varianty.lviv.ua Open in urlscan Pro
95.47.113.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://95.47.113.253/
Effective URL:
https://varianty.lviv.ua/
Submission: On January 05 via api (January 5th 2023, 4:47:50 am UTC) from TR — Scanned from DE

Summary HTTP 160 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 18 domains to perform 160 HTTP transactions. The main IP is 95.47.113.253, located in Czech Republic and belongs to ONEGB-AS, UA. The main domain is varianty.lviv.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 1st 2022. Valid for: a year.

This is the only time varianty.lviv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	95.47.113.253 95.47.113.253	51734 (ONEGB-AS) (ONEGB-AS)
9	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
160	30

46 95.47.113.253 (Czech Republic) 1 redirects

ASN51734 (ONEGB-AS, UA)
PTR: varianty.lviv.ua

95.47.113.253	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
varianty.lviv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	varianty.lviv.ua varianty.lviv.ua	950 KB
42	googlesyndication.com 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	355 KB
20	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395	237 KB
14	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 16 cse.google.com — Cisco Umbrella Rank: 4924 apis.google.com — Cisco Umbrella Rank: 163 clients1.google.com — Cisco Umbrella Rank: 517 adservice.google.com — Cisco Umbrella Rank: 142	192 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 362	214 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	189 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	12 KB
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3224 onesignal.com — Cisco Umbrella Rank: 951	82 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	200 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	111 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 318	3 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 548	138 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3658 adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 5748	160 KB
160	18

	Domain	Requested by
45	varianty.lviv.ua	varianty.lviv.ua
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com varianty.lviv.ua 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com s0.2mdn.net
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
10	s0.2mdn.net	varianty.lviv.ua s0.2mdn.net
9	www.google.com	3 redirects www.google.com varianty.lviv.ua tpc.googlesyndication.com
9	securepubads.g.doubleclick.net	varianty.lviv.ua securepubads.g.doubleclick.net www.googletagservices.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com varianty.lviv.ua
4	www.googletagservices.com	securepubads.g.doubleclick.net 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
4	www.facebook.com	varianty.lviv.ua connect.facebook.net
4	connect.facebook.net	varianty.lviv.ua connect.facebook.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	varianty.lviv.ua tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	varianty.lviv.ua
2	static.xx.fbcdn.net	www.facebook.com
2	onesignal.com	cdn.onesignal.com
2	cdn.onesignal.com	varianty.lviv.ua cdn.onesignal.com
2	cdnjs.cloudflare.com	varianty.lviv.ua
2	cse.google.com	varianty.lviv.ua www.google.com
2	www.google-analytics.com	varianty.lviv.ua www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	varianty.lviv.ua
1	clients1.google.com	varianty.lviv.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	platform.linkedin.com	varianty.lviv.ua
1	apis.google.com	varianty.lviv.ua
1	www.gstatic.com	varianty.lviv.ua
160	31

This site contains links to these domains. Also see Links.

Domain
xn--80aimngt.xn--j1amh
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
t.me
oxibank.ua
story.varianty.lviv.ua

Subject Issuer	Validity	Valid
varianty.lviv.ua Sectigo RSA Domain Validation Secure Server CA	`2022-08-01` - `2023-08-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2022-12-16` - `2023-06-16`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://varianty.lviv.ua/
Frame ID: 838C372E7E81C66F389162175C3222D4
Requests: 85 HTTP requests in this frame

Frame: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3040105E930E8C185F41C56BCD797BA1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=576804872497945&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2307afec657f08%26domain%3Dvarianty.lviv.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvarianty.lviv.ua%252Ff322b8044c5f3b4%26relation%3Dparent.parent&container_width=523&layout=default&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=
Frame ID: 9FB5E1CBF93B32420DAA149816EAA14B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2135DAB0102AAA67CF070E34DDB540A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7C26F9B2EA357CD1F1ABBE4A7009B32
Requests: 2 HTTP requests in this frame

Frame: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75BE003E65386117CF368EBE8942556F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPWIrlQcxJSK_x7K4Xo0a_oHlnLE6F35-s_FcJfLuTZDM9fXOcuwHZILG0fIZOGCoSP4pN4Y15-Eus12pw4dFq_2PTf_6WEGPgn_lFMCyntJaqZemdHdJdFxKSfbOF0xkGNseedEc15W_ALcpRRsqH7jKHi2Mg8ctB4mQOoFroHAp6eGuBF35L3xe7RPSpqgVWVNyujXMpPet70MkkbdrpG9Gk8OrOr2TUaYFbalPP6zxOBcz48-7iNJqfgF8ryUkLVj1BG1_rOHKPxDnJOIcsoyPFLNlHj4G5H593TgxsQXlKtxBuq4RDiTudf8yz0pSXol_71w&sai=AMfl-YTxfEF9v1tMUDtpt425xFEEjRP0QLN-GFAg86n5T2JSaEVm5ggaQItzsqj8xWyjKDau2z_89mkkf6Y9ztepNmNdPLhTeM3AU1nBLf9_LDOm24fwquKWwck3dY6xYLaS27l5pAKlhPKkehW36iZeVsw&sig=Cg0ArKJSzEwPGomkyBygEAE&uach_m=[UACH]&adurl=
Frame ID: A78C0623D467ABE67E666C3A0D5164CD
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRNo4WLC8JEm_fLECUK3E8u_Fp3zVsj_vOsGviwFBp7H_G7bh7zNsSeUwBFs9FejnHICzK66RrD7sXJwJYgTvYJAC4sjbOuJQin1nWy63rvalu_FOqdSPm9Xrolxq99m2uyFAi6CGU3Cy4XorRrJ3kQYza27kBIfyjgVQTRmRpVxE74zclV42CngienF92hcI0aJj5LoRBqJj4JHJyit8rUOCV8MrBIIDALXXwmm8uvVYkwfgfNFVHRXdpCm95kRpOJuH3OOpYMoTpIYiGq5jFEgmP1Imnmgv35gFjy8bNPQDZBJgqSReBN1oD2JimwgtOtrKKew&sai=AMfl-YRoJqeuIn8qTkMf7lStXlqtKfS99LrT2_OdN7zdr4nRHgfHsW-zf2KQO3bvsZwWTHe-mK-JNeVBDqCRFLyBojy6dZwBam9BDawWY6p3piXaKKx7mKX8tt0-6X-sFCiLfk1QTiLDAcYvI15CSYjhBy8&sig=Cg0ArKJSzMQjexUNOO-7EAE&uach_m=[UACH]&adurl=
Frame ID: D91C38004F553EE57DDA3905DD2D2651
Requests: 7 HTTP requests in this frame

Frame: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26627A90E989E2FCAC740051F9DE77E2
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html
Frame ID: 3B2460CE5B4D09F13002CCBDDF2B5ECE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3056174AFF9BCB21C09092B6EBFAA83E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjg3dDBATAB&v=APEucNUFRlPQYXqUUESgeF1B5PT7H3pccJ4sLCbN1hydEde418bwvbIzI43CDFSCf21760qnL6cp_tjyCFRZT8FOo-U02paD587-svG5TNIoArowptinNWtMPqSY6_8xfIfPbtpnQ4Dx9Y2MMbqOnWFYTMc1Z1hJxhta_o-W9wZ9SF5dzBRcug4
Frame ID: BA14492E2E5E972F276036DE9D83F637
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0CFC2C51DC21B00989D7901256B797E1
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
Frame ID: BA7E51AEFF7EDD71D1C63BB7A8B22922
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DC2E7B5966E76A717C0BDF71CD77DF9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: B41D768BEFAD3D9343F3F973C77F6D64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Львова і Львівщини - Варіантишукати

Page URL History Show full URLs

http://95.47.113.253/ HTTP 301
https://varianty.lviv.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Lightbox (JavaScript Libraries) Expand

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

160
Requests

96 %
HTTPS

83 %
IPv6

18
Domains

31
Subdomains

30
IPs

7
Countries

2869 kB
Transfer

6710 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://xn--80aimngt.xn--j1amh/
Title: Мандри

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Varianty.lviv.ua/

Search URL Search Domain Scan URL

URL: https://twitter.com/VariantyLviv

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/%D0%B2%D0%B0%D1%80%D1%96%D0%B0%D0%BD%D1%82%D0%B8-%D0%BB%D1%8C%D0%B2%D1%96%D0%B2-b31123102/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/variantylviv

Search URL Search Domain Scan URL

URL: https://t.me/lvivvarianty

Search URL Search Domain Scan URL

URL: https://oxibank.ua/

Search URL Search Domain Scan URL

URL: https://story.varianty.lviv.ua/
Title: Історії

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://95.47.113.253/ HTTP 301
https://varianty.lviv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 14

https://www.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao HTTP 301
https://cse.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1

Request Chain 123

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7ZWcRYSJJ7v2nZczWFBcgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDJREhnMCLQdDn96zqSYHNc&google_cver=1

Request Chain 125

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ4ODIyMzA4NzgwMjYxMDMw

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

160 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
varianty.lviv.ua/
Redirect Chain

http://95.47.113.253/
https://varianty.lviv.ua/

39 KB
9 KB

289ms
56ms

Document
text/html

95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://varianty.lviv.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),

Reverse DNS

varianty.lviv.ua

Software

nginx /

Resource Hash

8ccc62159ec745b287e86efc51dd985ff9c9735a31099298c36b116c4326a4b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=300, public, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 9314
Content-Type: text/html
Date: Thu, 05 Jan 2023 04:47:44 GMT
ETag: "9c3d-5f17cf6dde47d"
Expires: Thu, 05 Jan 2023 04:52:44 GMT
Last-Modified: Thu, 05 Jan 2023 04:45:03 GMT
Server: nginx
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Thu, 05 Jan 2023 04:47:44 GMT
Location: https://varianty.lviv.ua/
Server: nginx

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 84ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bec86cf07d7dea5d235e2244074f1aef2dafefdcf07d44939f61e305bb22897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
server: sffe
etag: "1442 / 46 of 1000 / last-modified: 1672873566"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Jan 2023 04:47:41 GMT

GET
H/1.1 200
OK index.css
varianty.lviv.ua/ 32 KB
32 KB 186ms
91ms Stylesheet
text/css 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/index.css?v=93
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: cde413d3763b4d6bb378b776b7fd98666b7c7ece80209dc22612ecd95e723ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:44 GMT
Last-Modified: Tue, 30 Aug 2022 18:38:56 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 32915
Content-Type: text/css

GET
H/1.1 200
OK media-queries.css
varianty.lviv.ua/ 16 KB
16 KB 189ms
94ms Stylesheet
text/css 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/media-queries.css?v=32
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 9aac546c362b507bd1e3631949ed739707744cc8ad6854f6eab8a0cec04800d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:44 GMT
Last-Modified: Mon, 28 Mar 2022 21:14:32 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 16219
Content-Type: text/css

GET
H/1.1 200
OK lightbox.css
varianty.lviv.ua/ 4 KB
4 KB 143ms
48ms Stylesheet
text/css 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/lightbox.css
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 1923c98708e69910c2f577f917b565070983d35d31cced5829e1c55de3847021

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:44 GMT
Last-Modified: Fri, 11 Mar 2016 19:02:23 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 3970
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 13 KB
900 B 80ms
33ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2648cf7416459a62882bdb959e1f81bb5af5fa82b0efcb78a2b9b3397fee3182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 04:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 04:47:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1010 B 78ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Condensed&subset=latin,cyrillic,cyrillic-ext

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e71e810c089ddf4bd2cbdf025e6f5703b06ff2547e4f3410f76a58d8beab5bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 04:47:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 04:47:41 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
20 KB

69ms
19ms

Script
text/javascript

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:48:22 GMT

Redirect headers

date: Thu, 05 Jan 2023 04:37:10 GMT
x-content-type-options: nosniff
server: sffe
age: 631
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:07:10 GMT

GET
H3 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 00:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Jan 2024 00:07:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 101 B
95 B 71ms
29ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=varianty.lviv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3247c22caf22d5a6bab3fd9496589746b083be572334ab690fae8ef67c5add53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70
x-xss-protection: 0
expires: Thu, 05 Jan 2023 04:47:42 GMT

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
varianty.lviv.ua/ 84 KB
84 KB 180ms
91ms Script
application/x-javascript 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/jquery-2.2.4.min.js
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:44 GMT
Last-Modified: Tue, 30 Jan 2018 20:42:46 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 85578
Content-Type: application/x-javascript

GET
H/1.1 200
OK jquery.cookie.js Show response
varianty.lviv.ua/ 3 KB
3 KB 138ms
46ms Script
application/x-javascript 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/jquery.cookie.js
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 30 Jan 2018 20:42:46 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 3140
Content-Type: application/x-javascript

GET
H/1.1 200
OK jquery.cycle2.min.js Show response
varianty.lviv.ua/ 22 KB
23 KB 180ms
91ms Script
application/x-javascript 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/jquery.cycle2.min.js
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 70669cea5c48278adabb4c590e9ccfd939050709fd5cd67889703c8bb332079f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Wed, 06 May 2015 12:32:00 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 22905
Content-Type: application/x-javascript

GET
H/1.1 200
OK index.js Show response
varianty.lviv.ua/ 10 KB
10 KB 150ms
58ms Script
application/x-javascript 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/index.js?v=69
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 901947b8ad059e88176c1973108c4ac1deb691b5e5702594a88d0504e5b92954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 12 Apr 2022 09:15:04 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 10171
Content-Type: application/x-javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 384ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 03:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3419
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 05:50:44 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao
https://cse.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao

10 KB
4 KB

110ms
49ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0d377643b17beb81dab34d7e3169eae303d7541e61fab490e28be02528441963

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3533
x-xss-protection: 0
bfcache-opt-in: unload
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
expires: Thu, 05 Jan 2023 04:47:43 GMT

Redirect headers

date: Thu, 05 Jan 2023 04:33:48 GMT
x-content-type-options: nosniff
server: sffe
age: 835
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:03:48 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 444ms
81ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 04:47:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ec76424fc4148a81"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 04:47:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 382ms
19ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 04:47:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: IakgtYMiaSkSSpb1BCvX53LRX7NVUKb8YaJvTKo6u52yvZWzHUscHx/W2kzdlnkffooGoQMjvnA8EXUEol7V1A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 389ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://varianty.lviv.ua/
Origin: https://varianty.lviv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2016112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1309
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhhyTTlWQqPsS7CQSJa8x4G7es9hOuUXstdX43FZR3%2BnVNQ5PlVAYz68u6r6W%2FCjaM02ooCcVA%2BtJQuwgucEpi92lBXnWv5KkH%2BDHxsEu8FyKJbzk3euJr4kA0l8QJNDlBKmyv3jsYsGhAGvsd15xaDK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 784993d7f9b39128-FRA
expires: Tue, 26 Dec 2023 04:47:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 383ms
20ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

949d48e6671523d78d2df807fb1b42551699eab5a179abb6fed70ffef81cac31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://varianty.lviv.ua/
Origin: https://varianty.lviv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 04:47:43 GMT
content-md5: bF8J/y9I35auDZn5ssFqug==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: h/cmwLqpaqzmfFqeGfDbyFQFgpHDsxZkjTBDWYfm6+XZbSAmS651OlPhu0owQeHUK1CXYzPSZaJSnfjpNlmGLw==
x-fb-trip-id: 917726464
x-fb-content-md5: 4529b45db8a4755c1a58518258ddb737
cross-origin-opener-policy: same-origin-allow-popups
etag: "e7e948e563786d5242f8c7611ef35505"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 05:02:20 GMT

GET
H/1.1 200
OK logo.png
varianty.lviv.ua/ 13 KB
13 KB 668ms
49ms Image
image/png 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/logo.png?design=new
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: ddfe8eada9508ff2cce09d80add4f06738b04608d7fd9c38ee512a624a1a9a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Sun, 06 Oct 2013 23:20:23 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 13176
Content-Type: image/png

GET
H/1.1 200
OK 06fb3b100e07d696643234e5fd992801.jpg
varianty.lviv.ua/thumbnails/640x360/ 22 KB
22 KB 745ms
94ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/640x360/06fb3b100e07d696643234e5fd992801.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: a530e80160e27e340466de9e921fbd4d46215dc45ff0ac3cb7a9d0fe744bfd74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Wed, 04 Jan 2023 18:30:54 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 22151
Content-Type: image/jpeg

GET
H/1.1 200
OK d9793624fbccc85ae9dec84212a8a297.jpg
varianty.lviv.ua/thumbnails/640x360/ 46 KB
46 KB 746ms
94ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/640x360/d9793624fbccc85ae9dec84212a8a297.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 21a81f03d94744e416c5a764eee725f34dcf3cca0c8679c43f34e6b2ac3868b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Tue, 03 Jan 2023 15:38:55 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 46726
Content-Type: image/jpeg

GET
H/1.1 200
OK 57e42bb12d72d412ed40af6b17c1539f.jpg
varianty.lviv.ua/thumbnails/640x360/ 72 KB
72 KB 762ms
94ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/640x360/57e42bb12d72d412ed40af6b17c1539f.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 98c588bb5aba3cdd2332288724e3fe0418bfaf3cd938e9a66382401ada234be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Tue, 03 Jan 2023 14:01:56 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 73657
Content-Type: image/jpeg

GET
H/1.1 200
OK ccbee71407f0c918908208c7f30a6eeb.jpg
varianty.lviv.ua/thumbnails/640x360/ 47 KB
47 KB 777ms
98ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/640x360/ccbee71407f0c918908208c7f30a6eeb.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 277a6e1b0e9104093900e78cf7715c03f1010c6c911dc3bad56300efd173494b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Tue, 03 Jan 2023 11:46:30 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 48085
Content-Type: image/jpeg

GET
H/1.1 200
OK a718946f76265d22961fb6539564338f.jpg
varianty.lviv.ua/thumbnails/640x360/ 35 KB
35 KB 322ms
108ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/640x360/a718946f76265d22961fb6539564338f.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 28000af99f89ac4e7b138ffe06442c7bee830e6e973590fe0aa32806f53446ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 11:44:07 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 36039
Content-Type: image/jpeg

GET
H/1.1 200
OK common3.png
varianty.lviv.ua/design/icons/ 12 KB
13 KB 123ms
46ms Image
image/png 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/design/icons/common3.png
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.css?v=93
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 96f804ab9c3253be5ad55c92037a7f4033c26e7d5391d1fc6f8ebf2f2f460767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/index.css?v=93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Sat, 30 Mar 2019 11:39:45 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 12758
Content-Type: image/png

GET
H/1.1 200
OK small.gif
varianty.lviv.ua/design/icons/weather/ 2 KB
2 KB 138ms
62ms Image
image/gif 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/design/icons/weather/small.gif
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.css?v=93
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 7800ca478475a443e99a5de41608dc3bd56ffc7e01c4a39f30ecd3c87bcb8d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/index.css?v=93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Fri, 11 Mar 2016 19:01:13 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 1588
Content-Type: image/gif

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Tfq8Ho.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 16 KB
17 KB 396ms
37ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Tfq8Ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed&subset=latin,cyrillic,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4627acba7d2699a6e0ed65aa44db5581ae3f0df45d5fd38d5f7bfc2e385cdf8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://varianty.lviv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:37:05 GMT
x-content-type-options: nosniff
age: 414638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 09:37:05 GMT

GET
H2 200 u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 29 KB
29 KB 377ms
19ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed&subset=latin,cyrillic,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://varianty.lviv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:42:35 GMT
x-content-type-options: nosniff
age: 32708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29252
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 19:42:35 GMT

GET
H/1.1 200
OK bd91f5ec32ea3daaf58c6ea22891f443.jpg
varianty.lviv.ua/thumbnails/320x180/ 15 KB
15 KB 357ms
124ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/bd91f5ec32ea3daaf58c6ea22891f443.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 25bb18c681b6d81ee8d6d1b9eeefcd96b5b1f99e24275d4fe5b250032af3c924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 13:50:09 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 15550
Content-Type: image/jpeg

GET
H/1.1 200
OK 90cd6dc0c5d610f7d505b3be468346ce.jpg
varianty.lviv.ua/thumbnails/320x180/ 31 KB
31 KB 199ms
127ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/90cd6dc0c5d610f7d505b3be468346ce.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 8a322f5ede3b370a7fa340cbbd33d49fb04f8014137c9b5dc448de522fd0be8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 11:12:14 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 31897
Content-Type: image/jpeg

GET
H/1.1 200
OK 7161fc4d9d081deaf3eed1f2936d4c37.jpg
varianty.lviv.ua/thumbnails/320x180/ 20 KB
20 KB 185ms
123ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/7161fc4d9d081deaf3eed1f2936d4c37.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 1c97e4e349863042a40e18a45b2909ab2dcf374eb11aa97471666fbd50058197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 09:54:21 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 20681
Content-Type: image/jpeg

GET
H/1.1 200
OK 1998ab8c01014b03f849c8e00925c89a.jpg
varianty.lviv.ua/thumbnails/320x180/ 19 KB
20 KB 184ms
124ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/1998ab8c01014b03f849c8e00925c89a.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 7382f100339de55da540be8d476c1cc80d31b4840e1d74618367338591253c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 09:11:16 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 19962
Content-Type: image/jpeg

GET
H/1.1 200
OK 4d265914db701d7b7e1ef2fee94680d1.jpg
varianty.lviv.ua/thumbnails/320x180/ 14 KB
14 KB 185ms
123ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/4d265914db701d7b7e1ef2fee94680d1.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: b9a13ee363d0f768afe63a7cc428eee1b4d1f43ab75ea4780fd89d97b26a74e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 08:42:34 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 14560
Content-Type: image/jpeg

GET
H/1.1 200
OK cf0619a4488a43039f5e89ddf958da3e.jpg
varianty.lviv.ua/thumbnails/320x180/ 6 KB
7 KB 329ms
48ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/cf0619a4488a43039f5e89ddf958da3e.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 3270b477b815b2de6759e3e13ac2b4ea93049015b03591901628cfc12312a678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 20 Dec 2022 14:24:17 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 6641
Content-Type: image/jpeg

GET
H/1.1 200
OK c8c5a101ddbbbad89d0915f37c2985db.jpg
varianty.lviv.ua/thumbnails/320x180/ 6 KB
7 KB 297ms
48ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/c8c5a101ddbbbad89d0915f37c2985db.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 3270b477b815b2de6759e3e13ac2b4ea93049015b03591901628cfc12312a678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Mon, 14 Nov 2022 10:08:43 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 6641
Content-Type: image/jpeg

GET
H/1.1 200
OK 2be2c5e3618d7a91451e5de5bd2ded97.jpg
varianty.lviv.ua/thumbnails/320x180/ 12 KB
12 KB 437ms
49ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/2be2c5e3618d7a91451e5de5bd2ded97.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 97311371abb7d5478c312ab2dadd6265710eb81cbaffb76d47c5b7459ca3130c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Fri, 28 Oct 2022 13:45:01 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 12089
Content-Type: image/jpeg

GET
H/1.1 200
OK 39ad586313e7965649a1b382b93c0cce.jpg
varianty.lviv.ua/thumbnails/320x180/ 21 KB
21 KB 483ms
95ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/39ad586313e7965649a1b382b93c0cce.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 1ac41f6b077f825cf092def7268eda572417edc5199b81093e675223e7dc86d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Wed, 30 Mar 2022 15:59:38 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 21386
Content-Type: image/jpeg

GET
H/1.1 200
OK 41d4c7b83cdd9b8f8bff90ad8ae48808.jpg
varianty.lviv.ua/thumbnails/320x180/ 6 KB
7 KB 312ms
62ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/41d4c7b83cdd9b8f8bff90ad8ae48808.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 3270b477b815b2de6759e3e13ac2b4ea93049015b03591901628cfc12312a678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Wed, 23 Mar 2022 10:35:40 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 6641
Content-Type: image/jpeg

GET
H/1.1 200
OK 5bd2aac6f2c62789e82def4beb7ac3a6.jpg
varianty.lviv.ua/thumbnails/320x180/ 19 KB
19 KB 505ms
88ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/5bd2aac6f2c62789e82def4beb7ac3a6.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 6db8cc5e8ed9840cc8e5289f791042b350afc16e1f7c47e09f11fb5f46965024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Thu, 05 Jan 2023 00:50:39 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 19546
Content-Type: image/jpeg

GET
H/1.1 200
OK 06fb3b100e07d696643234e5fd992801.jpg
varianty.lviv.ua/thumbnails/320x180/ 8 KB
8 KB 468ms
47ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/06fb3b100e07d696643234e5fd992801.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 5ea63e27ff70776124c12a21d588fd47287fbdf8b97d6bd16411ccec15fbef0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Wed, 04 Jan 2023 18:30:54 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 7716
Content-Type: image/jpeg

GET
H/1.1 200
OK b3fcf7a84ebba04df040a28873fbd2ba.jpg
varianty.lviv.ua/thumbnails/320x180/ 17 KB
17 KB 528ms
107ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/b3fcf7a84ebba04df040a28873fbd2ba.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 2db99e9f60bd9a047e8408a7f909fb75d82a35e71c39e6870757aa4069da4257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Wed, 04 Jan 2023 18:23:22 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 17438
Content-Type: image/jpeg

GET
H/1.1 200
OK b6e4f24b2ce4980c07344e0af29aeb69.jpg
varianty.lviv.ua/thumbnails/320x180/ 16 KB
17 KB 212ms
119ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/b6e4f24b2ce4980c07344e0af29aeb69.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 19d27e7fbb34cc52f90da388934b0f9435b56a6bc085dd4b24f93309f9726640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Wed, 04 Jan 2023 12:46:39 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 16837
Content-Type: image/jpeg

GET
H/1.1 200
OK 258575172883f739ae14c852f98813e6.jpg
varianty.lviv.ua/thumbnails/320x180/ 13 KB
14 KB 233ms
118ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/258575172883f739ae14c852f98813e6.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: d17394823e997232e1b717a9f627ea5d285de8501c2a3618f6948709307929c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Wed, 04 Jan 2023 11:16:52 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 13698
Content-Type: image/jpeg

GET
H/1.1 200
OK posibnyk-jurnalista-210.png
varianty.lviv.ua/files/banners/ 87 KB
87 KB 228ms
93ms Image
image/png 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/files/banners/posibnyk-jurnalista-210.png
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 7e158121448cea5610659da46385afc0d6d720e6fad1d0d7d32665f1568d0bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Tue, 09 Nov 2021 11:27:06 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 89154
Content-Type: image/png

GET
H/1.1 200
OK oksi-bank-240x45.gif
varianty.lviv.ua/files/banners/oksi/images/logo/ 5 KB
5 KB 163ms
47ms Image
image/gif 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/files/banners/oksi/images/logo/oksi-bank-240x45.gif
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 836fa59d2258379984ee3755b7a05840aa735b1093aa7531748b59ceff417c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Thu, 31 Jul 2014 22:56:58 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 4751
Content-Type: image/gif

GET
H/1.1 200
OK 4c3dd89c051934dfb8ebc642c5cd1176.jpg
varianty.lviv.ua/thumbnails/320x180/ 17 KB
18 KB 636ms
90ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/4c3dd89c051934dfb8ebc642c5cd1176.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: a4cd0dc8bc04600986ec4037b062de71fcbefd6dd55757fdf524fb8f835ac056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Wed, 04 Jan 2023 19:09:41 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 17779
Content-Type: image/jpeg

GET
H/1.1 200
OK 44a0d6123669f0e42f3b0bdd6d171b15.jpg
varianty.lviv.ua/thumbnails/320x180/ 18 KB
18 KB 499ms
97ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/44a0d6123669f0e42f3b0bdd6d171b15.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 1fb5337ffb7f54dc3cef59c766b47a3f189478b0b21e11687a38264b460b2f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 19:23:37 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 18135
Content-Type: image/jpeg

GET
H/1.1 200
OK bf38d2f46813240503ba8d86f723ff78.jpg
varianty.lviv.ua/thumbnails/320x180/ 13 KB
13 KB 296ms
49ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/bf38d2f46813240503ba8d86f723ff78.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: c1fdd8650aaebe587936f9fe4d43c7b6e2244002a5b40468cbf7e5d3f92f9cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
Last-Modified: Tue, 03 Jan 2023 12:00:00 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 12877
Content-Type: image/jpeg

GET
H/1.1 200
OK a936440d9ae38f4cc379a42d3a3d386a.jpg
varianty.lviv.ua/thumbnails/320x180/ 20 KB
20 KB 224ms
116ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/a936440d9ae38f4cc379a42d3a3d386a.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 8d803f4e434986ae9aa09045c788dfc15e82e8ef64cc94d214c7df2c281875ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Mon, 02 Jan 2023 19:54:55 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 20326
Content-Type: image/jpeg

GET
H/1.1 200
OK 65e153c2c26d6aeea419f8f966e1c923.jpg
varianty.lviv.ua/thumbnails/320x180/ 16 KB
16 KB 199ms
106ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/65e153c2c26d6aeea419f8f966e1c923.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: b612512e1776b77b0671f4927f900ce1b9301884547bef169e83fc2dd7aef870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Fri, 30 Dec 2022 18:39:12 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 15886
Content-Type: image/jpeg

GET
H/1.1 200
OK cc1b941585df64688331487d2eec8e59.jpg
varianty.lviv.ua/thumbnails/320x180/ 10 KB
10 KB 172ms
78ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/cc1b941585df64688331487d2eec8e59.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: b9cb1a14b2248f3a03d1a9655bbfcf919c35b422d68b13cdd2fec58bbd893f1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Fri, 30 Dec 2022 23:34:15 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 9966
Content-Type: image/jpeg

GET
H/1.1 200
OK 23d3d1de2694c7981b3862e610b40eff.jpg
varianty.lviv.ua/thumbnails/320x180/ 15 KB
16 KB 224ms
125ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/23d3d1de2694c7981b3862e610b40eff.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: cf09a7bc22dedf0759ab7edced24e122714eab0f62c743c8aac52c1ecb7e4f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Fri, 30 Dec 2022 19:03:53 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 15742
Content-Type: image/jpeg

GET
H/1.1 200
OK aae4145597dbe5edd0d6759fbf164b74.jpg
varianty.lviv.ua/thumbnails/320x180/ 25 KB
25 KB 215ms
110ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/aae4145597dbe5edd0d6759fbf164b74.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 396c1808e979a438d6fa41b49bd6c8958116965ae8f8d25234d10098d9da0f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Mon, 26 Dec 2022 15:19:20 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 25333
Content-Type: image/jpeg

GET
H/1.1 200
OK e0c7a28f984706db95c9b6a1911a3e70.jpg
varianty.lviv.ua/thumbnails/320x180/ 21 KB
21 KB 191ms
92ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/e0c7a28f984706db95c9b6a1911a3e70.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 05fad6163742ef2ad29f88070ad2d7d332b09efd77713ae63183d7b8360e6094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Fri, 23 Dec 2022 21:19:27 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 20994
Content-Type: image/jpeg

GET
H/1.1 200
OK 423b348df22d57b584c596ddd45197bd.jpg
varianty.lviv.ua/thumbnails/320x180/ 19 KB
19 KB 506ms
415ms Image
image/jpeg 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/thumbnails/320x180/423b348df22d57b584c596ddd45197bd.jpg
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 1036240c16acf82a5e8793b423a865bf338cc9ae6853e50d2d096215855bdb6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Fri, 23 Dec 2022 16:16:44 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 19181
Content-Type: image/jpeg

GET
H/1.1 200
OK map.png
varianty.lviv.ua/design/icons/ 8 KB
8 KB 150ms
58ms Image
image/png 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://varianty.lviv.ua/design/icons/map.png
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: 577bb96f940c68ae514e78c2d4dfcf3d6056a32180e4191f8f7c8bf69cbccfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Fri, 11 Mar 2016 19:01:11 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 8329
Content-Type: image/png

GET
H/1.1 200
OK system.js Show response
varianty.lviv.ua/ 14 KB
15 KB 187ms
89ms Script
application/x-javascript 95.47.113.253
ONEGB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://varianty.lviv.ua/system.js?v=36
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.47.113.253 , Czech Republic, ASN51734 (ONEGB-AS, UA),
Reverse DNS: varianty.lviv.ua
Software: nginx /
Resource Hash: c6af16e154e39cc6ba810c038a8ee0554b19ee32f1460fee9cd71851c4af3938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 04:47:46 GMT
Last-Modified: Thu, 24 Nov 2022 16:58:45 GMT
Server: nginx
Connection: close
Accept-Ranges: bytes
Content-Length: 14666
Content-Type: application/x-javascript

GET
H2 200 in.js Show response
platform.linkedin.com/ 509 KB
160 KB 329ms
24ms Script
text/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Play /
Resource Hash: 4102b22f7cc8c64275af7041dc049371bc69deaed78eb2e8e314e2e91e319ef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-azure-ref-originshield: 0FE62YwAAAAAJmdg3QrdsRLYrCMdlnt4GRlJBMjMxMDUwNDE3MDM3ADIyMjZhM2ViLTAxZTAtNDdiZi1hY2EyLTJiMDU4ZGZlYWQ3NQ==
x-cdn: AZUR
x-cdn-client-ip-version: IPV6
x-cache: TCP_HIT
x-cdn-proto: HTTP2
content-length: 163383
x-li-uuid: AAXxfAgJOBSJs5WqswYt7Q==
server: Play
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
x-azure-ref: 0b1a2YwAAAACZaT4eS/DdTrlBIx22Mwm0RlJBMzFFREdFMDMxNgAyMjI2YTNlYi0wMWUwLTQ3YmYtYWNhMi0yYjA1OGRmZWFkNzU=
expires: Thu, 5 Jan 2023 04:38:16 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 334ms
29ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1255
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 784993d7fbc09028-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 08 Jan 2023 04:47:43 GMT

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 329ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/index.js?v=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2016112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1309
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elhfJETmwCnWRgjc1QePoMkz99bDHpqAjwv9F9xleNmfeOKfvf9%2BXXAkOUi4GWIC6nBcPV%2FDlzfby2bTR79jyAIZLfpJHq%2BgmhY45RZKwR6OeCVaFdvGysuJAmjyIfpYqEqXMtRlnl5whfLmUqMnq44r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 784993d7fe719130-FRA
expires: Tue, 26 Dec 2023 04:47:43 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 306 KB
87 KB 42ms
20ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=5c0d29add1d9953f09a8ab73de70900a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d28b763bffa1461d5352f0bcd452da4e807be75556ae77349b5ecdb6af3a00e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://varianty.lviv.ua/
Origin: https://varianty.lviv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 04:47:43 GMT
content-md5: ZnNmTbUNOx8/h7gJd2DqEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88578
x-fb-rlafr: 0
x-fb-debug: x8GHRfsjKg/6WEbGz/J/tSyzbjZ5aph42OJhUOL6tzi+/7lvoSwaYVtNDlzoyUVXID6ZGsnigNZS7w4htC0FsA==
x-fb-content-md5: f014fbc65060444963a316b96946a88b
cross-origin-opener-policy: same-origin-allow-popups
etag: "8dac6d83179af5a64b8dd43bed047b65"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 03:22:18 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 70ms
27ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1443703079&t=pageview&_s=1&dl=https%3A%2F%2Fvarianty.lviv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9B%D1%8C%D0%B2%D0%BE%D0%B2%D0%B0%20%D1%96%20%D0%9B%D1%8C%D0%B2%D1%96%D0%B2%D1%89%D0%B8%D0%BD%D0%B8%20-%20%D0%92%D0%B0%D1%80%D1%96%D0%B0%D0%BD%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=773838669&gjid=1150805325&cid=751904463.1672894063&tid=UA-56535838-1&_gid=1764941751.1672894063&_r=1&_slc=1&z=2039078744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://varianty.lviv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://varianty.lviv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1231407750366696 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 97ms
74ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1231407750366696?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f16c74d5e5f8924f68b41831d4986da8dce98495fbf1b0fcdceded1cf4cf9b38

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 04:47:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MGay/CJcLeY3OVAAr/6EH0XxcXBsoiml5OzN7SLEe494yM6e8GKsFDcLd2A4FicXSZyG+cj7RteAfh2xdNqD0Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 51ms
31ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1249
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 784993d87a8a2bcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 08 Jan 2023 04:47:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 502ms
27ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-56535838-1&cid=751904463.1672894063&jid=773838669&gjid=1150805325&_gid=1764941751.1672894063&_u=IEBAAEAAAAAAACAAI~&z=1381141873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://varianty.lviv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 04:47:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://varianty.lviv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cse_element__uk.js Show response
www.google.com/cse/static/element/f275a300093f201a/ 305 KB
101 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 10:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103675
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 01 Jan 2024 10:53:17 GMT

GET
H3 200 default+uk.css
www.google.com/cse/static/element/f275a300093f201a/ 41 KB
9 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f275a300093f201a/default+uk.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 00:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 03 Jan 2024 00:38:53 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=018400573134887349570:likcocfvgao

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 05 Jan 2023 05:20:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 501ms
30ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=576804872497945&ev=fb_page_view&dl=https%3A%2F%2Fvarianty.lviv.ua%2F&rl=&if=false&ts=1672894063483&sw=1600&sh=1200&at=

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 04:47:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
51 KB 68ms
29ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f275a300093f201a/cse_element__uk.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7903281105347033007"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:47:43 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/uk/ 1 KB
1 KB 20ms
20ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/uk/branding.png

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:45:26 GMT
x-content-type-options: nosniff
age: 414137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1500
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 31 Dec 2023 09:45:26 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
211 B 426ms
31ms Image
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 413ms
31ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1231407750366696&ev=PageView&dl=https%3A%2F%2Fvarianty.lviv.ua%2F&rl=&if=false&ts=1672894063572&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1672894063571.725499785&it=1672894063408&coo=false&rqm=GET

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 04:47:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-56535838-1&cid=751904463.1672894063&jid=773838669&_u=IEBAAEAAAAAAACAAI~&z=1911141069

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
502 B 76ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-56535838-1&cid=751904463.1672894063&jid=773838669&_u=IEBAAEAAAAAAACAAI~&z=1911141069

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/2b08c2de-c3b7-4dab-9db7-4eeec162e80a/ 3 KB
2 KB 31ms
30ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/2b08c2de-c3b7-4dab-9db7-4eeec162e80a/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56ccb7522bf0ff375f1afff263292ef6667f633b348c7751d4104e29398ba51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 17
cf-polished: origSize=3103
status: 200 OK
x-envoy-upstream-service-time: 26
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c6d10042-d445-469e-82c3-9e9963d536a7
x-runtime: 0.024504
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"1061052f89c1058da859c89abb484078"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 784993dde8509028-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 05 Jan 2023 05:47:44 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
793 B 153ms
57ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=varianty.lviv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 76ms
27ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=varianty.lviv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 188 KB
43 KB 583ms
582ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4367075101463119&correlator=27020318398769&eid=31071186%2C31071299%2C31069126%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=21620828259%2Cvarianty.top%2Cvarianty.left.2%2Cvarianty.left.4%2Cvarianty.list.1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x250%2C210x400%2C210x400%2C728x90&ifi=1&adks=1482970948%2C503572068%2C3982027521%2C2095960357&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1672894064318&lmt=1672893903&dlt=1672894061882&idt=329&adxs=315%2C315%2C315%2C557&adys=146%2C2670%2C2670%2C2921&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvarianty.lviv.ua%2F&frm=20&vis=1&psz=1600x3238%7C210x356%7C210x356%7C728x2213&msz=970x90%7C210x0%7C210x0%7C728x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=751904463.1672894063&ga_sid=1672894064&ga_hid=1443703079&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f4812ed9c66876dd2cf3d4527c24ea313ba92943151e40dcac90792bb87ff42

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPGk0YPQr_wCFX-G_Qcd75YBqw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12231767363623583744/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPGk0YPQr_wCFX-G_Qcd75YBqw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12231767363623583744/index.html
date: Thu, 05 Jan 2023 04:47:44 GMT
x-content-type-options: nosniff
content-encoding: br
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44018
x-xss-protection: 0
google-lineitem-id: -1,4372050697,4372475903,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138207187948,138207204354,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://varianty.lviv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3040 6 KB
3 KB 132ms
28ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://varianty.lviv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:44 GMT
expires: Fri, 05 Jan 2024 04:47:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 33ms
33ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1250
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 784993de58e72bcf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 04:47:44 GMT

GET
H3 200 login_button.php Show response
www.facebook.com/v9.0/plugins/ Frame 9FB5 31 KB
12 KB 136ms
102ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v9.0/plugins/login_button.php?app_id=576804872497945&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2307afec657f08%26domain%3Dvarianty.lviv.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvarianty.lviv.ua%252Ff322b8044c5f3b4%26relation%3Dparent.parent&container_width=523&layout=default&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=5c0d29add1d9953f09a8ab73de70900a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e548a1d83c4e2712989a4d7df8817ecdd3b0927e3529bedbef44a8c21d07c5c4

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://varianty.lviv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Thu, 05 Jan 2023 04:47:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: jIikFCbo6rKI925g99aDq3sBaMwacn42ryUIE+6tref6m7FfJ4Xk/H+cPMrWamWXfPvRPwC35kbtHoE1mPAerQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 155ms
66ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df4e0fd5d39dcaabca2a515336018e26e46da13cd91a7173dbf5d15670424262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11093
x-xss-protection: 0

GET
H2 200 ruxaZoupmFj.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 9FB5 323 B
612 B 19ms
19ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/ruxaZoupmFj.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/login_button.php?app_id=576804872497945&auto_logout_link=false&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2307afec657f08%26domain%3Dvarianty.lviv.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvarianty.lviv.ua%252Ff322b8044c5f3b4%26relation%3Dparent.parent&container_width=523&layout=default&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
x-content-type-options: nosniff
content-md5: mEtfkiuN8zERyZQcBN9jeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 323
x-fb-rlafr: 0
x-fb-debug: wDgIrw2XP4ClFBXYJLz0SXP5vMGustQVLle35CuFC7U23YMVUeLxwiM/F9BqH487ZW0iLZuFR+B28IZUorLoZg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Dec 2023 04:20:53 GMT

GET
H2 200 L9JfHuG1dLo.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yN/l/uk_UA/ Frame 9FB5 528 KB
137 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yN/l/uk_UA/L9JfHuG1dLo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17dff8f243340d8e192662e3d681e2eae6482950a3fb08f63f48ad8a6119edff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wLLzybEKyOA5epqaFS3jSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 140406
x-fb-rlafr: 0
x-fb-debug: AquHjupLBMaA+JxyiGcDH8pg8VaMSUbwaSbt6rIn0Pp3An+xpjLNVTuL6sUrERWkg44Le47PnIXl//UPfUxpLg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Dec 2023 21:51:49 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 90ms
43ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:47:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E213 13 KB
5 KB 64ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://varianty.lviv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 22:32:20 GMT
expires: Thu, 04 Jan 2024 22:32:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D7C2 783 B
536 B 28ms
28ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4f6c4f2b21ca3b30222bb90696a914991e718cbbc018c89a3d57b11c9267544

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T_8F4NmNUV1HUKUTpGHfzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://varianty.lviv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-T_8F4NmNUV1HUKUTpGHfzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:44 GMT
expires: Thu, 05 Jan 2023 04:47:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75BE 6 KB
3 KB 67ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://varianty.lviv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:44 GMT
expires: Fri, 05 Jan 2024 04:47:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A78C 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPWIrlQcxJSK_x7K4Xo0a_oHlnLE6F35-s_FcJfLuTZDM9fXOcuwHZILG0fIZOGCoSP4pN4Y15-Eus12pw4dFq_2PTf_6WEGPgn_lFMCyntJaqZemdHdJdFxKSfbOF0xkGNseedEc15W_ALcpRRsqH7jKHi2Mg8ctB4mQOoFroHAp6eGuBF35L3xe7RPSpqgVWVNyujXMpPet70MkkbdrpG9Gk8OrOr2TUaYFbalPP6zxOBcz48-7iNJqfgF8ryUkLVj1BG1_rOHKPxDnJOIcsoyPFLNlHj4G5H593TgxsQXlKtxBuq4RDiTudf8yz0pSXol_71w&sai=AMfl-YTxfEF9v1tMUDtpt425xFEEjRP0QLN-GFAg86n5T2JSaEVm5ggaQItzsqj8xWyjKDau2z_89mkkf6Y9ztepNmNdPLhTeM3AU1nBLf9_LDOm24fwquKWwck3dY6xYLaS27l5pAKlhPKkehW36iZeVsw&sig=Cg0ArKJSzEwPGomkyBygEAE&uach_m=[UACH]&adurl=

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 04:47:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame A78C 24 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:54:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:54:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame A78C 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A78C 154 KB
48 KB 79ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 6344637165606349886
tpc.googlesyndication.com/simgad/ Frame A78C 24 KB
24 KB 24ms
24ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6344637165606349886

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48e04c82a2bc7d505e6d3e93a2d33f26fbcb90bd37ecf454519583e7a3965cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:27:35 GMT
x-content-type-options: nosniff
age: 458409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24478
x-xss-protection: 0
last-modified: Thu, 27 Jul 2017 09:27:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Dec 2023 21:27:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D91C 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRNo4WLC8JEm_fLECUK3E8u_Fp3zVsj_vOsGviwFBp7H_G7bh7zNsSeUwBFs9FejnHICzK66RrD7sXJwJYgTvYJAC4sjbOuJQin1nWy63rvalu_FOqdSPm9Xrolxq99m2uyFAi6CGU3Cy4XorRrJ3kQYza27kBIfyjgVQTRmRpVxE74zclV42CngienF92hcI0aJj5LoRBqJj4JHJyit8rUOCV8MrBIIDALXXwmm8uvVYkwfgfNFVHRXdpCm95kRpOJuH3OOpYMoTpIYiGq5jFEgmP1Imnmgv35gFjy8bNPQDZBJgqSReBN1oD2JimwgtOtrKKew&sai=AMfl-YRoJqeuIn8qTkMf7lStXlqtKfS99LrT2_OdN7zdr4nRHgfHsW-zf2KQO3bvsZwWTHe-mK-JNeVBDqCRFLyBojy6dZwBam9BDawWY6p3piXaKKx7mKX8tt0-6X-sFCiLfk1QTiLDAcYvI15CSYjhBy8&sig=Cg0ArKJSzMQjexUNOO-7EAE&uach_m=[UACH]&adurl=

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame D91C 24 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:54:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:54:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame D91C 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D91C 154 KB
47 KB 93ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 2173329824682406704
tpc.googlesyndication.com/simgad/ Frame D91C 23 KB
23 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2173329824682406704

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc85abf9e9b3d28a2caaa8810b288b5e1df43334f2ef44b32fbe40ed39d109cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 22:39:14 GMT
x-content-type-options: nosniff
age: 367710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23640
x-xss-protection: 0
last-modified: Thu, 27 Jul 2017 12:52:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Dec 2023 22:39:14 GMT

GET
H3 200 container.html Show response
777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2662 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://varianty.lviv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:44 GMT
expires: Fri, 05 Jan 2024 04:47:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A78C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f531b85c99f263432a08de851c39b3b122216e3b6e7938b6c4e18f7a1e9a9c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 383 KB
38 KB 21ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4b432a1e28601ca08b5aa89f0ceb23aecc990d0e61aa81d7a38bfdb32331d0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 46405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 38422
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 15:54:20 GMT
expires: Thu, 04 Jan 2024 15:54:20 GMT
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 75BE 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmhyfcFa2Y_GsF_-M9u8P762G2Aqpxqigbp3Igd-8EM_33Zi6ARABIMmhlkRglfrwgYwHoAG61ePlAcgBCakCBmGgCJTKsT7gAgCoAwHIAwKqBJ8CT9CPGoiSv5TcHbA0tPDs09O2KLfUsvfpCNyYpSdDfLMnmQxxfTTvT4ewfuU5t51S9rMF8yFLiJZCpevHi31WRumiPMOSPTRh0hiwhNU33oSHPkS2YDJ16J8786F7NwC_81abR0y65DUN_gVtFX7eivw0h-4DsbyY-JNN0PBGR7xJbDcd8-4vAukMfen8lKSmtd6AKH7Pz7HBkrvet1hdJALJz3JQ1PB5GfCxaCmxKdBFpwlmhX6Q9g-pz6xOVwNBxZ-EbfHhgoez_KYDeDWQPFY9HzkFXNYY1FK_7Dmam25m4LyYBT0nEHFvdRjJ7bl4I_1M0GWeqRwEPQloIdt5226d5RbahUIzUOBoPQuMdz_8dMacNYbuVZ9j304eNkDABKqsvJ-YBOAEAZIFBAgEGAGSBQQIBRgEoAZdgAeuqpyaAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK-rG9IIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTUxOTY4ODAwOTAwMDMxMzMYhcxp&sigh=_azxbd7IAiM&uach_m=[UACH]&cid=CAQSTADq26N9BxN3zK4XoM6wxXItb1xfVX34cQ4bYFfFukamFEiPj1ZiGDnny3HUy1thhYA0aHjJdsHRM8doA5qEXz0yaLJI9iV-MquZ_psYASAT
Requested by: Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3056 143 B
475 B 64ms
17ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:45:05 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 75BE 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 75BE 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA14 624 B
423 B 74ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjg3dDBATAB&v=APEucNUFRlPQYXqUUESgeF1B5PT7H3pccJ4sLCbN1hydEde418bwvbIzI43CDFSCf21760qnL6cp_tjyCFRZT8FOo-U02paD587-svG5TNIoArowptinNWtMPqSY6_8xfIfPbtpnQ4Dx9Y2MMbqOnWFYTMc1Z1hJxhta_o-W9wZ9SF5dzBRcug4

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2662 84 KB
35 KB 111ms
68ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BydMqZJ3hd2Q2Qj9oMLsmr7BxeimI1fox3eO4vwVa_CEPjDF3frqudfbZq3GmPVw8grqkR_BiCdjD3B5Po4rTHhf8cJa6RgSm0cVZzoT7JDzVjDjj8gFHqK49cU1l3gINM6xJiQIS31jocUZZ9yM0H7VoiFlt-cRjQAFfED8KbkYasfwk&dbm_d=AKAmf-CQfb_WaFl_ZQ_IrY0X_ybXItUySsXyyZsB1pZsT3BZzo6qI-UavkV1QJ3pQDoQCqhQdvvl8cKR57-jWILO0ZaqetpE0tXTGEYSW5U0ftJ0p4wA2ozIKSsM9yyhioa_Ov7zocuOYVZgJkAv9ZaBbJ86QJmIwU3mCIX0cGPbI2A4RXLSAjW5rgta6D6CnfxuvYRwruRxzRLCyHQnMIqAFFuBA9te3n5sVPc7pzk1deAz7vd35qLBDKcBouFSebMiop4B-UEfngrfv4QJP11y_ll0FIXt0-p5kgyi0SXnaTClukpMTm1MppWTTCl5PIYEsgnF3TGYA_b3W04aeRIsaOBN0B0vLN6KJ_xvxVqZMeQ85xrPiVi8ZvGhsyywU3e12y7RnDZgJObeKa77lp8FpexpJcwoNbvjwobrFopKQxeLaQYvZJgvh22RzcZlopkXVjPlflQ-7D44K1hGJGwRVRW0aWmQ6pi1ZGM6uo3PaC6SyKgFEd-XEP2tD6qI_syTZ3ACrJeVXaA7BAanUhQ_qPwdhopI9YvghV337loWNX1X8nKmm72uJtmhHWrH0c_b4mjSMIucxgYac1K_dIcp0KnuEEN1N0n9eoAXYVwHM-6l7NIvrE4zXy_C8eOAF0ChP8B1ZbylZPDBybao8f29kOwGWKeVWvXonwvzvMWaXyJPipOkWElBfc_4z2BMz7H1r7Q0_sqmZckPaWtrI7vfs7lIa3aG5cFp6hj92_GfM6pYCEVQvUL49B0JLlLtosNLvwoEW6qQ_QsjmDAqTgJRer0tMMhpt41HXED6L83E6C5NHSlA_ME2H-ZLKzXEvQVup7oNG2HVpAMj904PZTTncj-PqQCO1lUjN3C46cij4BoVq0jR-QjdnWLn5hS28SJrRjYnF2MBQIxfTy3DWxBEoCENQnLOl05uJ-acx2Aqf9cY9uq_Hbnp-6XrdZxE6uvOd6GrxE5qjqUlbclP2FKL9yS0VP1kxRoz1PjntrReRM6aAjAu2hxV7zy13P0nvTlsna10s17SjnXVxlmYC--TTRdubWX2uEIEK9wgsfNS6ApyTUs0lJJq7C7tiMCP0xf5XUSvRFHWfqBY770sZ8fLCMCFywc-Yg2wZEKY5N_V7PBEY2QwmkA9vMKhVjA7BepywzmMSqKjds37L3SN3rLZPBLkee5tgfGdzgWCnLAs2KRsUOYmKyRyJt8Tu_Z1o804SA1wlxBANbzn4zwYtwtYPB2ppdl8RWhTs9djll0MJX82x3O0TWcXjlng4D9BTM4AbBFcFNmgyY3yyQOjaLER7Ls-qKO99JmjxfZTSZKA7omvL7QU9zg4yPTO7q0JQbMIX_tbAz6yJ974cKzzWxCpFcHNMWOmki3WpLJ1LcuY9Tboug28EzGdPYXZ7d1RZOIAhShOBT1evptCFUN9Lx8hN5g1Fnebcsx8DG5g6h_RFfHm_4-g4Zl80V7AudyqVj3_S0guQWDLuuELEHG_gtPuJd6tCUD9kXYsNL8kXTXfa1_CoHDjql_yM3xH2hc-qA-INnAgtG0ElWJQ4zP410s3EVoov5DkUcHY0VxOgxAKmerYh4DfNVfhwg47XMnTr5qSCA-RZWu4-iLm58bLBK57YnCge5wCF598LJ53e4pf0xvnAk4eyKyM4cKMCE7BcgG5gzIc6nl5ODre6Fc4n47Bu42NlDHg9BxLIuw-_fF6o13jlB9Sg95FXDHSrX8f8smHsL7JVN6CLKrr3WbXZMlSw1RI3Koy_0TlBtKl75eeacmj6P20s_Em0DIMiSRBIEN8GCsQI7PD3oX2irTt0bIU2bH6g8ZN5OaY4bJ3ky4OFgJ81Uk6W-BxTqtowpS742pVxVVdVBlm9UK_k6_S7bbtKfzVaYpSljiqL3LjDOnwEBhrhs0VmadZY7GZ13QE2GJljbwTcKaiY0sMbgZJ80DV96altv2SMvn2GmdfnUReATYO14RVv34PIGEyZ_rpdlG3SOZczo3OAC4DPlLoyzwTGSv1x548n0e-_e5s91gHISc87ZpbOUh1fbtkQBy2Vlk7HA5RCQuroAgO-aAIF2NNuBgz2aPHoVntzzWtX7XdddjvzZKj7Se_LGHLp4jS_Naop2EVcdjAkYo9jV7L-Z3SRTpFzTOBt9PitMlaPTNnzyGhpqKQsvqJvmx-onBnxPhdwMJlEpHNk762qMUcikosgOkbEJjidKoTxRZMruBYPl8qUdNibH8EAEADfUkl9nr5LtOh12wz2MEYcdZ7-ITk70blLI0_IE1jPKCIFs1RjvmciLFn2YhGRq2TpdR59iDCpehEv0YlNSU4jgzk8cg6hkclfIWleotGV_Vfjx3grc0FKL8lEsbwv9TTDucTgnWCVmlco-Ne_Xay1OvUCYN-IxvSa-ojPrcza2RRlmA8-A860ujg_pfZllaL15EWHooa_YZ6g3KG94CTszApPhhsrEh270TE-H782U1NTthZyS0gqOKfeWSd41Z3-7Vf6g8-ZFxJfdc3DI0wLFhFsBrwgRrEsMWhh-ImEPcVJHFTgcLUTvkGIa2O-6EF5JAPM5AiHLsn1AMi2Xa3kj-52JYw2TKqFNSusmNPVxmAG3_K7KW_5W8LZE5jMom9c6sBQ0HVvKGPWgK-IwhgDPNgUzEA5V29Q-qfVjA3kZoiz8KOWLYvP9aeqnf5-Tmw1-u4Y79yZevoVjf9Y0KgFvNshZzWZw6G_1NXNEbKuJJpfveb9-qECo4Ba0Fqfznzq3q-DcLfGpBXO-4zh6L34M4l2fbqTs8DF57lfCqNz5Y2RZnIdke9CLbiB_nMkzWk65jD5_1eyj9bUq0GPiOC7f0Cx-VfViRqWySZjRIywFtjpjKtK_F4_M38HLQKtlMhnyeM0X52utbO9Rl6I3ppOZ4_kk6_goHSoMutn4tP-N9BtYc4AaI7-5ceWozahdt53Gy3hby7ivNDTe4jNN6Pxq9y-i2Uxz52hHYNFLgbQC77f_k5Y3uHas7e3AHI_tEFnaggoJ5al1QD9mJVNMjCnbYMsJbvz2GHTb-nl4-SZdSs_4-S7X7fF2tul9mDscMpMyj2VziulYfrXLc-AOjKS6ARUF-Nw931o8sAJW1WfzThRQ9T5S5HdgqTdGTYzTsFo3FrMLv9JekuRaUDthUeVi3qEaYgULbNP0g5k_0XIIqT82CPSztZBiiOONR1Do5HGH-1a8xxdWScqJ992t1ttEIOC-N4h82MemO46UjYbRKPosB3P_gr7qtIxlIxSbWernpE8KlntRGHaWQAZ-VyL2d1_fS9n9FBPcscbFOs1qRV9u6lgfzj_4M1Je3UpRbEJqQSj-1jSkf9XYq0I3Z1MRmIdCE7okmizsCk39RwkLF19PDZG849Ma7xpKkK390J_ngHB9EpCOxjvaJNe8EpLG9Aa2p_A_h9A0Gvw7frYwiUtRzXAKSUWqpOTZs3gyDpkcG58X-rhGv9qOvFS87DXs-hOWf-WAKaKMyOuOLbczh12FBn2Tm2L-NpDZU&cid=CAQSTADq26N9BxN3zK4XoM6wxXItb1xfVX34cQ4bYFfFukamFEiPj1ZiGDnny3HUy1thhYA0aHjJdsHRM8doA5qEXz0yaLJI9iV-MquZ_psYASAT&rfl=1%2Chttps%253A%252F%252Fvarianty.lviv.ua%252F%240

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83da37462b1b3ea7c91c36c72cb29915331ed5efd78885df4470e60b8aa9ed82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35847
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2662 42 B
63 B 141ms
71ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cm3s6IkeJ5A31pv3syaEWD3gp1lfJPelCJ_KhKYQEQnWZs8pQFqhwpwtL3P7X3cgtlTZ3RBjhLlJaQWn4eUcu2m6KaT9m9B1T3tKzoH-BkNqgmcIg

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2662 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2662 18 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:46:36 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2662 154 KB
47 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
DATA 200
OK truncated
/ Frame D91C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc74cf1e1025133fb51b8af91ca895af6c61063cd6636e03b0652e5684cedf63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D7C2 0
0 136ms
72ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=4367075101463119&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A78C 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwcE0r5iObB0N9sJgShJoG4kHz0rW3qzWNzfAZnmOHjXdsqGfPM08rUsrXIRLJtDEEKtGySQLwddx4gNtHUaw_BvgEStWnVHjkFvjv4CtiVEA8jV0Lgh1jIR7qzHVzkCSz1GO2vrnoqfqToI585RfYTPjshaH4wRmSsUwf5vR9tAUkONkVwJSnRPn5vELdmGe70CMX3eoen416eQRNZet5GfzjgFXkwYoQpg_jOMIc9a69b22OmvpKTEvZEsudYycbC4TvPINxjtBwjGRh7eNZcgWIljV2t3jlKSRBCaLesNSZaqUlMGHjLuJvxLP4hBKxWPAVd6BB&sai=AMfl-YQZ37BXI7TClBB4uti0FX9KR644U5fltsVr8xFWOkj-YoQIUilO_EOwRX9bKuMbNYate_jodCOOthpwAw9H07X1B9LYJLuLbDUNaRqcDG6Z9p_wh9F72MG7Hlu1vKQlik2vRxcTKL7ADxtZteZLcxg&sig=Cg0ArKJSzKlWat-eHmqzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3B24 6 KB
601 B 75ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:800,300,600,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:47:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B24 16 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Jan 2023 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B24 34 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Jan 2023 19:53:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D91C 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4Gvh-tUO1BuAmJlmeW9hjwaYSJpF2wl8sakvDpGseeRFfsWg8_UTnma6sFYvITua10AvYhMX9FwpIfcQZYBMo_4z2Ov5jjAhN9ui3Co8QymDRRJsBBMKxlvQsYyqrZBt-qfKGbqKGMEGjiu8ZT6VcaupQcPYuzTDhx-Q0lXvjCODFvVzC-iwetCygbFlE7FdKsCNjyJ6PAb8_v4Upz_7A2d0DtX6YvHEnj2Z1Tlp6zO5GSLNSctvxESF48yolfnulJ77j900fsXWL3dEoDNDxk5VmBL1sMCUkoaGXaa-ufPMfPZoy0bMMAIPq_jvIgUPOt145AAvm&sai=AMfl-YSgpuNTT1XRzjqjmcMH8vWmm4ehrkw9F_zckhGzJgR6gwRF3HfBNoJW_l6Q2TAj5zzpDig4D_bKJqH2gPJ45fvbLuSeYDdWexllbH-wmtvGZDduegsbpcswrVBsGCfW4JBmFMGdW2-yaW7fO8un1p4&sig=Cg0ArKJSzH3TC4WysXcyEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 04:47:45 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0CFC 0
15 B 31ms
31ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://varianty.lviv.ua
Referer: https://varianty.lviv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://varianty.lviv.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:45 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame E213 36 KB
15 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:13:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BA14
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjg3dDBATAB&v=APEucNUFRlPQYXqUUESgeF1B5PT7H3pccJ4sLCbN1hydEde418bwvbIzI43CDFSCf21760qnL6cp_tjyCFRZT8FOo-U02paD587-svG5TNIoArowptinNWtMPqSY6_8xfIfPbtpnQ4Dx9Y2MMbqOnWFYTMc1Z1hJxhta_o-W9wZ9SF5dzBRcug4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 04:47:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BA14
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7ZWcRYSJJ7v2nZczWFBcgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjg3dDBATAB&v=APEucNUFRlPQYXqUUESgeF1B5PT7H3pccJ4sLCbN1hydEde418bwvbIzI43CDFSCf21760qnL6cp_tjyCFRZT8FOo-U02paD587-svG5TNIoArowptinNWtMPqSY6_8xfIfPbtpnQ4Dx9Y2MMbqOnWFYTMc1Z1hJxhta_o-W9wZ9SF5dzBRcug4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 04:47:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBSFmUtBXE4mzsLTPF-nUQU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BA14
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDJREhnMCLQdDn96zqSYHNc&google_cver=1

43 B
1 KB

72ms
34ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDJREhnMCLQdDn96zqSYHNc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjg3dDBATAB&v=APEucNUFRlPQYXqUUESgeF1B5PT7H3pccJ4sLCbN1hydEde418bwvbIzI43CDFSCf21760qnL6cp_tjyCFRZT8FOo-U02paD587-svG5TNIoArowptinNWtMPqSY6_8xfIfPbtpnQ4Dx9Y2MMbqOnWFYTMc1Z1hJxhta_o-W9wZ9SF5dzBRcug4

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 04:47:45 GMT
AN-X-Request-Uuid: cf2cad14-b74d-46ec-ad8e-dd092a90a7c3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDJREhnMCLQdDn96zqSYHNc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA14
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ4ODIyMzA4NzgwMjYxMDMw

170 B
188 B

27ms
27ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ4ODIyMzA4NzgwMjYxMDMw

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 04:47:45 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 76f331c5-3daf-4d4e-81c0-36f0c494fac5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ4ODIyMzA4NzgwMjYxMDMw
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75BE 154 KB
47 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
DATA 200
OK truncated
/ Frame 75BE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7ee61b69dfaa4b23e289c16c0ee5b69202cf99d0bf11e01603218beb4113831

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2662 170 KB
59 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
Origin: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 08:56:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame 2662 8 KB
3 KB 34ms
34ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BydMqZJ3hd2Q2Qj9oMLsmr7BxeimI1fox3eO4vwVa_CEPjDF3frqudfbZq3GmPVw8grqkR_BiCdjD3B5Po4rTHhf8cJa6RgSm0cVZzoT7JDzVjDjj8gFHqK49cU1l3gINM6xJiQIS31jocUZZ9yM0H7VoiFlt-cRjQAFfED8KbkYasfwk&dbm_d=AKAmf-CQfb_WaFl_ZQ_IrY0X_ybXItUySsXyyZsB1pZsT3BZzo6qI-UavkV1QJ3pQDoQCqhQdvvl8cKR57-jWILO0ZaqetpE0tXTGEYSW5U0ftJ0p4wA2ozIKSsM9yyhioa_Ov7zocuOYVZgJkAv9ZaBbJ86QJmIwU3mCIX0cGPbI2A4RXLSAjW5rgta6D6CnfxuvYRwruRxzRLCyHQnMIqAFFuBA9te3n5sVPc7pzk1deAz7vd35qLBDKcBouFSebMiop4B-UEfngrfv4QJP11y_ll0FIXt0-p5kgyi0SXnaTClukpMTm1MppWTTCl5PIYEsgnF3TGYA_b3W04aeRIsaOBN0B0vLN6KJ_xvxVqZMeQ85xrPiVi8ZvGhsyywU3e12y7RnDZgJObeKa77lp8FpexpJcwoNbvjwobrFopKQxeLaQYvZJgvh22RzcZlopkXVjPlflQ-7D44K1hGJGwRVRW0aWmQ6pi1ZGM6uo3PaC6SyKgFEd-XEP2tD6qI_syTZ3ACrJeVXaA7BAanUhQ_qPwdhopI9YvghV337loWNX1X8nKmm72uJtmhHWrH0c_b4mjSMIucxgYac1K_dIcp0KnuEEN1N0n9eoAXYVwHM-6l7NIvrE4zXy_C8eOAF0ChP8B1ZbylZPDBybao8f29kOwGWKeVWvXonwvzvMWaXyJPipOkWElBfc_4z2BMz7H1r7Q0_sqmZckPaWtrI7vfs7lIa3aG5cFp6hj92_GfM6pYCEVQvUL49B0JLlLtosNLvwoEW6qQ_QsjmDAqTgJRer0tMMhpt41HXED6L83E6C5NHSlA_ME2H-ZLKzXEvQVup7oNG2HVpAMj904PZTTncj-PqQCO1lUjN3C46cij4BoVq0jR-QjdnWLn5hS28SJrRjYnF2MBQIxfTy3DWxBEoCENQnLOl05uJ-acx2Aqf9cY9uq_Hbnp-6XrdZxE6uvOd6GrxE5qjqUlbclP2FKL9yS0VP1kxRoz1PjntrReRM6aAjAu2hxV7zy13P0nvTlsna10s17SjnXVxlmYC--TTRdubWX2uEIEK9wgsfNS6ApyTUs0lJJq7C7tiMCP0xf5XUSvRFHWfqBY770sZ8fLCMCFywc-Yg2wZEKY5N_V7PBEY2QwmkA9vMKhVjA7BepywzmMSqKjds37L3SN3rLZPBLkee5tgfGdzgWCnLAs2KRsUOYmKyRyJt8Tu_Z1o804SA1wlxBANbzn4zwYtwtYPB2ppdl8RWhTs9djll0MJX82x3O0TWcXjlng4D9BTM4AbBFcFNmgyY3yyQOjaLER7Ls-qKO99JmjxfZTSZKA7omvL7QU9zg4yPTO7q0JQbMIX_tbAz6yJ974cKzzWxCpFcHNMWOmki3WpLJ1LcuY9Tboug28EzGdPYXZ7d1RZOIAhShOBT1evptCFUN9Lx8hN5g1Fnebcsx8DG5g6h_RFfHm_4-g4Zl80V7AudyqVj3_S0guQWDLuuELEHG_gtPuJd6tCUD9kXYsNL8kXTXfa1_CoHDjql_yM3xH2hc-qA-INnAgtG0ElWJQ4zP410s3EVoov5DkUcHY0VxOgxAKmerYh4DfNVfhwg47XMnTr5qSCA-RZWu4-iLm58bLBK57YnCge5wCF598LJ53e4pf0xvnAk4eyKyM4cKMCE7BcgG5gzIc6nl5ODre6Fc4n47Bu42NlDHg9BxLIuw-_fF6o13jlB9Sg95FXDHSrX8f8smHsL7JVN6CLKrr3WbXZMlSw1RI3Koy_0TlBtKl75eeacmj6P20s_Em0DIMiSRBIEN8GCsQI7PD3oX2irTt0bIU2bH6g8ZN5OaY4bJ3ky4OFgJ81Uk6W-BxTqtowpS742pVxVVdVBlm9UK_k6_S7bbtKfzVaYpSljiqL3LjDOnwEBhrhs0VmadZY7GZ13QE2GJljbwTcKaiY0sMbgZJ80DV96altv2SMvn2GmdfnUReATYO14RVv34PIGEyZ_rpdlG3SOZczo3OAC4DPlLoyzwTGSv1x548n0e-_e5s91gHISc87ZpbOUh1fbtkQBy2Vlk7HA5RCQuroAgO-aAIF2NNuBgz2aPHoVntzzWtX7XdddjvzZKj7Se_LGHLp4jS_Naop2EVcdjAkYo9jV7L-Z3SRTpFzTOBt9PitMlaPTNnzyGhpqKQsvqJvmx-onBnxPhdwMJlEpHNk762qMUcikosgOkbEJjidKoTxRZMruBYPl8qUdNibH8EAEADfUkl9nr5LtOh12wz2MEYcdZ7-ITk70blLI0_IE1jPKCIFs1RjvmciLFn2YhGRq2TpdR59iDCpehEv0YlNSU4jgzk8cg6hkclfIWleotGV_Vfjx3grc0FKL8lEsbwv9TTDucTgnWCVmlco-Ne_Xay1OvUCYN-IxvSa-ojPrcza2RRlmA8-A860ujg_pfZllaL15EWHooa_YZ6g3KG94CTszApPhhsrEh270TE-H782U1NTthZyS0gqOKfeWSd41Z3-7Vf6g8-ZFxJfdc3DI0wLFhFsBrwgRrEsMWhh-ImEPcVJHFTgcLUTvkGIa2O-6EF5JAPM5AiHLsn1AMi2Xa3kj-52JYw2TKqFNSusmNPVxmAG3_K7KW_5W8LZE5jMom9c6sBQ0HVvKGPWgK-IwhgDPNgUzEA5V29Q-qfVjA3kZoiz8KOWLYvP9aeqnf5-Tmw1-u4Y79yZevoVjf9Y0KgFvNshZzWZw6G_1NXNEbKuJJpfveb9-qECo4Ba0Fqfznzq3q-DcLfGpBXO-4zh6L34M4l2fbqTs8DF57lfCqNz5Y2RZnIdke9CLbiB_nMkzWk65jD5_1eyj9bUq0GPiOC7f0Cx-VfViRqWySZjRIywFtjpjKtK_F4_M38HLQKtlMhnyeM0X52utbO9Rl6I3ppOZ4_kk6_goHSoMutn4tP-N9BtYc4AaI7-5ceWozahdt53Gy3hby7ivNDTe4jNN6Pxq9y-i2Uxz52hHYNFLgbQC77f_k5Y3uHas7e3AHI_tEFnaggoJ5al1QD9mJVNMjCnbYMsJbvz2GHTb-nl4-SZdSs_4-S7X7fF2tul9mDscMpMyj2VziulYfrXLc-AOjKS6ARUF-Nw931o8sAJW1WfzThRQ9T5S5HdgqTdGTYzTsFo3FrMLv9JekuRaUDthUeVi3qEaYgULbNP0g5k_0XIIqT82CPSztZBiiOONR1Do5HGH-1a8xxdWScqJ992t1ttEIOC-N4h82MemO46UjYbRKPosB3P_gr7qtIxlIxSbWernpE8KlntRGHaWQAZ-VyL2d1_fS9n9FBPcscbFOs1qRV9u6lgfzj_4M1Je3UpRbEJqQSj-1jSkf9XYq0I3Z1MRmIdCE7okmizsCk39RwkLF19PDZG849Ma7xpKkK390J_ngHB9EpCOxjvaJNe8EpLG9Aa2p_A_h9A0Gvw7frYwiUtRzXAKSUWqpOTZs3gyDpkcG58X-rhGv9qOvFS87DXs-hOWf-WAKaKMyOuOLbczh12FBn2Tm2L-NpDZU&cid=CAQSTADq26N9BxN3zK4XoM6wxXItb1xfVX34cQ4bYFfFukamFEiPj1ZiGDnny3HUy1thhYA0aHjJdsHRM8doA5qEXz0yaLJI9iV-MquZ_psYASAT&rfl=1%2Chttps%253A%252F%252Fvarianty.lviv.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:35:13 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 2662 30 KB
11 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7199cf7ceabf89db36696a2ac103d5cf4d63d4a24f704d5d76df4d90fb572b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11494
x-xss-protection: 0
server: cafe
etag: 10034648733587439634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:34:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3056
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
30ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:45 GMT
expires: Thu, 05 Jan 2023 04:47:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:45 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 3B24 45 KB
45 KB 62ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:800,300,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 22:05:34 GMT
x-content-type-options: nosniff
age: 542531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 22:05:34 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2662 41 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
URL: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 08:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 08:56:49 GMT

GET
DATA 200
OK truncated
/ Frame 2662 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfe58d438403c21a6c16f335347c8f760679bd3deefc4281c1dfceefbb508f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7314573151872791710/ Frame BA7E 108 KB
25 KB 67ms
28ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ec56df25744866a27efb0d3a95c71bec34cd151f986376a9f2e10f498760c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:47:45 GMT
expires: Fri, 05 Jan 2024 04:47:45 GMT
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2662 0
0 181ms
78ms Fetch
image/gif 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6Dwqlq4YP1XLNcoFad5KIoXucjV8aMDHYoxtGrYZvCbYaVXSSGqKH_wOv_xi9EmPCPWA9J3ulk1K2EVGv9GcCnArVd7oa1crcC48e8O87xKzCNcAXJE9O9Gxwj_FpaL2zBVdbH6BCcEndeGRaFZNuZZMU6YDt9MYF1h77sCp6igDVORhAtIpwmHUavC9YnIgO-VvsVJcIuJ1ip-9cWKo3ECgkD9ZQZgSyqY4Hm4xYB3d9P1o4I29qaz1wLXb0I6EKoNlE9VPpu54r3e3DdUNbTl_UEX1xizPBbLL6J1nfnnXJ4VWCS7r0wm_uEhFIfv_JlVpQjZUjPE640hEm2UaX1Of0uQ3k7euv5F28imuRH906f2F9WRLtCR9DS7yI_qsQYBsZUlFUdufWmaZRDrBXY50n3dXB8U4HRPcuOD-3-kORul-Au3b5GdFkrGeK7pEdKdzmLU6Y8-VCD3U1ZSQ5O4XPbNJWy9XnCN-e8OQPipB5S02eZUC05s6wou4FrJiAWr5I4vnhJqjjfYQqRwkNhCcPQr9IeYEFtIz6nUB6MRrGodpjn9JQRg-rCZnTNabtZARQ3Z10o-fxKqdPb7sZ1BbDRXgVLJVBZW1FsG1YuxWrXs7u15-fe_O5A-sPSFRcPAFPrnQ80WDsJFTORPXUSYlPqoPYqqrLbqpjdMjJylqjFDWaL-BJuM8fKRidZbhZtZhndsF49BrYP39rEcxUic9pMVSYQWtUGSoutcSWrsgpfi8PYYg3flpm3BIEOW0njx-L9BVlNEi1ao4jeg4eVyPLisCi4gEquA-HsV4dXRzotGqgd3sjZAWZI2UVxoEyvk9znxcfWnzXWmS3PAwnC7ZjiOWJPp-33OqrpfQB_J5MaBrhnweaMDACI4xtHNuSBMFfcBYVbrJYF_Qn_7jsC85RBh_5hXeXknhfAncsbGBCqVIkizdtBvrPl19YnpAeGDVMOe9fdP81_Dnoq7IS8ta-dGjpvJHjXk0DFZbqO-r7xAwu7Et-9_MyDlm6i8niqHFO5l2oKBA7XUFzR1v3iLKULe9aQkMSzrwr9tyTpdMdZJjPEw6ngk4BcBE2y65rBS3gDiSS4TqXgCk6XlTeLjErmK4Z4rDbL_tZtl6DTDyyOG25-HGdpI1LdHc6Rp0Fb2bWvkDakJ3uRFe-loEmOw92Iw_IrYyN7VB7EomluocRlKqfR_jeYhz6god-hJHvsUEZMZX9_SFImsjxu2NFzebZE9nvVpioK4X03W-yEhw37RzjtcRiBNtCHUeIhi6b2y5BdnrpCdEIQRr3Dgvh08w_bMM56t-ukY4zyA&sai=AMfl-YR2x0xseWOVriUN3ZEuYnULUfZ2AIqrvWPUm0FhZLLHWL4In2ro89Q3iAqZ4tRYQo1CQ2pClFC9TWqHpGZxSBvpsC4-g66VmaSbmz6cZCzTHfPjaK_kdaVX6pd7JZvJHbom-hWPhWnTOTpffhKC7dKhOwaU3wHKxepnc6A9RPydVVPa_P3stC3JkKCbklcvbIN3Z4agTmDGsJLrfWwDyrL8vBaUKMBwLeW4kQ9w-mEkC0AsdLE2tVM-jHozEafe_zrHJYuEeB07kOCjyCPvEY5BS0FotI3rMOCbbhpKVw&sig=Cg0ArKJSzA3qpfiEHAjNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=166&cbvp=1&cstd=159&cisv=r20230103.23581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 04:47:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1DC2 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 415317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:25:48 GMT
expires: Sun, 31 Dec 2023 09:25:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Algovir_Packagings.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 26 KB
26 KB 25ms
23ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/Algovir_Packagings.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 01 Jan 2023 14:09:01 GMT
x-content-type-options: nosniff
age: 311924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27097
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 14:09:01 GMT

GET
H3 200 Check.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 585 B
395 B 24ms
23ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/Check.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 15:22:52 GMT
age: 480293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Dec 2023 15:22:52 GMT

GET
H3 200 CTA_mehr_erfahren_einzeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 5 KB
2 KB 36ms
35ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/CTA_mehr_erfahren_einzeilig.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 23:26:14 GMT
age: 364891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1689
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Dec 2023 23:26:14 GMT

GET
H3 200 CTA_mehr_erfahren_zweizeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 4 KB
1 KB 35ms
34ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/CTA_mehr_erfahren_zweizeilig.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 15:22:52 GMT
age: 480293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Dec 2023 15:22:52 GMT

GET
H3 200 Bubbles.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 15 KB
15 KB 34ms
33ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/Bubbles.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sun, 01 Jan 2023 16:59:31 GMT
x-content-type-options: nosniff
age: 301694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15028
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Jan 2024 16:59:31 GMT

GET
H3 200 algovir_Visual_Spruehstoss.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 14 KB
14 KB 30ms
29ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/algovir_Visual_Spruehstoss.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 05 Jan 2023 03:13:50 GMT
x-content-type-options: nosniff
age: 5635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14241
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 03:13:50 GMT

GET
H3 200 algovir_flasche.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 20 KB
20 KB 26ms
25ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/algovir_flasche.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 04 Jan 2023 09:50:47 GMT
x-content-type-options: nosniff
age: 68218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20835
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Jan 2024 09:50:47 GMT

GET
H3 200 Viren.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/ Frame 3B24 8 KB
8 KB 29ms
28ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12231767363623583744/Viren.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 31 Dec 2022 23:26:14 GMT
x-content-type-options: nosniff
age: 364891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7856
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 13:33:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Dec 2023 23:26:14 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E213 0
12 B 29ms
29ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QED5-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DC2 36 KB
15 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:13:55 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame BA7E 118 KB
40 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 08:56:51 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7314573151872791710/ Frame BA7E 366 B
298 B 19ms
19ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 16:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 16:49:09 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7314573151872791710/ Frame BA7E 23 KB
23 KB 21ms
21ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 11:17:01 GMT
x-content-type-options: nosniff
age: 581444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 11:17:01 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2662 0
0 137ms
70ms Fetch
image/gif 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6Dwqlq4YP1XLNcoFad5KIoXucjV8aMDHYoxtGrYZvCbYaVXSSGqKH_wOv_xi9EmPCPWA9J3ulk1K2EVGv9GcCnArVd7oa1crcC48e8O87xKzCNcAXJE9O9Gxwj_FpaL2zBVdbH6BCcEndeGRaFZNuZZMU6YDt9MYF1h77sCp6igDVORhAtIpwmHUavC9YnIgO-VvsVJcIuJ1ip-9cWKo3ECgkD9ZQZgSyqY4Hm4xYB3d9P1o4I29qaz1wLXb0I6EKoNlE9VPpu54r3e3DdUNbTl_UEX1xizPBbLL6J1nfnnXJ4VWCS7r0wm_uEhFIfv_JlVpQjZUjPE640hEm2UaX1Of0uQ3k7euv5F28imuRH906f2F9WRLtCR9DS7yI_qsQYBsZUlFUdufWmaZRDrBXY50n3dXB8U4HRPcuOD-3-kORul-Au3b5GdFkrGeK7pEdKdzmLU6Y8-VCD3U1ZSQ5O4XPbNJWy9XnCN-e8OQPipB5S02eZUC05s6wou4FrJiAWr5I4vnhJqjjfYQqRwkNhCcPQr9IeYEFtIz6nUB6MRrGodpjn9JQRg-rCZnTNabtZARQ3Z10o-fxKqdPb7sZ1BbDRXgVLJVBZW1FsG1YuxWrXs7u15-fe_O5A-sPSFRcPAFPrnQ80WDsJFTORPXUSYlPqoPYqqrLbqpjdMjJylqjFDWaL-BJuM8fKRidZbhZtZhndsF49BrYP39rEcxUic9pMVSYQWtUGSoutcSWrsgpfi8PYYg3flpm3BIEOW0njx-L9BVlNEi1ao4jeg4eVyPLisCi4gEquA-HsV4dXRzotGqgd3sjZAWZI2UVxoEyvk9znxcfWnzXWmS3PAwnC7ZjiOWJPp-33OqrpfQB_J5MaBrhnweaMDACI4xtHNuSBMFfcBYVbrJYF_Qn_7jsC85RBh_5hXeXknhfAncsbGBCqVIkizdtBvrPl19YnpAeGDVMOe9fdP81_Dnoq7IS8ta-dGjpvJHjXk0DFZbqO-r7xAwu7Et-9_MyDlm6i8niqHFO5l2oKBA7XUFzR1v3iLKULe9aQkMSzrwr9tyTpdMdZJjPEw6ngk4BcBE2y65rBS3gDiSS4TqXgCk6XlTeLjErmK4Z4rDbL_tZtl6DTDyyOG25-HGdpI1LdHc6Rp0Fb2bWvkDakJ3uRFe-loEmOw92Iw_IrYyN7VB7EomluocRlKqfR_jeYhz6god-hJHvsUEZMZX9_SFImsjxu2NFzebZE9nvVpioK4X03W-yEhw37RzjtcRiBNtCHUeIhi6b2y5BdnrpCdEIQRr3Dgvh08w_bMM56t-ukY4zyA&sai=AMfl-YR2x0xseWOVriUN3ZEuYnULUfZ2AIqrvWPUm0FhZLLHWL4In2ro89Q3iAqZ4tRYQo1CQ2pClFC9TWqHpGZxSBvpsC4-g66VmaSbmz6cZCzTHfPjaK_kdaVX6pd7JZvJHbom-hWPhWnTOTpffhKC7dKhOwaU3wHKxepnc6A9RPydVVPa_P3stC3JkKCbklcvbIN3Z4agTmDGsJLrfWwDyrL8vBaUKMBwLeW4kQ9w-mEkC0AsdLE2tVM-jHozEafe_zrHJYuEeB07kOCjyCPvEY5BS0FotI3rMOCbbhpKVw&sig=Cg0ArKJSzA3qpfiEHAjNEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=355&vt=11&dtpt=189&dett=3&cstd=159&cisv=r20230103.23581&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: varianty.lviv.ua
URL: https://varianty.lviv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA7E 7 KB
6 KB 130ms
61ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1957c86682dfa621d0d414c8204eebf902d27d25e9d7a3f386b2ecdf62fe2242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5699
x-xss-protection: 0

GET
H3 200 logo_kia.svg
s0.2mdn.net/sadbundle/7314573151872791710/ Frame BA7E 1 KB
703 B 20ms
19ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7314573151872791710/logo_kia.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 13:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 674
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Dec 2023 13:15:30 GMT

GET
H3 200 23717839_20220120064219828_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame BA7E 14 KB
14 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120064219828_bg_01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe517ee6e150e28b586517e872fcb914dd2156c3077fa398a7c86b04cfd0f7f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 07:40:58 GMT
x-content-type-options: nosniff
age: 76007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14184
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:42:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 07:40:58 GMT

GET
H3 200 23717839_20220120064222653_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame BA7E 20 KB
20 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120064222653_bg_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d17f87082875c58e48192a67e7c0e7bdb97365eff89f4322772b75b8b15a0dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 21:31:57 GMT
x-content-type-options: nosniff
age: 26148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20819
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:42:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 21:31:57 GMT

GET
H3 200 23717839_20220120064225419_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame BA7E 15 KB
15 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120064225419_bg_03.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a0a400927f51eeb94c3e36dbe92b7dafb03f0af1dbfff8aea406a219bf110d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 17:21:09 GMT
x-content-type-options: nosniff
age: 41196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15709
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:42:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 17:21:09 GMT

GET
H3 200 23717839_20220120064228311_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame BA7E 16 KB
16 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120064228311_bg_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68a42a5005bbfdada22732d6f9484e68112036072ee06fe4b2692d3fffe1241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7314573151872791710/index.html?e=69&leftOffset=0&topOffset=0&c=3Tqz92T1K8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:10:16 GMT
x-content-type-options: nosniff
age: 45449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16552
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:42:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 16:10:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DC2 0
20 B 71ms
70ms Image
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPQTKcVa2Y9jyB5_Dx_APy9KzkAQAAAAAOAHgBAI&bg=!LS6lLmrNAAYDMoyoIzI7ACkAdvg8Wul3crlqkh5_ZUhTwRTsGxz5FY5weYYnyRU8cfjsDNut0_lWNAIAAAB2UgAAAAJoAQcKAHz0PAowNBMzV0MOS2eD7c-1Zy9_SOVrHA5trB8QD454FkI8s40pHJf2UCX5OwUixJYWY4TQI8VAsi94bUQUGy4WD1zJgbgCQLlCN8r0oM1iDEAysiEzh_ecGPg8GpRDgCqkMHHI9iMMmQDB3S79XVPZNVbuLefJn8syE54TmQLvOBZrwbXet1vg30Nwse_p05-b8J9QC6UdzcvYclWJxuFDOs-5mkAB98Ctr2LNhBtSFu4vUIGWjZxzPIlPBisFLx7YWQ0mxjcbCqKDUJRKthPjN7Uas0LNSxqzSIRYMft9ZFft-VbZhFnAqMgp5ONHb5hBMFJQnsXI96ETbwZ4XqTke61futPIM8mraxdIXM74heQfUvOSiEPLWIhzX8bic3VBJcQ4jEj5IETWZUPECYDmB7vvbB6RVYD1yHDYVvGojfNX3_QQz8ddXXfmsbHwr-4DGQRKaZ2NRo9QsrIYoX8_3r3dgQQtxyv6n2wEynCOC0Q2Fj-u6gp1Y71n45rw1fWEE7AaNZrLj51cgYK-n_Br9btH3GRCFmxY6gav3g4nJto1uZqOgF4p8yeru_HgERBTi0KqCeH0cASzwPrS29_q2V_7WqnZqf91GIOT05VwI-8vCpv0doeAhTc6bjIxwNB1M2MQRA4ShpIs8xmwYO1XmwJTDowHovTrpExxM3_5aolHqQjYxvUcS3G2MRhx6XEpGC6gv1jfoZFfxPgsnFENdxFJH8yEq94Fp9EE0jySM1QayuYnY0nH2USqkA3Q-3xPpv4U6IFuEzLO2A-XgHHohOMEFBW7usCpntbQfRuEcUqYO3ij2ZgGFQl_eQ3QE6P0d7y1vGLPKuPmiERqUctxbwmQ2UTLMESfYg5NMMOzNBkYxdliNnzVzb0kaYZq1YJdhAQ-Z5LOd5ojMsl7qlb8GcXV1PpWjQ2l0XwiniHV2yCJajlmFHGjLpZeFgl0sdjIOAfH1oOJqRAY5v8xQ6LtxdtyTDLbUrMtke4g-L_utkwUSyICMnw8XAZ3u1HM6XeWs8c1tz7reytHdyqhSsF6oomh5_X0NmM2z3XtkflVtH4S3rEFiSNTF2QYuqfdoIcUgYBveIWJZXDj0lMDCY2O0ItUvbt2wvevUndUgq0jRSlmYwd89fdV-OfM1Qnf_zVA01RCAxoHBLhr5ELScw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA7E 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 04:47:45 GMT

GET
H3 200 QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js Show response
pagead2.googlesyndication.com/bg/ Frame B41D 36 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 10:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 10:13:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=4367075101463119&bg=!39yl3JjNAAYDMoyoIzI7ACkAdvg8WsWc3KOdaXjoXNxoJdF6qWxVAbnhhMUKDA-zbIXqdgd-cp6iXQIAAADmUgAAAAJoAQeZAqW7GsFUSkOtXXLWW2dcB9KliJJOYaf1b8r37Z_2WG4r-IdETp9O8w8wRYkkbd2Epcnw0hFGXgg5Hezna4LFA5kY2gyFsbeUWb0nOmoZEx11mG2qUIzH23vgAGcYY_leSspA8AflujHpuO4dDG4PEg4HTbK4EhIYsa5DCTLBx3BhxT-4Pj0BcfoFzLCtlthkxb7yiYcKjGuzMEiXaK78K3pcndbeKq77x83OUXp6YdeB3klUMqKonudYxTffm7ayEP9NWs1GMebDswscW74exudCGmmfRLOTAiJo2xgHxBGOjLFvWYMABDMNfFVHFnDztvARXEa5gJJZP097H9FA_C9VcV_resSju3It962AFq8C3U3MWj39p2ICDiaUQui7Z2zUcDhcr2wbx7xiOLhBciwj5HtpmPrkwQN1doGY587F6gbbX-iu7gf6tR6m9TkVy9VBzB87d2nmMrLLtX-sKu3d-mOSy7_iy4KR_SfY8y4iCeYdfKr0K_soN_85vBgUx0plaA4apFAjpPCDeIfBfv7DpE0gXDnfMULyiJj467IfsqjvtdFvSJGT0JgxujFGM8z7mmU1w38t225rrn1azANf2ZVomkkBCCl9ctx611LIeqnyagCJoW3rVTHeyG23OLozzcgEqj9__kZe5c0CTFvJEk1UOU0-Pxo9dkBLsSyOcM2n6vFtiN7VEzOG9tP3S2SibI1kb3fxEc6URUF7E_zCmbm8BSKZdPrqA7W619h51JNj7d0SsVyb6t4499I3PpcU3IHMIcXpU_a6FkwC57woo9-EI0m_QEPhAlvba1JDGOhzJ4x_tO_pcqatqz-RwvyNsNN3Ijk-gu8iQVj40v8hjgF9mJRwmdts507kPTFNTT84oJTSrwFKRRqKu14q8Nb2qHcwSg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://varianty.lviv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 75BE 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjrjFP8HsCaJ0p8vgIW1fP5n1MyuD2GV2DCYj1BLFvLl6Ux-UC1rUyFd4XHtVg-N34rZ2Fsj23eKje62mbO0OsmW9nP5GpXDfh89sPTSJVrWE29wTGDlX7KpoIn7n73AZiLRsalQ&sai=AMfl-YRvJTFpkJYxxUWRW18GdKwlLOJQ8sQBoKhDpFIHqx7PG95TkpChD8PPAH1Qkta9HrDTwthvb4A3nC155WLKfvDST0sAepiUIT7UDRcooeF7V1Wwop2h1gSqsETjLdkwz1PZ3my6ovWu4OIgAz55&sig=Cg0ArKJSzJUBF2we-LWREAE&cid=CAQSTADq26N9BxN3zK4XoM6wxXItb1xfVX34cQ4bYFfFukamFEiPj1ZiGDnny3HUy1thhYA0aHjJdsHRM8doA5qEXz0yaLJI9iV-MquZ_psYASAT&id=lidar2&mcvt=1000&p=147,315,397,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1482970948&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672894064939&rpt=376&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:47:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.varianty.lviv.ua/	1970-01-20 18:17:34	Name: _ga Value: GA1.3.751904463.1672894063
.varianty.lviv.ua/	1970-01-20 08:43:00	Name: _gid Value: GA1.3.1764941751.1672894063
.varianty.lviv.ua/	1970-01-20 08:41:34	Name: _gat Value: 1
.varianty.lviv.ua/	1970-01-20 10:51:10	Name: _fbp Value: fb.2.1672894063571.725499785
.varianty.lviv.ua/	1970-01-20 18:03:10	Name: __gads Value: ID=c04147c788d17aba:T=1672894064:S=ALNI_MbxCl4-z8HZAFSpM28ZDaiOM2BCVw
.varianty.lviv.ua/	1970-01-20 18:03:10	Name: __gpi Value: UID=00000b9d59daa86c:T=1672894064:RT=1672894064:S=ALNI_MZqgN09R-S6daGbHLiLvajbQAok9A
.doubleclick.net/	1970-01-20 18:03:10	Name: IDE Value: AHWqTUmONVeX-lrOdvfHNHZr_gwEv8zs1mB6KNuMA3yQj17Qebo0QlgzL4r34nC4tTo
.casalemedia.com/	1970-01-20 17:27:10	Name: CMID Value: Y7ZWcRYSJJ7v2nZczWFBcgAA
.casalemedia.com/	1970-01-20 10:51:10	Name: CMPS Value: 3252
.casalemedia.com/	1970-01-20 10:51:10	Name: CMPRO Value: 3252
.adnxs.com/	1970-01-20 10:51:10	Name: uuid2 Value: 448822308780261030
.doubleclick.net/	1970-01-20 08:41:37	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 10:51:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In9p/0wx!]tbPl1M>e)ZlrFUfJ+tGXxoyA015jX!/MwD$DYOZ00k/I5<:w_KAP@5x:N@3If)y3KL9D3I?+W@BR>O

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

777dbbea384d0536343d0bafebcf4ec7.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
apis.google.com
cdn.onesignal.com
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
connect.facebook.net
cse.google.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
onesignal.com
pagead2.googlesyndication.com
platform.linkedin.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
varianty.lviv.ua
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
142.251.39.34
172.217.16.194
185.80.39.216
185.89.210.141
2606:4700::6811:190e
2606:4700::6812:e134
2620:1ec:4e:1::45
2a00:1450:4001:800::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2006
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9b
2a00:1450:400d:802::2002
2a00:1450:400d:802::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
95.47.113.253
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05fad6163742ef2ad29f88070ad2d7d332b09efd77713ae63183d7b8360e6094
092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d17f87082875c58e48192a67e7c0e7bdb97365eff89f4322772b75b8b15a0dc
0d377643b17beb81dab34d7e3169eae303d7541e61fab490e28be02528441963
1036240c16acf82a5e8793b423a865bf338cc9ae6853e50d2d096215855bdb6e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17dff8f243340d8e192662e3d681e2eae6482950a3fb08f63f48ad8a6119edff
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1923c98708e69910c2f577f917b565070983d35d31cced5829e1c55de3847021
1957c86682dfa621d0d414c8204eebf902d27d25e9d7a3f386b2ecdf62fe2242
19d27e7fbb34cc52f90da388934b0f9435b56a6bc085dd4b24f93309f9726640
1ac41f6b077f825cf092def7268eda572417edc5199b81093e675223e7dc86d4
1c97e4e349863042a40e18a45b2909ab2dcf374eb11aa97471666fbd50058197
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1fb5337ffb7f54dc3cef59c766b47a3f189478b0b21e11687a38264b460b2f0d
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
21a81f03d94744e416c5a764eee725f34dcf3cca0c8679c43f34e6b2ac3868b3
21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c
22ec56df25744866a27efb0d3a95c71bec34cd151f986376a9f2e10f498760c9
25bb18c681b6d81ee8d6d1b9eeefcd96b5b1f99e24275d4fe5b250032af3c924
2648cf7416459a62882bdb959e1f81bb5af5fa82b0efcb78a2b9b3397fee3182
277a6e1b0e9104093900e78cf7715c03f1010c6c911dc3bad56300efd173494b
28000af99f89ac4e7b138ffe06442c7bee830e6e973590fe0aa32806f53446ba
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2db99e9f60bd9a047e8408a7f909fb75d82a35e71c39e6870757aa4069da4257
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3247c22caf22d5a6bab3fd9496589746b083be572334ab690fae8ef67c5add53
3270b477b815b2de6759e3e13ac2b4ea93049015b03591901628cfc12312a678
396c1808e979a438d6fa41b49bd6c8958116965ae8f8d25234d10098d9da0f98
3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0
3f531b85c99f263432a08de851c39b3b122216e3b6e7938b6c4e18f7a1e9a9c6
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4102b22f7cc8c64275af7041dc049371bc69deaed78eb2e8e314e2e91e319ef7
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7
4627acba7d2699a6e0ed65aa44db5581ae3f0df45d5fd38d5f7bfc2e385cdf8e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48e04c82a2bc7d505e6d3e93a2d33f26fbcb90bd37ecf454519583e7a3965cdd
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4b2e40762fd45c4022714c1ffa41eb8311a031fde0dba60f274b149ea5971cdf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bec86cf07d7dea5d235e2244074f1aef2dafefdcf07d44939f61e305bb22897
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5073a2af4e54a5446f976ec70c965f7268502d087441aec6e50939cd05cec2d2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
577bb96f940c68ae514e78c2d4dfcf3d6056a32180e4191f8f7c8bf69cbccfd1
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5ea63e27ff70776124c12a21d588fd47287fbdf8b97d6bd16411ccec15fbef0e
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65ecaacea233cbd58cd42e885e80df77cbc92fc6cfd6e85f1d0e9d2852e1e7ed
66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
6db8cc5e8ed9840cc8e5289f791042b350afc16e1f7c47e09f11fb5f46965024
70669cea5c48278adabb4c590e9ccfd939050709fd5cd67889703c8bb332079f
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
7382f100339de55da540be8d476c1cc80d31b4840e1d74618367338591253c5d
7800ca478475a443e99a5de41608dc3bd56ffc7e01c4a39f30ecd3c87bcb8d2f
7e158121448cea5610659da46385afc0d6d720e6fad1d0d7d32665f1568d0bc7
7f4812ed9c66876dd2cf3d4527c24ea313ba92943151e40dcac90792bb87ff42
836fa59d2258379984ee3755b7a05840aa735b1093aa7531748b59ceff417c58
83da37462b1b3ea7c91c36c72cb29915331ed5efd78885df4470e60b8aa9ed82
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a0a400927f51eeb94c3e36dbe92b7dafb03f0af1dbfff8aea406a219bf110d0
8a322f5ede3b370a7fa340cbbd33d49fb04f8014137c9b5dc448de522fd0be8b
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8ccc62159ec745b287e86efc51dd985ff9c9735a31099298c36b116c4326a4b4
8d803f4e434986ae9aa09045c788dfc15e82e8ef64cc94d214c7df2c281875ae
901947b8ad059e88176c1973108c4ac1deb691b5e5702594a88d0504e5b92954
949d48e6671523d78d2df807fb1b42551699eab5a179abb6fed70ffef81cac31
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f804ab9c3253be5ad55c92037a7f4033c26e7d5391d1fc6f8ebf2f2f460767
97311371abb7d5478c312ab2dadd6265710eb81cbaffb76d47c5b7459ca3130c
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3
98c588bb5aba3cdd2332288724e3fe0418bfaf3cd938e9a66382401ada234be6
9aac546c362b507bd1e3631949ed739707744cc8ad6854f6eab8a0cec04800d5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cd0dc8bc04600986ec4037b062de71fcbefd6dd55757fdf524fb8f835ac056
a4f6c4f2b21ca3b30222bb90696a914991e718cbbc018c89a3d57b11c9267544
a530e80160e27e340466de9e921fbd4d46215dc45ff0ac3cb7a9d0fe744bfd74
a56ccb7522bf0ff375f1afff263292ef6667f633b348c7751d4104e29398ba51
ac4b432a1e28601ca08b5aa89f0ceb23aecc990d0e61aa81d7a38bfdb32331d0
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b612512e1776b77b0671f4927f900ce1b9301884547bef169e83fc2dd7aef870
b7199cf7ceabf89db36696a2ac103d5cf4d63d4a24f704d5d76df4d90fb572b8
b9a13ee363d0f768afe63a7cc428eee1b4d1f43ab75ea4780fd89d97b26a74e6
b9cb1a14b2248f3a03d1a9655bbfcf919c35b422d68b13cdd2fec58bbd893f1f
c1fdd8650aaebe587936f9fe4d43c7b6e2244002a5b40468cbf7e5d3f92f9cf3
c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c6af16e154e39cc6ba810c038a8ee0554b19ee32f1460fee9cd71851c4af3938
c7ee61b69dfaa4b23e289c16c0ee5b69202cf99d0bf11e01603218beb4113831
cc74cf1e1025133fb51b8af91ca895af6c61063cd6636e03b0652e5684cedf63
cde413d3763b4d6bb378b776b7fd98666b7c7ece80209dc22612ecd95e723ecd
cf09a7bc22dedf0759ab7edced24e122714eab0f62c743c8aac52c1ecb7e4f14
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d17394823e997232e1b717a9f627ea5d285de8501c2a3618f6948709307929c0
d28b763bffa1461d5352f0bcd452da4e807be75556ae77349b5ecdb6af3a00e1
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc85abf9e9b3d28a2caaa8810b288b5e1df43334f2ef44b32fbe40ed39d109cb
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddfe8eada9508ff2cce09d80add4f06738b04608d7fd9c38ee512a624a1a9a9b
df4e0fd5d39dcaabca2a515336018e26e46da13cd91a7173dbf5d15670424262
dfe58d438403c21a6c16f335347c8f760679bd3deefc4281c1dfceefbb508f8d
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548a1d83c4e2712989a4d7df8817ecdd3b0927e3529bedbef44a8c21d07c5c4
e71e810c089ddf4bd2cbdf025e6f5703b06ff2547e4f3410f76a58d8beab5bfb
eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16c74d5e5f8924f68b41831d4986da8dce98495fbf1b0fcdceded1cf4cf9b38
f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439
f68a42a5005bbfdada22732d6f9484e68112036072ee06fe4b2692d3fffe1241
fe517ee6e150e28b586517e872fcb914dd2156c3077fa398a7c86b04cfd0f7f6
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

varianty.lviv.ua Open in urlscan Pro 95.47.113.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

96 %HTTPS

83 %IPv6

18 Domains

31 Subdomains

30 IPs

7 Countries

2869 kBTransfer

6710 kBSize

13 Cookies

8 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

varianty.lviv.ua Open in urlscan Pro
95.47.113.253 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

96 %
HTTPS

83 %
IPv6

18
Domains

31
Subdomains

30
IPs

7
Countries

2869 kB
Transfer

6710 kB
Size

13
Cookies

160 HTTP transactions
4 data transactions