgonline.com.ua	www.imgonline.com.ua
16	pagead2.googlesyndication.com	www.imgonline.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	srv4.imgonline.com.ua	1 redirects
0	www.bannerka.ua Failed	www.imgonline.com.ua
56	10

This site contains links to these domains. Also see Links.

Domain
www.bannerka.ua

Subject Issuer	Validity	Valid
*.imgonline.com.ua Sectigo RSA Domain Validation Secure Server CA	`2024-01-19` - `2025-01-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.imgonline.com.ua/index.php
Frame ID: 14CB32B2FE9EF46CC3F47A0ACBFA58EB
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: E05E23F6099EF19CAA9A317D087C4CED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&adk=1812271804&adf=3025194257&lmt=1709450167&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.imgonline.com.ua%2Findex.php&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709450167296&bpp=2&bdt=129&idt=168&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7909337179707&frm=20&pv=2&ga_vid=277859999.1709450167&ga_sid=1709450167&ga_hid=1778663945&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95325753%2C95326317%2C95322329%2C95321867%2C95324161%2C95325784&oid=2&pvsid=441486328466557&tmod=2062225458&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183
Frame ID: 09EDCC5DC90C0538041DF75B99EA3A92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1709450167&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709450167298&bpp=2&bdt=130&idt=188&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7909337179707&frm=20&pv=1&ga_vid=277859999.1709450167&ga_sid=1709450167&ga_hid=1778663945&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95325753%2C95326317%2C95322329%2C95321867%2C95324161%2C95325784&oid=2&pvsid=441486328466557&tmod=2062225458&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=191
Frame ID: 59751BB703D69CE28A70DE214E657ABF
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js
Frame ID: 0BEDB6BF7925760BBEBB372FD04B2C38
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 981DA8BAD0E12653EE0120D47CA10920
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46FED1B6A4DAF05538CC054B6AEDAB24
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Обработка JPEG фотографий онлайн - IMG online

Page URL History Show full URLs

http://srv4.imgonline.com.ua/ HTTP 301
https://www.imgonline.com.ua/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

56
Requests

98 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

9
IPs

1
Countries

891 kB
Transfer

1710 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bannerka.ua/obmen/2b954a21cd81

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://srv4.imgonline.com.ua/ HTTP 301
https://www.imgonline.com.ua/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.imgonline.com.ua/
Redirect Chain

http://srv4.imgonline.com.ua/
https://www.imgonline.com.ua/index.php

11 KB
4 KB

60ms
11ms

Document
text/html

176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 8f0772f8dfca7b641383a176aa016f971b0b0f04d2b29b80cf8d8588871ea9ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Mar 2024 07:16:07 GMT
Keep-Alive: timeout=1200
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sun, 03 Mar 2024 07:16:07 GMT
Keep-Alive: timeout=1200
Location: https://www.imgonline.com.ua/index.php
Server: nginx

GET
H/1.1 200
OK design.css
www.imgonline.com.ua/ 2 KB
1 KB 11ms
10ms Stylesheet
text/css 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imgonline.com.ua/design.css
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: cf23074a5fe104d989c288d16827705c779034c1fd998729166c960639694c03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Mar 2018 10:04:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=315360000, private
Connection: keep-alive
Keep-Alive: timeout=1200
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 96ms
50ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124

Requested by

Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58cc14ce6636949d696f86ecd5fb9d30c6b4ca372bd69b76d07084d74176d2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Origin: https://www.imgonline.com.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 07:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50973
x-xss-protection: 0
server: cafe
etag: 14567745641267717074
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 03 Mar 2024 07:16:07 GMT

GET
H/1.1 200
OK random-pixels.jpg
www.imgonline.com.ua/examples/ 14 KB
14 KB 32ms
20ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/random-pixels.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: afc913183fbf9585679bf387f4f23fad5da44c54f0419995c74e4d8afe0d29fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:24:28 GMT
Server: nginx
ETag: "584853dc-3714"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 14100
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK random-pixels-wallpaper.jpg
www.imgonline.com.ua/examples/ 9 KB
9 KB 31ms
10ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/random-pixels-wallpaper.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 736e28b1d87f8b97c330ab583fecc51f853120b741f256999d790e138ec57879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:25:43 GMT
Server: nginx
ETag: "58485427-2288"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 8840
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK random-pixels-background.jpg
www.imgonline.com.ua/examples/ 14 KB
14 KB 41ms
21ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/random-pixels-background.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 599486b5bfde45d569079681ceb8e7f1ea163e86cd2d3fae3613a047db80053d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Sun, 14 May 2017 08:22:32 GMT
Server: nginx
ETag: "591813c8-366a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 13930
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK photo-mosaic-1-mini.jpg
www.imgonline.com.ua/examples/ 28 KB
28 KB 41ms
21ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/photo-mosaic-1-mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: a0acdaabe3ddf0b5e30a38685ee2121235fe4cbea4e712ef8fed030df2f6dd28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:58 GMT
Server: nginx
ETag: "584854ae-6eec"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 28396
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK photo-mosaic-2-mini.jpg
www.imgonline.com.ua/examples/ 25 KB
26 KB 42ms
21ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/photo-mosaic-2-mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: efd8909cea7b8b1cac4ffa0b66efde1bf046fe6373f429028dd26c68a7c47f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:33:07 GMT
Server: nginx
ETag: "584855e3-64eb"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 25835
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK photo-mosaic-3-mini.jpg
www.imgonline.com.ua/examples/ 30 KB
30 KB 33ms
22ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/photo-mosaic-3-mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: cced138ef2e5e182565d6903d7cf366e9d6a01c361a731b887e311d8f5f51042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:24:28 GMT
Server: nginx
ETag: "584853dc-77ce"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 30670
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK painting-with-frame.jpg
www.imgonline.com.ua/examples/ 27 KB
27 KB 32ms
12ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/painting-with-frame.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: e70c5776621837860d75f07069f337eae18736dbd236399ff51b208c8024208c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:32:21 GMT
Server: nginx
ETag: "584855b5-6b56"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 27478
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK oil-painting.jpg
www.imgonline.com.ua/examples/ 34 KB
35 KB 32ms
12ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/oil-painting.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 6676b11e2fd66a66a9ce01b97045453a4244fe45a3f18eedeec1a30549d1676c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:57 GMT
Server: nginx
ETag: "584854ad-89b8"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 35256
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK oil-strokes.jpg
www.imgonline.com.ua/examples/ 23 KB
23 KB 18ms
12ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/oil-strokes.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: a78210a027b1bd44f8f2a622810a6aa04664539683fa3c40f478551c2b1cb3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:30:39 GMT
Server: nginx
ETag: "5848554f-5bbb"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 23483
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK color_palette_1_mini.jpg
www.imgonline.com.ua/examples/ 15 KB
15 KB 31ms
11ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/color_palette_1_mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 39ce521dff8c2bb0750eee98d532b7130945fba06b024af51a1c8730a045e3c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:25:38 GMT
Server: nginx
ETag: "58485422-3a81"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 14977
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK color_palette_2_mini.jpg
www.imgonline.com.ua/examples/ 15 KB
15 KB 39ms
11ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/color_palette_2_mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: d6236fe0c60ea7f1cfb423a656f1ea91131d6cd390e39cbeb34a4a9909504897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Sun, 14 May 2017 08:22:31 GMT
Server: nginx
ETag: "591813c7-3b36"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 15158
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK color_palette_3_mini.jpg
www.imgonline.com.ua/examples/ 11 KB
11 KB 45ms
12ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/color_palette_3_mini.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 7a024fe782d24bc2602625c536d917ceae4bf8b9d797ff2a63e46c68cea2c274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Sun, 14 May 2017 08:21:54 GMT
Server: nginx
ETag: "591813a2-2b26"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 11046
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK one-tone-1.jpg
www.imgonline.com.ua/examples/ 10 KB
10 KB 32ms
12ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/one-tone-1.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 2e2d307f16629930c345f257337e2b52faa02898a1a0e03245d897133d66c3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:30 GMT
Server: nginx
ETag: "58485492-267d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 9853
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK one-tone-6.jpg
www.imgonline.com.ua/examples/ 10 KB
11 KB 44ms
11ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/one-tone-6.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: d0079e5e74c93917fab76e8f2b9b70673a5d41d5d8d8bd8715c743c1f56a7f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:29:54 GMT
Server: nginx
ETag: "58485522-28c8"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 10440
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK one-tone-5.jpg
www.imgonline.com.ua/examples/ 8 KB
8 KB 19ms
12ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/one-tone-5.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 97fc831912e1133f8fd573d4b299e3a3c5a2f8c3bc361f1876133d86f4324c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:27:13 GMT
Server: nginx
ETag: "58485481-2086"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 8326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bokeh-effect-1.jpg
www.imgonline.com.ua/examples/ 20 KB
20 KB 11ms
11ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/bokeh-effect-1.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: c1d8c86bc29336a44cc518556e18575e1e32942f741944a9384dd691e915c618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:32:22 GMT
Server: nginx
ETag: "584855b6-4fc3"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 20419
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bokeh-effect-2.jpg
www.imgonline.com.ua/examples/ 22 KB
22 KB 12ms
12ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/bokeh-effect-2.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: d019a2a165770dcd2302b6c6467734fdf8d879d5db383f382fcb849d9bafbfc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:25:54 GMT
Server: nginx
ETag: "58485432-5748"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 22344
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bokeh-effect-3.jpg
www.imgonline.com.ua/examples/ 20 KB
21 KB 11ms
10ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/bokeh-effect-3.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 6e7a7d8c4afd182d9ba11226881d927f280f7cb6156a24193360d8c4e9a5efb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Sun, 14 May 2017 08:22:16 GMT
Server: nginx
ETag: "591813b8-519d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 20893
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kaleidoscope-effect-1.jpg
www.imgonline.com.ua/examples/ 19 KB
19 KB 11ms
10ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/kaleidoscope-effect-1.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 0d5e77d5870e2b6da94c0e7933484ef33c7a15b2c50abf4100dd76e97c4772c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Mar 2018 01:00:31 GMT
Server: nginx
ETag: "5a9f39af-4a08"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 18952
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kaleidoscope-effect-2.jpg
www.imgonline.com.ua/examples/ 18 KB
19 KB 11ms
11ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/kaleidoscope-effect-2.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: aba0d8663de17f30293ba67668d4889e39862d4dec34437afc7377e7de333586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Mar 2018 01:00:31 GMT
Server: nginx
ETag: "5a9f39af-48b2"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 18610
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kaleidoscope-effect-3.jpg
www.imgonline.com.ua/examples/ 25 KB
26 KB 11ms
11ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/examples/kaleidoscope-effect-3.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 60f06cb68fe14655acbdd28c4d79c447d8d7082e84d5d3a262bf4e8f341724e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Mar 2018 01:00:29 GMT
Server: nginx
ETag: "5a9f39ad-6585"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 25989
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET button1.gif
www.bannerka.ua/img/referal/ 0
0

GET
H/1.1 200
OK logo.jpg
www.imgonline.com.ua/images/ 7 KB
7 KB 31ms
11ms Image
image/jpeg 176.9.147.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imgonline.com.ua/images/logo.jpg
Requested by: Host: www.imgonline.com.ua
URL: https://www.imgonline.com.ua/design.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.9.147.119 Bayreuth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.119.147.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 7069f7c640f5c4bf24319b64a8322dfa1caa469534144f8aebe95db237a5508c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/design.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 03 Mar 2024 07:16:07 GMT
Last-Modified: Wed, 07 Dec 2016 18:34:20 GMT
Server: nginx
ETag: "5848562c-1b35"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=1200
Content-Length: 6965
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 407 KB
138 KB 76ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7114716596087124&plah=www.imgonline.com.ua&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be344345a1135630cae8ee305b54b138c67d6a0eb956e71f337660892f6b71fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 07:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140926
x-xss-protection: 0
server: cafe
etag: 5698477613126384721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 07:16:07 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame E05E 9 KB
4 KB 27ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 18:47:58 GMT
etag: 5035419970550746386
expires: Sat, 16 Mar 2024 18:47:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09ED 76 B
265 B 206ms
205ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&adk=1812271804&adf=3025194257&lmt=1709450167&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.imgonline.com.ua%2Findex.php&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709450167296&bpp=2&bdt=129&idt=168&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7909337179707&frm=20&pv=2&ga_vid=277859999.1709450167&ga_sid=1709450167&ga_hid=1778663945&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95325753%2C95326317%2C95322329%2C95321867%2C95324161%2C95325784&oid=2&pvsid=441486328466557&tmod=2062225458&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=183

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7114716596087124&plah=www.imgonline.com.ua&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 07:16:07 GMT
expires: Sun, 03 Mar 2024 07:16:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5975 126 KB
42 KB 536ms
536ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1709450167&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709450167298&bpp=2&bdt=130&idt=188&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7909337179707&frm=20&pv=1&ga_vid=277859999.1709450167&ga_sid=1709450167&ga_hid=1778663945&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95325753%2C95326317%2C95322329%2C95321867%2C95324161%2C95325784&oid=2&pvsid=441486328466557&tmod=2062225458&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=191

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

120f1cbb12f6cc1abc95d431d316a3c2116c9fd974a3ccccf21e717a956936b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 43044
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 07:16:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 90 KB
31 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f65c6ecb138118d2162725d25e583b533da724d4d0180c73259536bf2a7e076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 07:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32090
x-xss-protection: 0
server: cafe
etag: 6741191522537399233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 07:16:07 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 39ms
38ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7114716596087124
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.imgonline.com.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 a557c05b701b7d3041e507ef957cdd82.js Show response
www.gstatic.com/mysidia/ Frame 5975 8 KB
4 KB 32ms
12ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a557c05b701b7d3041e507ef957cdd82.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1709450167&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709450167298&bpp=2&bdt=130&idt=188&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7909337179707&frm=20&pv=1&ga_vid=277859999.1709450167&ga_sid=1709450167&ga_hid=1778663945&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95325753%2C95326317%2C95322329%2C95321867%2C95324161%2C95325784&oid=2&pvsid=441486328466557&tmod=2062225458&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3757
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 May 2024 08:48:56 GMT

GET
H2 200 d58f9ae6dab7fd31fc6f5125435dd154.js Show response
www.gstatic.com/mysidia/ Frame 5975 10 KB
4 KB 31ms
11ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d58f9ae6dab7fd31fc6f5125435dd154.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4472
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 May 2024 09:07:25 GMT

GET
H2 200 3e4ba1a8aaf1eb5089ecf6e0b9cafde2.js Show response
www.gstatic.com/mysidia/ Frame 5975 19 KB
8 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3e4ba1a8aaf1eb5089ecf6e0b9cafde2.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc0f7a449151c3b32dc74fd37fbf2ddddb7cbf17c74bd5e45b70298855b4510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 424884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7964
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 18:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 May 2024 09:14:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5975 14 KB
2 KB 42ms
22ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Mar 2024 07:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Mar 2024 05:32:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Mar 2024 07:16:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 5975 2 KB
822 B 12ms
12ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 18:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 18:01:46 GMT

GET
H2 200 ee184beea2a7701d5a0ba0da2f04d34e.js Show response
www.gstatic.com/mysidia/ Frame 5975 5 KB
2 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee184beea2a7701d5a0ba0da2f04d34e.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

996f88d4ae84cfdc5dae1b82c48027687864b3e242fe5cc4ed69518e0dfc7867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1707
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 29 May 2024 03:04:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 5975 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 11:19:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 11:19:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 5975 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 11:19:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 11:19:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 5975 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 18:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 18:01:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5975 207 KB
63 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 06:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 07:27:34 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 5975 36 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 17:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 May 2024 09:01:05 GMT

GET
DATA 200
OK truncated
/ Frame 5975 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c63047eadd6e6cd4fe01fa5c4d933376f5705ab809feda8636c92ff7a380fbc8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5975 33 KB
34 KB 56ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 04:54:54 GMT
x-content-type-options: nosniff
age: 354074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 04:54:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5975 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiMiJtyPkZf7OH8jI1fAP1suFkAXTrYmHdoy199v-EdjClJhDEAEgxOmBJ2CV4pCCoAegAYmr19ADyAEBqQJH9YGbhy6yPqgDAcgDywSqBNYBT9Ct78B0BUiP-DpSD4Ej-CSmXaHz5xH2bajLpeQ7MEvBk8yhWk3LS70Db_atLpG2bahGariNsOQ5YMdjuhS_I84_uei200ECQDfCYjHYKKex9K6KW1e_GH6O3Md6Ck92O9lebrLtRpfH-n8MYaVmss7C_BBCB_Rwx5jMMN2OhC9802Ye1JYpOApTbKwp7ywyGq6cqk99MqsHrH1Rv_fxdaAmDY_AsELed4Fqocpc-uG8FUYrYJiIskgJIMN1FdQIw8H14fI29Zw1WpK1dve4wmp3W1J7R8AEprCI58oEiAXGzPGjTpIFBAgEGAGSBQQIBRgEgAeZyP8yqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQ4IEV0ggpCJHhgHAQARgfMgXri4CAIDoJgECAgICAgJQoSL39wTpY6aH7j8bXhAOaCRNodHRwczovL3NldmRlc2suZGUvgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTcxMTQ3MTY1OTYwODcxMjQYAA&sigh=q9elDmd53DE&uach_m=%5BUACH%5D&ase=2&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7114716596087124&output=html&h=280&slotname=8592316491&adk=3245178112&adf=3508954633&pi=t.ma~as.8592316491&w=740&fwrn=4&fwrnh=100&lmt=1709450167&rafmt=1&format=740x280&url=https%3A%2F%2Fwww.imgonline.com.ua%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709450167298&bpp=2&bdt=130&idt=188&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7909337179707&frm=20&pv=1&ga_vid=277859999.1709450167&ga_sid=1709450167&ga_hid=1778663945&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=430&ady=290&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795922%2C95325753%2C95326317%2C95322329%2C95321867%2C95324161%2C95325784&oid=2&pvsid=441486328466557&tmod=2062225458&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=191
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Mar 2024 07:16:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 50ms
50ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

045ea04be042c9e736841778e6de87f91f2446cd1476367ae71cdef509304be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 07:16:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12246
x-xss-protection: 0

GET
H3 200 4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BED 51 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4DPoyt1VXFu9KUV3wfZ2z3y8g_kcb_PjstTR5ZPZl3Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20103
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Mar 2025 10:06:33 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 51ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 07:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 07:16:08 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5975 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoYCAEqFGJhbm5lci1sYXJnZS12YW5pbGxhCgoIAioGc2VydmVyCg0QKyEAAAAAAAAiQDAECg0QSyEAAAAzM0uCQDAECg0QAyEAAAAAAFSCQDAECg0QCiEAAACAZmYSQDAECg0QDSEAAAAAAAAAADAECg0QHioHNzQweDI4MDAECg0QGSoHNzQweDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAAAzM3uCQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAAwQDAECg0QBSEAAADNzHyCQDAECg0QECEAAAAAACrlQDAECg0QESEAAAAAMLD0QDAECg0QEiEAAAAAAAAcQDAECg0QEyEAAAAAAAAAQDAECg0QFyEAAADNzFyDQDAECg0QFCEAAAAAgBL1QDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAADNzKyDQDAECg0QMiEAAAAAoJnJPzAECg0QMyEAAAAAoJnJPzAECg0QNCEAAAAAoJnJPzAECg0QNSEAAAAAoJnJPzAECg0QNiEAAAAAoJnJPzAECg0QNyEAAAAAoJnJPzAECg0QOCEAAAAAnJnpPzAECg0QOSEAAACamcWAQDAECg0QOiEAAABnZv6AQDAECg0QOyEAAACamVmDQDAECg0QPCEAAACamVmDQDAECg0QPSEAAADNzFyDQDAECg0QPiEAAAAAAHyDQDAECg0QPyEAAAAAAHyDQDAECg0QQCEAAAAAAMSDQDAEEhpDTDZHX0lfRzE0UURGVWhrRlFnZDFtVUJVZyIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e4ba1a8aaf1eb5089ecf6e0b9cafde2.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 07:16:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 981D 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 13:55:48 GMT
expires: Sun, 02 Mar 2025 13:55:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 46FE 829 B
1 KB 70ms
27ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9a708ecf1f0f12d3e2ebc61902ab12b53492de2592ef475d0b39302e9230ec7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MKfZadiMyuWp1_ljcku03g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imgonline.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MKfZadiMyuWp1_ljcku03g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Mar 2024 07:16:08 GMT
expires: Sun, 03 Mar 2024 07:16:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 981D 40 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Mar 2025 19:03:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 981D 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R4R8_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 07:16:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 46FE 0
0 37ms
37ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=441486328466557&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=441486328466557&bg=!KSqlKmXNAAauXHXJjlw7ADQBe5WfOAdb07aUyfq7D-MwtHZ997E6bUjg0lbJPbJlptTJnJy_DQLJwEvVZJOgprlDx1kBAgAAACtSAAAAAWgBBwoAH3ZvntD3PTMGvXZc_m0JJIncsnNvtqugOqL6-8G9kHaZAtNlyHIlFvotdxta9sSmIc94-JYxnVen3A9_3WBYpnG8iDnEaPBS9IdxCajWe1C1JXYrNwyB9_9wn_bJ-AW6G9mh-XQxFPx-wKsZRKFSqIn9MJfNBD8ZQppxcM4j3boC5-BfTl2vMlxk9YUECISdyglLUFPmQzzrVg_hbuok3cYEg2a0eVIKneKkW_M3YzFJhANQEXoAotX9P9X2NYtmz9Ap36CgSfbj4OhOGPTaCsZgQEtqFjQdnwhwnzwRS7QTY6iYcFugtF-BorH6W_YMDjUdGWkuZgpA6hrjyQId0lxsDwKZ4m8u45E7e17RshAloXAF_Vnqi4NHRKJYdmWh5VDBvgdE0cUsVecKzKzoCaMeOcqcEGcpGkxvthRHGEARl_gAFYNKMXjcQIdLjGIckwdDnqw8SaHUfVipjRYoTz2Zq0vr7pBG6Cm8FjPgUeFBAx5gTc9_Pb42nBJ9Zo4fLzdWK2sp9hcDWthI7t0ZiA4p0dWuVDj3wcBdrYgVkUsGGr8FUTIkjz5nlztoURhv2uWz1QWSNrnmY4guQgqCwcED3Y65UekQRqa0vxjOjMKxkA13wKaMMzcaE55lNwL3JB5zcPesYZt2Uck54ZlOYO-2tT7Oe7lTkbPfXSS4U5ca1mK87aaSALOdRZ2VUE_1xLBuLEQU0_YEFzZMuAboP2POSl8zdTBcMWwOrky0ALsUlsgq0rRMxfWVGD1kGHX7eeilv40pGXt0xNc9ZQ1CctuzEQMS6XHYpvDXmR0t9j8Va1YLV5QV87ggdSKi_79NHFmI3ROy1GyG_aIXEm0JMERFgD_MDQ0tU2G0B0wBFL5gf2kyZOesOT34xoArWx1Ds61CSvy_pfgEb2BQfWzXXtLkjlufH1iiiWuHqRn-VGYMP0bU6Z6F42bdWNfXTnq-cSKehpifMC2mMTHXGcRvSh--h1isUE9pLcFoz-TwkBakysQr4Cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.imgonline.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5975 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbMoRIer0piUciVCg9fYx7yFgwl9IMQq3iFduD5_tY9enVgagxMrdQkass3yo28jQGDyqMbsmbcZIO3yMxRSt4wpmQF9cOO3fVF6Sz6zm_3fD2E0p81MxwXqc5LFIKLBsdXuUXlBwZxdP1XXIrTBL3gaxTckdYJmj8c8CCkg&sig=Cg0ArKJSzHkUKIxu6yGFEAE&id=lidar2&mcvt=1000&p=0,0,280,740&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3245178112&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=538296800&rst=1709450167490&rpt=630&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Mar 2024 07:16:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bannerka.ua
URL: https://www.bannerka.ua/img/referal/button1.gif

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 18:50:51	Name: test_cookie Value: CheckForPermission
			.imgonline.com.ua/	1970-01-20 23:10:02	Name: __eoi Value: ID=b99dbab039da4daf:T=1709450167:RT=1709450167:S=AA-AfjaENdsFjRYnl3r-cJob80cF

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bannerka.ua/img/referal/button1.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.imgonline.com.ua/index.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imgonline.com.ua/index.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
srv4.imgonline.com.ua
tpc.googlesyndication.com
www.bannerka.ua
www.google.com
www.gstatic.com
www.imgonline.com.ua
www.bannerka.ua
148.251.126.238
176.9.147.119
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
045ea04be042c9e736841778e6de87f91f2446cd1476367ae71cdef509304be4
09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9
0d5e77d5870e2b6da94c0e7933484ef33c7a15b2c50abf4100dd76e97c4772c3
120f1cbb12f6cc1abc95d431d316a3c2116c9fd974a3ccccf21e717a956936b6
2e2d307f16629930c345f257337e2b52faa02898a1a0e03245d897133d66c3f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39ce521dff8c2bb0750eee98d532b7130945fba06b024af51a1c8730a045e3c3
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58cc14ce6636949d696f86ecd5fb9d30c6b4ca372bd69b76d07084d74176d2b6
599486b5bfde45d569079681ceb8e7f1ea163e86cd2d3fae3613a047db80053d
60f06cb68fe14655acbdd28c4d79c447d8d7082e84d5d3a262bf4e8f341724e3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6676b11e2fd66a66a9ce01b97045453a4244fe45a3f18eedeec1a30549d1676c
6e7a7d8c4afd182d9ba11226881d927f280f7cb6156a24193360d8c4e9a5efb4
7069f7c640f5c4bf24319b64a8322dfa1caa469534144f8aebe95db237a5508c
736e28b1d87f8b97c330ab583fecc51f853120b741f256999d790e138ec57879
7a024fe782d24bc2602625c536d917ceae4bf8b9d797ff2a63e46c68cea2c274
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8f0772f8dfca7b641383a176aa016f971b0b0f04d2b29b80cf8d8588871ea9ea
97fc831912e1133f8fd573d4b299e3a3c5a2f8c3bc361f1876133d86f4324c11
996f88d4ae84cfdc5dae1b82c48027687864b3e242fe5cc4ed69518e0dfc7867
9fc0f7a449151c3b32dc74fd37fbf2ddddb7cbf17c74bd5e45b70298855b4510
a0acdaabe3ddf0b5e30a38685ee2121235fe4cbea4e712ef8fed030df2f6dd28
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
a78210a027b1bd44f8f2a622810a6aa04664539683fa3c40f478551c2b1cb3db
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
aba0d8663de17f30293ba67668d4889e39862d4dec34437afc7377e7de333586
afc913183fbf9585679bf387f4f23fad5da44c54f0419995c74e4d8afe0d29fa
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
be344345a1135630cae8ee305b54b138c67d6a0eb956e71f337660892f6b71fe
c1d8c86bc29336a44cc518556e18575e1e32942f741944a9384dd691e915c618
c63047eadd6e6cd4fe01fa5c4d933376f5705ab809feda8636c92ff7a380fbc8
cced138ef2e5e182565d6903d7cf366e9d6a01c361a731b887e311d8f5f51042
cf23074a5fe104d989c288d16827705c779034c1fd998729166c960639694c03
d0079e5e74c93917fab76e8f2b9b70673a5d41d5d8d8bd8715c743c1f56a7f20
d019a2a165770dcd2302b6c6467734fdf8d879d5db383f382fcb849d9bafbfc3
d6236fe0c60ea7f1cfb423a656f1ea91131d6cd390e39cbeb34a4a9909504897
d9a708ecf1f0f12d3e2ebc61902ab12b53492de2592ef475d0b39302e9230ec7
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e033e8cadd555c5bbd294577c1f676cf7cbc83f91c6ff3e3b2d4d1e593d99774
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70c5776621837860d75f07069f337eae18736dbd236399ff51b208c8024208c
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd8909cea7b8b1cac4ffa0b66efde1bf046fe6373f429028dd26c68a7c47f62
f65c6ecb138118d2162725d25e583b533da724d4d0180c73259536bf2a7e076b

www.imgonline.com.ua Open in urlscan Pro 176.9.147.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

78 %IPv6

7 Domains

10 Subdomains

9 IPs

1 Countries

891 kBTransfer

1710 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.imgonline.com.ua Open in urlscan Pro
176.9.147.119 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

9
IPs

1
Countries

891 kB
Transfer

1710 kB
Size

2
Cookies

56 HTTP transactions
1 data transactions