bus.com.ua Open in urlscan Pro
193.243.159.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bus.com.ua/
Submission: On January 05 via api (January 5th 2023, 6:09:19 am UTC) from TR — Scanned from DE

Summary HTTP 150 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 28 IPs in 10 countries across 25 domains to perform 150 HTTP transactions. The main IP is 193.243.159.4, located in Ukraine and belongs to VINNEST-AS VinNest ISP Autonomous System, UA. The main domain is bus.com.ua. The Cisco Umbrella rank of the primary domain is 105202.

This is the only time bus.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	193.243.159.4 193.243.159.4	28750 (VINNEST-A...) (VINNEST-AS VinNest ISP Autonomous System)
25	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	193.243.159.5 193.243.159.5	28750 (VINNEST-A...) (VINNEST-AS VinNest ISP Autonomous System)
1 2	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.201.116.4 193.201.116.4	29663 (SNU) (SNU)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1 2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
10	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
150	28

20 193.243.159.4 (Ukraine)

ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA)
PTR: sm.bus.com.ua

bus.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.243.159.5 (Ukraine)

ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA)
PTR: ssl.bus.com.ua

ticket.bus.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.201.116.4 (Ukraine)

ASN29663 (SNU, UA)
PTR: www.secondary.net.ua

secondary.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2806fb5259d3c70583b851fc09238c15.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 2806fb5259d3c70583b851fc09238c15.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 187	702 KB
29	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	305 KB
23	bus.com.ua bus.com.ua — Cisco Umbrella Rank: 105202 ticket.bus.com.ua	54 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	143 KB
11	google.com 2 redirects translate.google.com — Cisco Umbrella Rank: 2106 adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	29 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	264 KB
5	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1422 fonts.googleapis.com — Cisco Umbrella Rank: 127	81 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
3	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 113835 i.bigmir.net — Cisco Umbrella Rank: 202250	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 871	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1178 s.tribalfusion.com — Cisco Umbrella Rank: 2747	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 670	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 791	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6509	646 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	920 B
2	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 103	17 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1903	587 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 456	265 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085	75 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675	576 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1025	336 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1282	718 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 918	542 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	2 KB
1	secondary.net.ua secondary.net.ua — Cisco Umbrella Rank: 822058	895 B
150	25

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
25	pagead2.googlesyndication.com	bus.com.ua pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
20	bus.com.ua	bus.com.ua ticket.bus.com.ua
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	cm.g.doubleclick.net	googleads.g.doubleclick.net
8	www.gstatic.com	bus.com.ua translate.googleapis.com googleads.g.doubleclick.net
6	www.googletagservices.com	bus.com.ua securepubads.g.doubleclick.net googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net bus.com.ua
4	fonts.gstatic.com	fonts.googleapis.com
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	ticket.bus.com.ua	bus.com.ua ticket.bus.com.ua
2	c1.adform.net	2 redirects
2	secure.adnxs.com	2 redirects
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	translate.googleapis.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google-analytics.com	1 redirects bus.com.ua
2	translate.google.com	1 redirects bus.com.ua
2	c.bigmir.net	1 redirects bus.com.ua
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	stats.g.doubleclick.net	bus.com.ua
1	2806fb5259d3c70583b851fc09238c15.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	i.bigmir.net	bus.com.ua
1	cdn.jsdelivr.net	bus.com.ua
1	secondary.net.ua	bus.com.ua
150	37

This site contains links to these domains. Also see Links.

Domain
ticket.bus.com.ua
rail.bilet-ua.com
forum.bus.com.ua
avtotrans.kr.ua
www.rivnepas.com
zakavto.com.ua
ks.bus.com.ua
www.orangeline.net.ua
www.mexico-blog.info
crr.bus.com.ua
infobus.ua
www.bigmir.net
secondary.net.ua

Subject Issuer	Validity	Valid
*.bus.com.ua Sectigo RSA Domain Validation Secure Server CA	`2021-12-23` - `2023-01-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 23 frames:

Primary Page: http://bus.com.ua/
Frame ID: BB133EDF3D5644ABEA7A1E47B9B74004
Requests: 49 HTTP requests in this frame

Frame: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
Frame ID: 2E35D7A698672B3B1656D733CBC557BF
Requests: 4 HTTP requests in this frame

Frame: https://2806fb5259d3c70583b851fc09238c15.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 828F239F5E00A7BDBA06C98E449E20C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953299&bpp=12&bdt=193&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=1034917826114&frm=20&pv=2&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HsbfHA1Olm&p=http%3A//bus.com.ua&dtd=229
Frame ID: 41D6FA73CE83F16BD3D4F5206A149043
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&adk=2424164121&adf=3981000633&w=160&lmt=1672898953&format=160x90_0ads_al_s&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953313&bpp=3&bdt=206&idt=221&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=4936604726&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=13&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Cebr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FUHjv1uytu&p=http%3A//bus.com.ua&dtd=223
Frame ID: 26FB8181EEB75CEB70E78446C332FF2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953324&bpp=12&bdt=217&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=yIg4vK5izV&p=http%3A//bus.com.ua&dtd=219
Frame ID: 74D23CAC57E1D05A70249FBD5CF5E33C
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4B8555D1FCE1B5793A7FC25BFF550AC3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0N1JUkBY3UUQ2ogIgclqQi5uuLl4H46P5M3QWhwyCyYRgKuT_PALqeDYtlbAcVjFzGMot8Hvr-2jQX3B0Xs50E6cAflJh27EIlT8GkeZyaVijx-3BqB_ees9uTI947D--__9BBDREngK5JIOGIsL9LtzfDxmNVRHal7ggFcM7iFPJmuuOz0Ov76xTnY-snM52ScR6ai4_uRraLeKGzqbSxivwyfdIzQhEw6MBLo9tqRN-wCgXnVfm-9qVf4LIHukSMfVKerGoXFnXqBXtFVPbJB5Nfydj0t8rZCjkPxPcuA_5MlRSbXE&sai=AMfl-YTkbP7_-ZP5tOn9_DtfEYJuKnOVIcQ5ct8u_ZupckROPqs3W8nzjB_hPGj4AfFihIajAla5EH9tnVz3QlpvMj-ReOhb66Nbir1u4GToVDWah6L3jzSj1aLLINlYmhYbr1Wwb8j_asnVg1bOkiCUAQ&sig=Cg0ArKJSzIdl3W57LhxqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FB00B24D374004FFE4167B7AA54A63FB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 42B10EE988EA78B2E9D3144839941E0F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: AD23FA25D65ECBC38D44F0C6FC7171F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=60&slotname=8053887928&adk=1376645091&adf=3173046727&pi=t.ma~as.8053887928&w=468&fwrn=3&lmt=1672898954&format=468x60&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672898954202&bpp=4&bdt=128&idt=230&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&correlator=1034917826114&frm=23&ife=4&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=762361653&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=80&biw=1600&bih=1200&isw=468&ish=60&ifk=1148333615&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071168%2C44779794%2C44780792&oid=2&pvsid=2112045365156887&tmod=1990183388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9n9xghfrvb6t&fsb=1&dtd=244
Frame ID: 2B5C466FD6F61AC3D165631E7240527E
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: AFF48A7F5FA87ACD21B0555C9C961D95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 899B05E5CF89D6B9909CC1336E38C4B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DF8D815D3C6469BDA3566039E037B67A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: D9622C52260E6A25287C10177D8C398C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78E1EC1D14C9F8A194807609C2ADCD48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0A7ADC6F9D32AAE722C42EC4862D08F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&adk=1812271804&adf=3025194257&lmt=1672898955&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&pra=7&wgl=1&dt=1672898955325&bpp=18&bdt=2218&idt=19&shv=r20230103&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fc9d49f6c732393-2251d59bfcda0001%3AT%3D1672898953%3ART%3D1672898954%3AS%3DALNI_Mba3tpyFsH2Y6HKWqKFNjaE7XUTYA&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726%2C6055777524&nras=1&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&psts=ACgb8tusDBQ-2p8IZm8oWR2YMTaJcXRSJaycqczYvykEoEAGlk9wG2EGG_1JBypSgtH8YvskXOev1z0JcPUL2VOa%2CACgb8tsq_8TrbmHFitr4pLFpSN5uiYf0izG7PcCg11c_tXTpXosVDV9T3EeCmIKKcOCEtQgXvEQrxzJ-tH7S0Ni7gA&pvsid=2903311045262460&tmod=1556002607&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=54
Frame ID: CAFA63FC399896EDCE25C7F966A0E97E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FDBFE404C4149B1304618D678902CCF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1042502987D7194BCDA9A62B4878D8EB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Frame ID: EE881B3D1AE74C2229BDD6C6A0C3E4A5
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75FD392E08CCB101DC5ED8078B5DBADB
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Frame ID: FDEB72BF882CE52DE4665E35C894EC19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Расписание автобусов по Украине. Автовокзалы городов Украины. Заказ автобусных билетов.

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

150
Requests

74 %
HTTPS

53 %
IPv6

25
Domains

37
Subdomains

28
IPs

10
Countries

1601 kB
Transfer

4307 kB
Size

23
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://ticket.bus.com.ua/order
Title: Оплата билетов на автобус через Интернет

Search URL Search Domain Scan URL

URL: http://ticket.bus.com.ua/
Title: Купить билет на автобус, оплата банковской карточкой

Search URL Search Domain Scan URL

URL: https://rail.bilet-ua.com/
Title: Залізниця. Наявність вільних місць, купівля квитків

Search URL Search Domain Scan URL

URL: http://forum.bus.com.ua/
Title: Форум

Search URL Search Domain Scan URL

URL: http://forum.bus.com.ua/?op=viewmsgs&tid=43
Title: Why Russian?

Search URL Search Domain Scan URL

URL: http://avtotrans.kr.ua/
Title: Кировоград

Search URL Search Domain Scan URL

URL: http://www.rivnepas.com/
Title: Ровно

Search URL Search Domain Scan URL

URL: http://zakavto.com.ua/
Title: Ужгород

Search URL Search Domain Scan URL

URL: http://ks.bus.com.ua/
Title: Херсон

Search URL Search Domain Scan URL

URL: http://www.orangeline.net.ua/
Title: Поисковая оптимизация сайтов

Search URL Search Domain Scan URL

URL: http://www.mexico-blog.info/
Title: Мексика-блог - Мексика - вид с изнанки. Такого вам больше нигде не расскажут;)

Search URL Search Domain Scan URL

URL: http://crr.bus.com.ua/
Title: сервер для автоперевозчиков

Search URL Search Domain Scan URL

URL: http://infobus.ua/18-onlineticket.html
Title: Автобусная справочная служба - VIP обслуживание

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/?cl=3550

Search URL Search Domain Scan URL

URL: http://secondary.net.ua/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

http://translate.google.com/translate_a/element.js?cb=TranslateInit HTTP 301
https://translate.google.com/translate_a/element.js?cb=TranslateInit

Request Chain 27

http://c.bigmir.net/?s3550&t6&c1&d24&r1600 HTTP 302
http://i.bigmir.net/cnt/06.gif

Request Chain 28

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 36

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1519886793&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%90%D0%B2%D1%82%D0%BE%D0%B2%D0%BE%D0%BA%D0%B7%D0%B0%D0%BB%D1%8B%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B.%20%D0%97%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BD%D1%8B%D1%85%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D0%BE%D0%B2.&utmhid=26500868&utmr=-&utmp=%2F&utmht=1672898953502&utmac=UA-8590699-1&utmcc=__utma%3D150504101.199089328.1672898953.1672898953.1672898953.1%3B%2B__utmz%3D150504101.1672898953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=405928967&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1519886793&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A0%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BE%D0%B2%20%D0%BF%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5.%20%D0%90%D0%B2%D1%82%D0%BE%D0%B2%D0%BE%D0%BA%D0%B7%D0%B0%D0%BB%D1%8B%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B.%20%D0%97%D0%B0%D0%BA%D0%B0%D0%B7%20%D0%B0%D0%B2%D1%82%D0%BE%D0%B1%D1%83%D1%81%D0%BD%D1%8B%D1%85%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D0%BE%D0%B2.&utmhid=26500868&utmr=-&utmp=%2F&utmht=1672898953502&utmac=UA-8590699-1&utmcc=__utma%3D150504101.199089328.1672898953.1672898953.1672898953.1%3B%2B__utmz%3D150504101.1672898953.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=405928967&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=199089328.1672898953&jid=405928967&_v=5.7.2&z=1519886793

Request Chain 96

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECdKkwSbDeUque_5VN6hG5c&google_cver=1&google_push=AavPq0MvqVkW6RDcI2QF2TBQF3GuyrD8QlKkkRZYZpGabRthowxJltBeNUx6OnhoFEdAjKAt0ke5HtOLnBq4u2URtrhbmxZ9oWpz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECdKkwSbDeUque_5VN6hG5c&google_push=AavPq0MvqVkW6RDcI2QF2TBQF3GuyrD8QlKkkRZYZpGabRthowxJltBeNUx6OnhoFEdAjKAt0ke5HtOLnBq4u2URtrhbmxZ9oWpz

Request Chain 97

https://um.simpli.fi/gp_match?google_gid=CAESEGQr_fTCzOkBQKXcZFs-crg&google_cver=1&google_push=AavPq0Ogt3rhf4sbCXbmzypI591NwW67KnWpksb7U4nka6hqUvWAVRcTutQI0nkX_jgWBFZFko91RYsxOxy_-CbQAi6g4gOH4GSnnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4E57C87F6DB4ABEBF42659C3B2ECB8A&google_push=AavPq0Ogt3rhf4sbCXbmzypI591NwW67KnWpksb7U4nka6hqUvWAVRcTutQI0nkX_jgWBFZFko91RYsxOxy_-CbQAi6g4gOH4GSnnQ

Request Chain 98

https://d5p.de17a.com/cookies/google?google_gid=CAESEI7URPebuBaiiQMzr1AAhP4&google_cver=1&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvTkgr5lXk HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI7URPebuBaiiQMzr1AAhP4&google_cver=1&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvTkgr5lXk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvTkgr5lXk

Request Chain 99

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJCGQ9IykPvhrRFoyLcS5xw&google_cver=1&google_push=AavPq0PKb0lDSR_lS4dSWiobtJFcp6GDxEPvQWZagofCbwbX1w6IYumL8_KMDEjrOJA0vH5Q_cIuArUy5KPV61kzjmWmlNs4JqsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PKb0lDSR_lS4dSWiobtJFcp6GDxEPvQWZagofCbwbX1w6IYumL8_KMDEjrOJA0vH5Q_cIuArUy5KPV61kzjmWmlNs4JqsA

Request Chain 100

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEChTLsMSbb8D5Sfv75D128w&google_cver=1&google_push=AavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672898955044 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ce33b4c8-af29-4ae9-8591-85afae1183c5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ%26google_hm%3DA84ztMivKUrphZGFr64Rg8U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ&google_hm=A84ztMivKUrphZGFr64Rg8U

Request Chain 102

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHnp52M6cLvLyHe1v-Y9OL4&google_cver=1&google_push=AavPq0OVHQnPve2aImgFSNL9oE9Bv2gFGv3LsjOj-5vl-DGwnePb-CQrajX0dOuFtL5vfKJx_XUFXf5ARs2R4Pn7x0MZ6CSQIegvLjg HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHnp52M6cLvLyHe1v-Y9OL4%26google_cver%3D1%26google_push%3DAavPq0OVHQnPve2aImgFSNL9oE9Bv2gFGv3LsjOj-5vl-DGwnePb-CQrajX0dOuFtL5vfKJx_XUFXf5ARs2R4Pn7x0MZ6CSQIegvLjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI4MTI5MjE0MTIzNjc1Nzk0Mw%3D%3D&google_gid=CAESEHnp52M6cLvLyHe1v-Y9OL4&google_cver=1&google_push=AavPq0OVHQnPve2aImgFSNL9oE9Bv2gFGv3LsjOj-5vl-DGwnePb-CQrajX0dOuFtL5vfKJx_XUFXf5ARs2R4Pn7x0MZ6CSQIegvLjg

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 149

https://a.tribalfusion.com/i.match?p=b6&u=CAESECJ6l9qqcdrZtqWygQ1ncAc&google_cver=1&google_push=AavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECJ6l9qqcdrZtqWygQ1ncAc&google_cver=1&google_push=AavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 151

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOeb7McabqBzzwNCoQ-Ngeg&google_cver=1&google_push=AavPq0N4n9Dc9a3203Y8CG7z0zOSJC4QYKfd_ciXHtI29eGc5d-Wf7mQPZAT6O404oCO5AwKVPsKq5hHCvU59ybqHFW7o15Ovdu1Az8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTA0NjMwNTUzODQzOTMxMQ%3D%3D&google_push=AavPq0N4n9Dc9a3203Y8CG7z0zOSJC4QYKfd_ciXHtI29eGc5d-Wf7mQPZAT6O404oCO5AwKVPsKq5hHCvU59ybqHFW7o15Ovdu1Az8

Request Chain 152

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHDcgZa4WSvbVsUG2pOxiHo&google_cver=1&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWlM25HbO2XujoP_mp3MckkmXyB8_N8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHDcgZa4WSvbVsUG2pOxiHo&google_cver=1&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWlM25HbO2XujoP_mp3MckkmXyB8_N8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0NzYyNzI0MjEyNjMwNTYw&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWlM25HbO2XujoP_mp3MckkmXyB8_N8

150 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bus.com.ua/ 59 KB
13 KB 240ms
51ms Document
text/html 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 4354e70ef0a0e3080b74fba3ffda889d0dd658b2e559d8d54d99f695728699e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=WINDOWS-1251
Date: Thu, 05 Jan 2023 06:09:13 GMT
Server: nginx/1.4.7
Transfer-Encoding: chunked

GET
H/1.1 200
OK bus.css
bus.com.ua/main/ 4 KB
2 KB 99ms
50ms Stylesheet
text/css 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: http://bus.com.ua/main/bus.css
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: f594be4989691157e32afa97129bad288200a19864c15ffa24d3abd5784f80e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 12:38:03 GMT
Server: nginx/1.4.7
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK lang__uk.png
bus.com.ua/main/googletrans2021/images/ 214 B
450 B 100ms
51ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__uk.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 74ffdc446645a1bb680238877a898e86c51f42ce06b82caa207884e682ccddf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-d6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 214

GET
H/1.1 200
OK lang__ru.png
bus.com.ua/main/googletrans2021/images/ 899 B
1 KB 50ms
50ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__ru.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-383"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 899

GET
H/1.1 200
OK lang__pl.png
bus.com.ua/main/googletrans2021/images/ 279 B
516 B 51ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__pl.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: bf2d21352d39531cbe6fcfdf7c79d1ab36a1f580c46cc9d436de0dc4bea7e9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-117"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279

GET
H/1.1 200
OK lang__cs.png
bus.com.ua/main/googletrans2021/images/ 432 B
669 B 75ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__cs.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: c09f1eba4042eabe754624d431fde12951731db71a048d8980d9fa0906799764

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 18:43:04 GMT
Server: nginx/1.4.7
ETag: "61214938-1b0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 432

GET
H/1.1 200
OK lang__en.png
bus.com.ua/main/googletrans2021/images/ 1 KB
1 KB 144ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__en.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 270665a3d97e7d35e67813df4aef7c8dd7a31ba1795c72568a74e796337aa193

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-4d5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1237

GET
H/1.1 200
OK lang__de.png
bus.com.ua/main/googletrans2021/images/ 302 B
539 B 154ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__de.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 22afd4aaee14dea5dd0e34ac845e57585b18db3ef1d3390170ec8b7428ab99cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-12e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 302

GET
H/1.1 200
OK lang__es.png
bus.com.ua/main/googletrans2021/images/ 1 KB
2 KB 205ms
50ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/googletrans2021/images/lang__es.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 81323484fb01528c9ac56bc226165b30a712823a85d9a7b7ac59e77ce1b6810f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "61211a15-551"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1361

GET
H/1.1 200
OK bus.gif
bus.com.ua/main/ 2 KB
2 KB 68ms
50ms Image
image/gif 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/main/bus.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 0129f2609dce9cc375972acd7328216add961d31b58da45a7b2ca3eb40807acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Wed, 01 Sep 2021 12:22:59 GMT
Server: nginx/1.4.7
ETag: "612f70a3-770"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1904

GET
H/1.1 200
OK payticket.png
bus.com.ua/images/ 668 B
905 B 67ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/payticket.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 628b1ff2d763eb9fb6d81ad38545bc3164f63e9cc096117d6bbc606e8eacfe15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Tue, 25 Aug 2009 15:08:05 GMT
Server: nginx/1.4.7
ETag: "4a93fe55-29c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 668

GET
H/1.1 200
OK order.gif
bus.com.ua/images/ 979 B
1 KB 62ms
49ms Image
image/gif 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/order.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 7afa3d982e22e63528bd24faeb45ac4884bd0efd282d6bbcc43bd0793c6ddb9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 24 May 2003 01:05:57 GMT
Server: nginx/1.4.7
ETag: "3ecec575-3d3"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 979

GET
H/1.1 200
OK tablo.png
bus.com.ua/images/ 747 B
984 B 57ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 13c281d9ffb2d4bc9d8635c0f5f295af6012ee5b0a36e0f216a144e5892c74d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Tue, 31 Mar 2009 18:45:56 GMT
Server: nginx/1.4.7
ETag: "49d264e4-2eb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 747

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 99 KB
36 KB 68ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d23327687acbb7ad8c16cb8b9c76f1328ec1b7b1471a557d429eab6c277380d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 10517024887288399786
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 36324
X-XSS-Protection: 0
Expires: Thu, 05 Jan 2023 06:09:13 GMT

GET
H/1.1 200
OK keyt.gif
bus.com.ua/ 132 B
368 B 60ms
49ms Image
image/gif 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/keyt.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 109fd47c58f7b0aa694da65dee308ded227b25bb0c2f9c6cb89ffcec5b46fa8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 24 May 2003 01:11:24 GMT
Server: nginx/1.4.7
ETag: "3ecec6bc-84"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 132

GET
H/1.1 200
OK tablo.ok.png
bus.com.ua/images/ 746 B
983 B 54ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo.ok.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 4f60c36a88cb05ebcd96a558d79ad4419a86e4f2d13313ab14b36d87ac5b0432

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Wed, 01 Apr 2009 11:44:32 GMT
Server: nginx/1.4.7
ETag: "49d353a0-2ea"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 746

GET
H/1.1 200
OK tablo-yel.png
bus.com.ua/images/ 744 B
981 B 61ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo-yel.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 391dffa2c2325c8babe1d2846a4e0017afb4ab059aceb137259d6d4b61a8cb3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Wed, 01 Apr 2009 11:44:32 GMT
Server: nginx/1.4.7
ETag: "49d353a0-2e8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 744

GET
H/1.1 200
OK tablo-no.png
bus.com.ua/images/ 736 B
973 B 88ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo-no.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 8c7cbc7d274513a2d809ae402522b626e2a9ed6f54ff39561ea57ac36a6a62e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Wed, 01 Apr 2009 11:44:32 GMT
Server: nginx/1.4.7
ETag: "49d353a0-2e0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 736

GET
H/1.1 200
OK tablo-red.png
bus.com.ua/images/ 777 B
1014 B 83ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/tablo-red.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: e99a6f0f8e700a9d1d45f7fd8e731f2899ffb5778bc8ab833eb7b629b14572ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Wed, 01 Apr 2009 11:44:32 GMT
Server: nginx/1.4.7
ETag: "49d353a0-309"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 777

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 78ms
55ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1442 / 76 of 1000 / last-modified: 1672873566"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27560
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 05 Jan 2023 06:09:13 GMT

GET
H/1.1 200
OK SecondExample.html Show response
ticket.bus.com.ua/static/partner/ Frame 2E35 1 KB
895 B 210ms
49ms Document
text/html 193.243.159.5
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.243.159.5 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: ssl.bus.com.ua
Software: nginx/1.8.1 /
Resource Hash: 8febbb773317577fbc7318af538d7e16d901bbd3c65bf40f71de49b788fd9705

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Jan 2023 06:09:13 GMT
ETag: W/"c0cfc-4b9-49f284b14b880"
Last-Modified: Wed, 23 Mar 2011 15:48:34 GMT
Server: nginx/1.8.1
Transfer-Encoding: chunked

GET
H/1.1 200
OK new.png
bus.com.ua/images/ 1 KB
1 KB 67ms
49ms Image
image/png 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bus.com.ua/images/new.png
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: aaef4bd6874180c5867c14dcbe4a06c48dcbd75cac41c0158165a69a50984699

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sun, 01 Aug 2010 17:49:45 GMT
Server: nginx/1.4.7
ETag: "4c55b3b9-4d9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1241

GET
H/1.1 200
OK /
c.bigmir.net/ 591 B
846 B 96ms
33ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.bigmir.net/?s3550&t11&l1
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 28db2f6f57aed58ba08da244a310d536bdf8e1835a36a1c65e7c8044817b7c91

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:09:13 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK seckey.cgi
secondary.net.ua/cgi-bin/ 649 B
895 B 163ms
81ms Image
image/png 193.201.116.4
SNU

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://secondary.net.ua/cgi-bin/seckey.cgi
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.201.116.4 , Ukraine, ASN29663 (SNU, UA),
Reverse DNS: www.secondary.net.ua
Software: Apache/2.4.54 (FreeBSD) OpenSSL/1.1.1o-freebsd PHP/7.4.33 mod_auth_pgsql/2.0.3 /
Resource Hash: 57dc1c8f6e8b26c2cb6506fd038d01dd9a8ad08e6cd3dc5230679adb3200ffaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Server: Apache/2.4.54 (FreeBSD) OpenSSL/1.1.1o-freebsd PHP/7.4.33 mod_auth_pgsql/2.0.3
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 649
Content-Type: image/png

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ 2 KB
2 KB 30ms
12ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17108
x-jsd-version: 2.2.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19178-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdN5s4Iz95y0QJZAFeMrpC5DY91gcL68dl7TrTsyHFp0hNfC%2FrjuVCQMuD8umaQV4%2FdltCCQbRWa8ABnI0qUIHu7gdcFA3fTIuDHquak%2B3Y7j6EGMmynLaQ%2FMDz9ZJmx0e1pcwmV1E0RvuFPfwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 784a0b3a0a472bda-FRA

GET
H/1.1 200
OK google-translate.js Show response
bus.com.ua/main/googletrans2021/ 3 KB
4 KB 49ms
49ms Script
application/javascript 193.243.159.4
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: http://bus.com.ua/main/googletrans2021/google-translate.js
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.243.159.4 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: sm.bus.com.ua
Software: nginx/1.4.7 /
Resource Hash: 758ef9d3380afc249880e748021a7e0498df092748ca875086a44d9d8662f379

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Sat, 21 Aug 2021 15:21:57 GMT
Server: nginx/1.4.7
ETag: "1a112-d18-5ca13583aef40"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3352

GET
H2

200

element.js Show response
translate.google.com/translate_a/
Redirect Chain

http://translate.google.com/translate_a/element.js?cb=TranslateInit
https://translate.google.com/translate_a/element.js?cb=TranslateInit

75 KB
26 KB

44ms
23ms

Script
text/javascript

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=TranslateInit

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea5dd1c1a73dd168756ec9b63300e21d595014f914bc084c987a7b0239ad13e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:09:13 GMT
X-Content-Type-Options: nosniff
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://translate.google.com/translate_a/element.js?cb=TranslateInit
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
118 KB 114ms
93ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071251

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a52016504a524c9dbf935d4ab7e67fd1c638c7bb11c0532b23794f6e4963793a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119795
x-xss-protection: 0
server: cafe
etag: 15244691299536552199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:09:13 GMT

GET
H/1.1

200
OK

06.gif
i.bigmir.net/cnt/
Redirect Chain

http://c.bigmir.net/?s3550&t6&c1&d24&r1600
http://i.bigmir.net/cnt/06.gif

43 B
326 B

77ms
32ms

Image
image/gif

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.bigmir.net/cnt/06.gif
Requested by: Host: bus.com.ua
URL: http://bus.com.ua/
Protocol: HTTP/1.1
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 43
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:09:13 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/06.gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

81ms
20ms

Script
text/javascript

2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:42:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1584
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 05 Jan 2023 07:42:49 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 41ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 22:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jan 2024 22:32:18 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 64 B
692 B 74ms
41ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bus.com.ua

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

869a52816f64d3b93295748b7508b4a340a254133e91b7a567bf591780eb94e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:09:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 102ms
41ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 104 KB
24 KB 542ms
542ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2903311045262460&correlator=693618060962195&eid=31071324%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=58316593%2CTop_728_90%2C%D0%91%D0%BE%D0%BA%D0%BE%D0%B2%D0%BE%D0%B9_240_40%2C%D0%9D%D0%B8%D0%B6%D0%BD%D0%B8%D0%B9_%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B0_300_600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=468x60%7C728x90%7C970x90%2C120x240%7C160x600%7C180x150%7C200x200%7C234x60%7C240x400%7C250x250%7C300x100%7C300x250%7C300x600%7C336x280%2C120x240%7C160x600%7C200x200%7C240x400%7C250x250%7C300x100%7C300x250%7C300x600%7C320x50%7C336x280&ifi=4&adks=3588908713%2C1823499187%2C1598683731&sfv=1-0-40&sc=0&cookie_enabled=1&abxe=1&dt=1672898953471&lmt=1672898953&dlt=1672898953107&idt=331&adxs=1125%2C-9%2C-9&adys=108%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fbus.com.ua%2F&frm=20&vis=1&psz=474x6%7C0x-1%7C0x-1&msz=468x0%7C0x-1%7C0x-1&fws=0%2C2%2C2&ohw=0%2C0%2C0&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727b556426274697111e63749c1b803592d6cef97d36676c70cee10a82bbd1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24002
x-xss-protection: 0
google-lineitem-id: 77831313,-1,77313033
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 28809602313,-1,28044797913
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://bus.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2806fb5259d3c70583b851fc09238c15.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 828F 6 KB
3 KB 62ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2806fb5259d3c70583b851fc09238c15.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:13 GMT
expires: Fri, 05 Jan 2024 06:09:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK SecondExampleV2.js Show response
ticket.bus.com.ua/static/partner/ Frame 2E35 4 KB
4 KB 49ms
49ms Script
application/javascript 193.243.159.5
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.bus.com.ua/static/partner/SecondExampleV2.js
Requested by: Host: ticket.bus.com.ua
URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.243.159.5 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: ssl.bus.com.ua
Software: nginx/1.8.1 /
Resource Hash: 73f9ed5e274177267ee4a491c608b7b52a4ca9e867c35400053cc8f8cbaff386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Last-Modified: Wed, 23 Mar 2011 15:29:46 GMT
Server: nginx/1.8.1
ETag: "c0cfd-f9d-49f2807d8ce80"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3997

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1519886793&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1519886793&utmhn=bus.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=199089328.1672898953&jid=405928967&_v=5.7.2&z=1519886793

35 B
430 B

74ms
21ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=199089328.1672898953&jid=405928967&_v=5.7.2&z=1519886793

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:09:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:13 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8590699-1&cid=199089328.1672898953&jid=405928967&_v=5.7.2&z=1519886793
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 36ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bus.com.ua&callback=_gfp_s_&client=ca-pub-5671548447692744&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fc6ddbd6339fb0a71978a09f3b94f036a9135b507bd0f19fe5caf3510c1b9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41D6 89 KB
32 KB 519ms
498ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953299&bpp=12&bdt=193&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=1034917826114&frm=20&pv=2&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HsbfHA1Olm&p=http%3A//bus.com.ua&dtd=229

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ce808cb97e7d2258c45dc23bfe13d0542b83671dd449aa34bc2352aec152c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32225
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:14 GMT
expires: Thu, 05 Jan 2023 06:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 26FB 436 B
792 B 82ms
69ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=90&adk=2424164121&adf=3981000633&w=160&lmt=1672898953&format=160x90_0ads_al_s&color_bg=FFFFFF&color_border=336699&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953313&bpp=3&bdt=206&idt=221&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_slotnames=4936604726&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=13&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Cebr%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=FUHjv1uytu&p=http%3A//bus.com.ua&dtd=223

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95df52a5bc11f59b2262f48a414340f4886e42106df151bb0e4cd9f993fd8780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:13 GMT
expires: Thu, 05 Jan 2023 06:09:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74D2 96 KB
34 KB 644ms
638ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953324&bpp=12&bdt=217&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=yIg4vK5izV&p=http%3A//bus.com.ua&dtd=219

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ab01ed9ad7aa8d158839ce71895ddb5ac06ea4a1304ac0bf2198ca5af06e85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35122
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:14 GMT
expires: Thu, 05 Jan 2023 06:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET bus.css
bus.com.ua/main/ Frame 2E35 0
0

GET
H/1.1 200
OK SellListV2-Start_ru.utf8 Show response
ticket.bus.com.ua/static/partner/v2/ Frame 2E35 57 KB
14 KB 100ms
99ms XHR
text/plain 193.243.159.5
VINNEST-AS VinNes...

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.bus.com.ua/static/partner/v2/SellListV2-Start_ru.utf8
Requested by: Host: ticket.bus.com.ua
URL: https://ticket.bus.com.ua/static/partner/SecondExampleV2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.243.159.5 , Ukraine, ASN28750 (VINNEST-AS VinNest ISP Autonomous System, UA),
Reverse DNS: ssl.bus.com.ua
Software: nginx/1.8.1 /
Resource Hash: 737fa2060bec5738e224e6697a1a6875e5308b7a9224d63b74e27453d9141843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Jan 2023 00:37:38 GMT
Server: nginx/1.8.1
ETag: W/"c288a-e40b-5f1798203d491"
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Connection: keep-alive

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 34ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:49:56 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/ 207 KB
74 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/exm=el_conf/ed=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de._vxCRCupBf4.O/d=1/rs=AN8SPfryv0FA1Eq2T42h4tNtfa8kXID3gw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75142
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 22:10:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 17:56:29 GMT

GET
DATA 200
OK truncated Show response
/ Frame 4B85 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 82ms
20ms Image
image/png 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:58:13 GMT
x-content-type-options: nosniff
age: 660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jan 2024 05:58:13 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 80ms
21ms Image
image/png 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:04:39 GMT
x-content-type-options: nosniff
age: 274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 05 Jan 2024 06:04:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB00 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0N1JUkBY3UUQ2ogIgclqQi5uuLl4H46P5M3QWhwyCyYRgKuT_PALqeDYtlbAcVjFzGMot8Hvr-2jQX3B0Xs50E6cAflJh27EIlT8GkeZyaVijx-3BqB_ees9uTI947D--__9BBDREngK5JIOGIsL9LtzfDxmNVRHal7ggFcM7iFPJmuuOz0Ov76xTnY-snM52ScR6ai4_uRraLeKGzqbSxivwyfdIzQhEw6MBLo9tqRN-wCgXnVfm-9qVf4LIHukSMfVKerGoXFnXqBXtFVPbJB5Nfydj0t8rZCjkPxPcuA_5MlRSbXE&sai=AMfl-YTkbP7_-ZP5tOn9_DtfEYJuKnOVIcQ5ct8u_ZupckROPqs3W8nzjB_hPGj4AfFihIajAla5EH9tnVz3QlpvMj-ReOhb66Nbir1u4GToVDWah6L3jzSj1aLLINlYmhYbr1Wwb8j_asnVg1bOkiCUAQ&sig=Cg0ArKJSzIdl3W57LhxqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: bus.com.ua
URL: http://bus.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FB00 145 KB
52 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad8d2cd94034c74bab9f41df29343beb6f51bfb723d5338da211bcc9d6be4ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:09:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52305
X-XSS-Protection: 0
Server: cafe
ETag: 8212591976007414406
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB00 154 KB
48 KB 140ms
79ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 41D6 6 KB
1 KB 113ms
42ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953299&bpp=12&bdt=193&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=1034917826114&frm=20&pv=2&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HsbfHA1Olm&p=http%3A//bus.com.ua&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 05:35:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 41D6 2 KB
818 B 111ms
26ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 41D6 24 KB
10 KB 105ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 41D6 3 KB
1 KB 103ms
26ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 41D6 18 KB
7 KB 108ms
23ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41D6 154 KB
47 KB 190ms
147ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 41D6 34 KB
14 KB 64ms
21ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 41D6 0
0 67ms
53ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTe-QiWm2Y8jLIpal9u8P_pa2gAHcqu2Nbdnap8ygELCQHxABIKW5mQVgleKQgqAHoAHx27azAcgBCagDAcgDywSqBL0BT9CjrYG88C5lVAROWdzrWGGi2piGxQk0MOmjbMk8OgwGfT6HUL5eTqb62uHB0WjwlpqRKf-qSDcAEJPpDJbXzb_5u7EFkT77DWHL0eZEY30I3ASLob9q3oMtapZ3QIhYuuCXjUyMVlq6urcMoi7JmKXkTiog4SerZ1yVWuOS0k4RN_cBG5-lMcuX3QdUvRddnoVW8Y8GLr3uTbIWDlKPlAWMFCr98AIqrIfqGeuODU7hL41LktSRgtF4tX-twASUnNjglASSBQQIBBgBkgUECAUYBKAGLoAH96PJzAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDC8wTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItNTY3MTU0ODQ0NzY5Mjc0NBgA&sigh=ViG1JRbY3Kw&uach_m=[UACH]&cid=CAQSGwDq26N9tgy7QWHFLnvzkrGKJQ_MoAS-xGko_xgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=400&slotname=4936604726&adk=3433066924&adf=1015941482&pi=t.ma~as.4936604726&w=240&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953299&bpp=12&bdt=193&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&correlator=1034917826114&frm=20&pv=2&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=46&ady=669&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cp&abl=XS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HsbfHA1Olm&p=http%3A//bus.com.ua&dtd=229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/14388598543903892393/ Frame 41D6 20 KB
20 KB 107ms
33ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14388598543903892393/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbabc663867e8a13bca412facf5eeed52e06264f0ba1466d71d1710510fe86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:13:18 GMT
x-content-type-options: nosniff
age: 14156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20269
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 06:19:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 02:13:18 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/12290495366918737369/ Frame 41D6 1 KB
1 KB 107ms
33ms Image
image/png 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12290495366918737369/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74ff49b76ac1d9686f6d10b100938a8d4ef056ec3e2fb465a0594bc129ff7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 02:13:18 GMT
x-content-type-options: nosniff
age: 14156
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1136
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 08:48:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 05 Jan 2024 02:13:18 GMT

GET
DATA 200
OK truncated
/ Frame 41D6 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ Frame FB00 356 KB
117 KB 93ms
79ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071168

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dab4162aa61582f9954cd59aeb9f037fcca94888cd9e77f4036ca1650e683aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119980
x-xss-protection: 0
server: cafe
etag: 11883359510380617878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 42B1 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:28:54 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 04:28:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 74D2 2 KB
765 B 63ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953324&bpp=12&bdt=217&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=yIg4vK5izV&p=http%3A//bus.com.ua&dtd=219

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 74D2 24 KB
9 KB 66ms
24ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 74D2 3 KB
1 KB 52ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 74D2 18 KB
7 KB 63ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74D2 154 KB
47 KB 98ms
56ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:09:14 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 74D2 34 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74D2 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C85_CiWm2Y5DBIqDX7_UP6YqaoA3Igam0bPOd5LWbEdfBpeCVDhABIKW5mQVgleKQgqAHoAHNtZHvKMgBAakCBmGgCJTKsT6oAwHIA8sEqgTNAU_QD0-hIRp9JGobRWzGnHl5ebGyxsq4_dgVtbqlqHII063WytQz1Oph1N7IdTPRvqVyy39119vPXuEE2zUt-slJtOv7EvVoaPiisOSzYJ_--3suFTa_CQfoWw8dM60ZjASEjmcOvTHkoAT-uQK1oacC4IfSs6VZAXwWCTUVRfXEUTCRG-vKbuzC4ph8Hr_SVV0f9rnQ33fotvF_bYyg5SXo4-9BVXMIj6G7ifaiUYfm1yxh3Bb16Sjns-_DQq5VTHLGOpoz4hnxKjvAM9DABMCi88OXBJIFBAgEGAGSBQQIBRgEoAYCgAfN7eHOA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM_kBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTU2NzE1NDg0NDc2OTI3NDQYAA&sigh=dREdGNZSDTw&uach_m=[UACH]&cid=CAQSGwDq26N91gvsm9Lc0B0NSh60ztQLL0zS_fY-nBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=280&slotname=6055777524&adk=830138826&adf=2700515735&pi=t.ma~as.6055777524&w=336&lmt=1672898953&url=http%3A%2F%2Fbus.com.ua%2F&wgl=1&dt=1672898953324&bpp=12&bdt=217&idt=216&shv=r20230103&mjsv=m202212070101&ptt=5&saldr=sa&abxe=1&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1254&ady=554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&pvsid=2903311045262460&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=yIg4vK5izV&p=http%3A//bus.com.ua&dtd=219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 8295444130259633255
tpc.googlesyndication.com/daca_images/simgad/ Frame 74D2 40 KB
40 KB 154ms
129ms Image
image/jpeg 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8295444130259633255?w=600&h=500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de013e4043552cca3ef3dc94ba30350ff33b428799653375ceaac70ec9611d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40865
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 18:08:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Jan 2023 06:09:14 GMT

GET
DATA 200
OK truncated
/ Frame 41D6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 383d3f8af7d4fe5f405e0db9d4aeaa8147aaa1641ae2cfb49b17823ada35f4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FB00 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 304da9143c0b1fe3da015969b5e7f6e1449ff08cacd1b6209d5d9d68efa738b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 74D2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6755641a64b3cf0398d6783fc97812f2c50544ac18865910d96f138db8da5238

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41D6 15 KB
15 KB 86ms
25ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:33:00 GMT
x-content-type-options: nosniff
age: 38174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 19:33:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41D6 15 KB
16 KB 80ms
20ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 19:33:08 GMT
x-content-type-options: nosniff
age: 38166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 19:33:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41D6 15 KB
15 KB 100ms
41ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:58:46 GMT
x-content-type-options: nosniff
age: 15028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:58:46 GMT

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame AD23 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame FB00 214 B
226 B 30ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bus.com.ua&callback=_gfp_s_&client=ca-pub-5671548447692744&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5671548447692744&plah=bus.com.ua&bust=31071168

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6608d2d74dcc65a634e8f6ef9e06230ea670014705e46153e636fd9c56037dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame FB00 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FB00 107 B
122 B 96ms
55ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B5C 89 KB
33 KB 444ms
444ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=60&slotname=8053887928&adk=1376645091&adf=3173046727&pi=t.ma~as.8053887928&w=468&fwrn=3&lmt=1672898954&format=468x60&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672898954202&bpp=4&bdt=128&idt=230&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&correlator=1034917826114&frm=23&ife=4&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=762361653&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=80&biw=1600&bih=1200&isw=468&ish=60&ifk=1148333615&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071168%2C44779794%2C44780792&oid=2&pvsid=2112045365156887&tmod=1990183388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9n9xghfrvb6t&fsb=1&dtd=244

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b06063a639c069ef96d4a40155e7ca25b7fca36806c95862d871e2c3e8dcaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34090
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame AFF4 36 KB
16 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2B5C 8 KB
895 B 84ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=60&slotname=8053887928&adk=1376645091&adf=3173046727&pi=t.ma~as.8053887928&w=468&fwrn=3&lmt=1672898954&format=468x60&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672898954202&bpp=4&bdt=128&idt=230&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&correlator=1034917826114&frm=23&ife=4&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=762361653&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=80&biw=1600&bih=1200&isw=468&ish=60&ifk=1148333615&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071168%2C44779794%2C44780792&oid=2&pvsid=2112045365156887&tmod=1990183388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9n9xghfrvb6t&fsb=1&dtd=244

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 06:07:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:09:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2B5C 2 KB
765 B 20ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 2B5C 24 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2B5C 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 2B5C 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2B5C 0
0 42ms
15ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9q_d1wPYV-wzXMRydcrzCWiYJHwU6k003cTo4S2kjoq3d4-kE98rhnfL7f8b9y7jfTinN8yax7s-TBkSRAwhizmHpAw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=60&slotname=8053887928&adk=1376645091&adf=3173046727&pi=t.ma~as.8053887928&w=468&fwrn=3&lmt=1672898954&format=468x60&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672898954202&bpp=4&bdt=128&idt=230&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&correlator=1034917826114&frm=23&ife=4&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=762361653&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=80&biw=1600&bih=1200&isw=468&ish=60&ifk=1148333615&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071168%2C44779794%2C44780792&oid=2&pvsid=2112045365156887&tmod=1990183388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9n9xghfrvb6t&fsb=1&dtd=244
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B5C 154 KB
47 KB 87ms
86ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:09:15 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 2B5C 34 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2B5C 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6gKaimm2Y7T3HM-Ltwe8kpjABdSC6KNrh8TF4fAQ05WzupYOEAEgpbmZBWCV4pCCoAegAe_guZsDyAEBqQIGYaAIlMqxPqgDAcgDywSqBLUBT9A7MuOEgmxJ7zhuSDA4Y1_FCER47DHO8duTeRBFzwBj35cDzYzQX9-_RW1TJ4FkkFHv_kUYiJdo-ld9SvqDEV4kq7fzitxjeYz4IOjcs1Geb9H7YpghX2-kirWfHPchGg8zpl_zDkglXHkaxm8wmNwYAw7BDlh1Ej1IZ67Lh_GCtdr6a_ouxD3MkwX0kRWSQ1iLzwwLDMU-0mOy-IYXkbIFxoD1T_8C1y4DRKTzkZAwWWARH8AEvsPsm5QEkgUECAQYAZIFBAgFGASAB_mexmSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC3qAbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi01NjcxNTQ4NDQ3NjkyNzQ0GAA&sigh=a1ynIAY5Nak&uach_m=[UACH]&cid=CAQSOwDq26N93uo-joSdiKTYyG6hiR_u5aS9Jr3WnPJnlwWZk-bsbCYbnBGqkJpn9XktGJHeKt-lp3BJgfODGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=60&slotname=8053887928&adk=1376645091&adf=3173046727&pi=t.ma~as.8053887928&w=468&fwrn=3&lmt=1672898954&format=468x60&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672898954202&bpp=4&bdt=128&idt=230&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&correlator=1034917826114&frm=23&ife=4&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=762361653&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=80&biw=1600&bih=1200&isw=468&ish=60&ifk=1148333615&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071168%2C44779794%2C44780792&oid=2&pvsid=2112045365156887&tmod=1990183388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9n9xghfrvb6t&fsb=1&dtd=244
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 899B 143 B
166 B 8ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=60&slotname=8053887928&adk=1376645091&adf=3173046727&pi=t.ma~as.8053887928&w=468&fwrn=3&lmt=1672898954&format=468x60&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672898954202&bpp=4&bdt=128&idt=230&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&correlator=1034917826114&frm=23&ife=4&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=762361653&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=80&biw=1600&bih=1200&isw=468&ish=60&ifk=1148333615&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071168%2C44779794%2C44780792&oid=2&pvsid=2112045365156887&tmod=1990183388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9n9xghfrvb6t&fsb=1&dtd=244
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:07:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DF8D 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 15:03:50 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 15:03:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2B5C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24ca2d77541439710b2cabc8345fa07bef8653066feef18b39309610dcdfc5c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF8D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECdKkwSbDeUque_5VN6hG5c&google_push=AavPq0MvqVkW6RDcI2QF2TBQF3GuyrD8QlKkkRZYZpGabRthowxJltBeNU...

170 B
188 B

72ms
46ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECdKkwSbDeUque_5VN6hG5c&google_push=AavPq0MvqVkW6RDcI2QF2TBQF3GuyrD8QlKkkRZYZpGabRthowxJltBeNUx6OnhoFEdAjKAt0ke5HtOLnBq4u2URtrhbmxZ9oWpz

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220088-HHN
pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672898955.068946,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECdKkwSbDeUque_5VN6hG5c&google_push=AavPq0MvqVkW6RDcI2QF2TBQF3GuyrD8QlKkkRZYZpGabRthowxJltBeNUx6OnhoFEdAjKAt0ke5HtOLnBq4u2URtrhbmxZ9oWpz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF8D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGQr_fTCzOkBQKXcZFs-crg&google_cver=1&google_push=AavPq0Ogt3rhf4sbCXbmzypI591NwW67KnWpksb7U4nka6hqUvWAVRcTutQI0nkX_jgWBFZFko91RYsxOxy_-CbQAi6g4gOH4GSnnQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4E57C87F6DB4ABEBF42659C3B2ECB8A&google_push=AavPq0Ogt3rhf4sbCXbmzypI591NwW67KnWpksb7U4nka6hqUvWAVRcTutQI0nkX_jgWBFZFko91RYsxOxy_-Cb...

170 B
232 B

61ms
44ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4E57C87F6DB4ABEBF42659C3B2ECB8A&google_push=AavPq0Ogt3rhf4sbCXbmzypI591NwW67KnWpksb7U4nka6hqUvWAVRcTutQI0nkX_jgWBFZFko91RYsxOxy_-CbQAi6g4gOH4GSnnQ

Requested by

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:09:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C4E57C87F6DB4ABEBF42659C3B2ECB8A&google_push=AavPq0Ogt3rhf4sbCXbmzypI591NwW67KnWpksb7U4nka6hqUvWAVRcTutQI0nkX_jgWBFZFko91RYsxOxy_-CbQAi6g4gOH4GSnnQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 04 Jan 2023 06:09:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF8D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEI7URPebuBaiiQMzr1AAhP4&google_cver=1&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvTkg...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI7URPebuBaiiQMzr1AAhP4&google_cver=1&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvT...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvTkgr5lXk

170 B
188 B

93ms
50ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvTkgr5lXk

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0OlUamPce3rRQLtaUiqh8ePJQX-EZY4ik59ToGKl43xeWTGZfiiH4dFT8O__3z_pgmeVlvZBFkGCbBj5FLY-LpvTkgr5lXk
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF8D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJCGQ9IykPvhrRFoyLcS5xw&google_cver=1&google_push=AavPq0PKb0lDSR_lS4dSWiobtJFcp6GDxEPvQWZagofCbwbX1w6IYumL8_KMDEjrOJA0vH5Q_cIuArUy5KPV...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PKb0lDSR_lS4dSWiobtJFcp6GDxEPvQWZagofCbwbX1w6IYumL8_KMDEjrOJA0vH5Q_cIuArUy5KPV61kzjmWmlNs4JqsA

170 B
329 B

70ms
43ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PKb0lDSR_lS4dSWiobtJFcp6GDxEPvQWZagofCbwbX1w6IYumL8_KMDEjrOJA0vH5Q_cIuArUy5KPV61kzjmWmlNs4JqsA

Requested by

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0PKb0lDSR_lS4dSWiobtJFcp6GDxEPvQWZagofCbwbX1w6IYumL8_KMDEjrOJA0vH5Q_cIuArUy5KPV61kzjmWmlNs4JqsA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DF8D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-ce33b4c8-af29-4ae9-8591-85afae1183c5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NQw4KT71q7lkTgbdQSQ...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ&google_hm=A84ztMivKUrphZGFr64Rg8U

170 B
188 B

71ms
45ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ&google_hm=A84ztMivKUrphZGFr64Rg8U

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NQw4KT71q7lkTgbdQSQb2h3wnIiyGFn8_m-HGOugPmaYtT3-_RM03xVxe_-Wi7W_qqWFKRRyFwIX8hXSDVwJ3BQmFu-99lGQ&google_hm=A84ztMivKUrphZGFr64Rg8U
date: Thu, 05 Jan 2023 06:09:15 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXce33b4c8af294ae9859185afae1183c5003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame DF8D 0
75 B 101ms
24ms Image
text/plain 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAZl6szwPlvSAoDmRedi6H4&google_cver=1&google_push=AavPq0Mgq8Fw12k4k6-VD7sVTiUPjowZmEOiwpW4gyZONmHaGzUgq70IgY6siWpjhe4mWm8P_BJ4iA-veI6jgTYGtqeUszi13Otnmg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&h=60&slotname=8053887928&adk=1376645091&adf=3173046727&pi=t.ma~as.8053887928&w=468&fwrn=3&lmt=1672898954&format=468x60&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&wgl=1&dt=1672898954202&bpp=4&bdt=128&idt=230&shv=r20230103&mjsv=m202212050101&ptt=9&saldr=aa&cookie=ID%3D2fc9d49f6c732393%3AT%3D1672898953%3AS%3DALNI_MYkBr6UuQzNRquhoTfFsEqZ3_m-mw&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&correlator=1034917826114&frm=23&ife=4&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=762361653&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=80&biw=1600&bih=1200&isw=468&ish=60&ifk=1148333615&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071168%2C44779794%2C44780792&oid=2&pvsid=2112045365156887&tmod=1990183388&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.9n9xghfrvb6t&fsb=1&dtd=244
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF8D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHnp52M6cLvLyHe1v-Y9OL4&google_cver=1&google_push=AavPq0OVHQnPve2aI...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHnp52M6cLvLyHe1v-Y9OL4%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI4MTI5MjE0MTIzNjc1Nzk0Mw%3D%3D&google_gid=CAESEHnp52M6cLvLyHe1v-Y9OL4&google_cver=1&google_push=AavPq0OVHQnPve2aImgFSNL9oE9Bv2gFGv...

170 B
232 B

43ms
43ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI4MTI5MjE0MTIzNjc1Nzk0Mw%3D%3D&google_gid=CAESEHnp52M6cLvLyHe1v-Y9OL4&google_cver=1&google_push=AavPq0OVHQnPve2aImgFSNL9oE9Bv2gFGv3LsjOj-5vl-DGwnePb-CQrajX0dOuFtL5vfKJx_XUFXf5ARs2R4Pn7x0MZ6CSQIegvLjg

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 05 Jan 2023 06:09:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.100; 146.70.117.100; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8ff3b0e6-1a98-4fef-8dbd-4f35d8ce5858
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjI4MTI5MjE0MTIzNjc1Nzk0Mw%3D%3D&google_gid=CAESEHnp52M6cLvLyHe1v-Y9OL4&google_cver=1&google_push=AavPq0OVHQnPve2aImgFSNL9oE9Bv2gFGv3LsjOj-5vl-DGwnePb-CQrajX0dOuFtL5vfKJx_XUFXf5ARs2R4Pn7x0MZ6CSQIegvLjg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DF8D 0
223 B 117ms
41ms Image
text/html 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lri62GlwRp_pinHBOU2RbAFPgGLdwBBoAk4yPMNuPbux-AqMDdZJYw9PrNaGseN4FWdl3AlA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 899B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
18ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:15 GMT
expires: Thu, 05 Jan 2023 06:09:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2B5C 28 KB
28 KB 60ms
20ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 20:38:02 GMT
x-content-type-options: nosniff
age: 34273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:38:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB00 0
0 62ms
46ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssihd_W3O1s-AgN_clAbY54CkideMPD43SYnUwS7ZfVZNGk0fzwUqzMIsv2OzFKxk4XmmN6b8L6pi9KAPUi2UzOlr1GBJzVKW6P3-EezV6u3YllVLUfEaeX4e9F0BIHBetKkFawtFE22_RmjBUbYUKBBFscGag-lNoyqMXy77Sj-_X7701PKj2Ei4_pCHzVAjJqydsdzvufebS1xW8sR2SkiNUkcyIdqSo3wZrATKUIB1rhv5967ZsKfwLCFjGQrJ4JM8eGXPMsqvKjaXOEbKlDEm5SxGOOZtzok88N3bqJUvJjPYPxUiD30g&sai=AMfl-YREn18DOAZVkaR6L13GzKGXzUrAwTKwb-QRZPYKbnEkF8SU3lRjX8scoR20b8ewhphti3JoLENoTo0SWx7GTdNQqgJXJrb7CbkaE1ZFmGvHEbgSQ1JqDT44i8IvN3f4TkT87PGozn1uzSjtngp1rQ&sig=Cg0ArKJSzOk_0P2oIWHfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:09:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FB00 14 KB
11 KB 71ms
57ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ef6bd4326a8cbe77c7aad11958118af36f9cb7c383e800a3c1b6025427a40d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11161
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b333023d9a82e57579e7180275dff046417b912eb4a2860ead06d352d41d3018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49541
x-xss-protection: 0
server: cafe
etag: 12079064210989493372
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:09:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 69ms
56ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

778765dc550fa70dba846d9bc267afa4b954189b5b1a7aeecd25998f77207429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame D962 36 KB
16 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FB00 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:09:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 166ms
166ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:09:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78E1 13 KB
5 KB 29ms
22ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:29:06 GMT
expires: Thu, 04 Jan 2024 21:29:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0A7 783 B
536 B 19ms
17ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

698367c52c1e4b9c6e1d3642b2bee2c8021780eb6b65ec945d495b15f7c418af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i5nGDibcjfUWDka14j7PQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-i5nGDibcjfUWDka14j7PQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:15 GMT
expires: Thu, 05 Jan 2023 06:09:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CAFA 120 KB
39 KB 643ms
642ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5671548447692744&output=html&adk=1812271804&adf=3025194257&lmt=1672898955&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fbus.com.ua%2F&ea=0&pra=7&wgl=1&dt=1672898955325&bpp=18&bdt=2218&idt=19&shv=r20230103&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fc9d49f6c732393-2251d59bfcda0001%3AT%3D1672898953%3ART%3D1672898954%3AS%3DALNI_Mba3tpyFsH2Y6HKWqKFNjaE7XUTYA&gpic=UID%3D00000b9d5c011c82%3AT%3D1672898953%3ART%3D1672898953%3AS%3DALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg&prev_fmts=160x90_0ads_al_s&prev_slotnames=4936604726%2C6055777524&nras=1&correlator=1034917826114&frm=20&pv=1&ga_vid=199089328.1672898953&ga_sid=1672898953&ga_hid=26500868&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777508%2C31071251%2C44780792&oid=2&psts=ACgb8tusDBQ-2p8IZm8oWR2YMTaJcXRSJaycqczYvykEoEAGlk9wG2EGG_1JBypSgtH8YvskXOev1z0JcPUL2VOa%2CACgb8tsq_8TrbmHFitr4pLFpSN5uiYf0izG7PcCg11c_tXTpXosVDV9T3EeCmIKKcOCEtQgXvEQrxzJ-tH7S0Ni7gA&pvsid=2903311045262460&tmod=1556002607&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=54

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70c4dc883d218071faf07279231d8fd4d4ddf76f435d26d7e2dbd54fdf885f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 40079
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41D6 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_3qeJNxwa_qzeSkcUtzjoMyt8DI71iW__uCc8tmZ_9YmAfntIIh070Ag9d34xH4erVb0ZRHjn7regOWMSIzv5dgXLt0TiK39g6CWZaPm1by1SqXH6RIt6YkVmooi8AxriiiAgkA&sai=AMfl-YTbKuleouzOumeELlzNCplcRDOzjm5rVZJz7jde5Jf86pJ1kQjl3PAIXc9IWGTyho8z7KEFSnpwACJJ8sk&sig=Cg0ArKJSzH1WJvOf2sUlEAE&cid=CAQSGwDq26N9tgy7QWHFLnvzkrGKJQ_MoAS-xGko_xgBIBM&id=lidar2&mcvt=1049&p=0,0,400,240&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3433066924&rs=2&la=0&cr=0&vs=4&r=v&rst=1672898953529&rpt=817&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FDB 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:29:06 GMT
expires: Thu, 04 Jan 2024 21:29:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1042 783 B
536 B 16ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0cc2aa8a9bc75108eab63c27bb2d381c45edb7371728fb21c5a910a8ae431c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V09k9KNr-nfB6XT0XcJQiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-V09k9KNr-nfB6XT0XcJQiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:09:15 GMT
expires: Thu, 05 Jan 2023 06:09:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0A7 0
0 40ms
40ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=2112045365156887&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 78E1 36 KB
16 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74D2 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyAJnfHvUaPH4Uk3oDJBtAp4I8IzbNJv_7F2Qo9y_qapY6kfblJCsOZspFimDkwdX5xk1gmYsNQCuvzYlW8UdtZpKZIBj5rfQHy8cjjwbDdZFoapulzvSNmVL9jmwa7AE69Bu1sg&sai=AMfl-YQKxqzmL-pYEGzdrGBY5NoHxLOMrjp6oGeclnvi2h9h1fUEmaWT78Aqt5_iQ5xJfQbJdkv1054IAHY8Hjk&sig=Cg0ArKJSzE1nttK5BjR4EAE&cid=CAQSGwDq26N91gvsm9Lc0B0NSh60ztQLL0zS_fY-nBgBIBM&id=lidar2&mcvt=1017&p=0,0,280,336&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=830138826&rs=2&la=0&cr=0&vs=4&r=v&rst=1672898953544&rpt=880&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1042 0
0 40ms
40ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=2903311045262460&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FDB 36 KB
16 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 78E1 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5JPhnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7FDB 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cpe_FQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071251

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50d9eea335953bf57d5b37de5df5c78dcfe5868d305be473b1cd10af7ced566c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52389
x-xss-protection: 0
server: cafe
etag: 15310266062984357156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:09:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB00 0
0 46ms
45ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=2112045365156887&bg=!AQKlAkbNAAYDMoyoIzI7ACkAdvg8WnBdDS4ktkGzrc3ti4E7yxYZSgbguFiKUubUSxTEjC8AFCWEXwIAAAB_UgAAAAFoAQcKADMH0wxOyJwG9VMt4uQLIqc1ac-OcAXhWmQCwy9FVX_n0t6KU_U6vPJuv2hWDFyzn8V0HlmZArsk2l56cGD6J65hHB6pvexqoXfVCBzNXaaglYno87WQK-cpMFxThAAxo2DB8e3KKf6z23xzwgl65ShLlpC6GcgPryFiJ3iUxx4UqHacqfdkwsYCWEBlT6koyIyvsSeS0V_OziR-6e7vcTQxsgEgkRZ95wflNs4Mw5AvEoRZNxBMvxemVPxieC8iC-3Vka1-3qP6b36K2uFg-0Hh3Aj4PRZ4isiXQya-32OL9jddqrNaZfJyQwWzf-Ce9prUpAgYRIE94C9fs-PMSrwyGhVjNbawVFcBn8mYnCqTYv_71IMlXg0GHOWkg-jm1_QTYVDIkVEsXlWEOmt7bONIzjEnNRf71tV_PY2GHfz93sFOPLRVX1EI9oUKgQrOFuR4EcKiw79CT0TgV3cwGkQgA1z0OUkAaeNHd8HXXBRRSgEigN_sO6Cs-RUcn-d3Cyqam0XTdhUylarH6GkW2weSnIusSfPXfJN0K3GmMtp97YOofSRSvzuqtRzBEBr3Ni52QP3K0SCAxfD42OHGHKswPHIdizzBGakLvg6OZJVM3g3BqXEguf3OWbkU31pX6Sb7zyJnx10qU-Tw3Vw6yZfn_kK2qqOqPWutsP43Of9maP0IO1Jfe5CDzLurtiyB21YQ8LFcjxuKMaziUGCE1_aJXyiBCbspuUnhicSivpJW2SXBB0HQG7P0HacZUrnsopkTtSMUQfsTVhsz-_0ttS4tTaZrYzb_0Z13YKhOpGWaBY34loXQspBLvgcxPxyTcZutNKieG2QpYen4cNxwIKCvF7G_0dyr28KFK_DERAVbztbFLibqLFBExCatnhW0OdEgGczqeLl5BGHp0cst_vdUhVlGwNEns30msJkYjiYhRpJQsvzxk8JRkGI3JiZXOKzCI7CrUuxX7bEznslR-MyIsol9bnZ6RfbwD2rBOSG4vG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B5C 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsud4wA99e-BJGTFZekizm3hTplH9eMJ6zZJ-4ceoZL8j4Oh_wyBsZDJAs9k71KDGIEhwetFVAZWeBiKAbQ6lAOJkJuKAT6B7fziQRgeoXEl1PaiQzJNXrJMSnu4fI3XyXmzz7AjAA&sai=AMfl-YRbaB0u4hZw3V-evk0QirrfcK4IwvCl-R9NXzWIRsCxC4SRbHvXpLmo9P-NwowN7frA8c1yLbJe2P-rXEA_DhO6ySPFyieOFJv618c3kyuqEjMeptwpws9SnCIP3Q&sig=Cg0ArKJSzGPo8QNurTljEAE&cid=CAQSOwDq26N93uo-joSdiKTYyG6hiR_u5aS9Jr3WnPJnlwWZk-bsbCYbnBGqkJpn9XktGJHeKt-lp3BJgfODGAEgEw&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1376645091&rs=2&la=0&cr=0&vs=4&r=v&rst=1672898954447&rpt=645&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB00 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8W-PL_RTlhlM1YPGXeP0F02fbtYgCcWcyHGsyOm0XZYxm_yNdFPrtkwSa3bvNQQeaRby2K88UzjW6m6yOBXSSR5elToRtxMgAVYDI__QSAq0GJVgK&sig=Cg0ArKJSzB-4uZbMivp0EAE&id=lidar2&mcvt=1001&p=80,1125,140,1593&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230104&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3588908713&rs=4&la=0&cr=0&vs=4&r=v&rst=1672898954075&rpt=1021&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=2903311045262460&bg=!AwClAETNAAYDMoyoIzI7ACkAdvg8WsgxGjK5OZA_M9E_ouCO7uHFGPAuyyPHDww00uLOzuIErh2_HgIAAABpUgAAAAdoAQcKAF8qih8KHEFZIKS3NesFVibXqmPpYpTkMkbfuxDWw_CULs2zfrnKdQ74iauR6qQVbnfDP08YJPTkgjCqtcRZxm11CTqPiYfXCUdkOYf-VYixnmSeDuAu1mwB7ix-RAyMf5kCnYxM4C_OIi820Bgbgyn2F0X_Q8hCxUzSNlRT8cX6FABZyMFX5E9VU2NDVxwa119EOCOr6dAfYhThLcibQh1N_49hi8nfQDWg129Ad9dTtvJuq2jDzcRfFstfsU0Bc9aek97hk7aJOTOC8_sRmOrRt52mqvwGNcai_qnyKRh2o81VEwgWR6e1g7wmn5kHITYvzN01ovoVZ8Rtkccj5PXzqPAImOhrb5vdlUhLo_Dr7bEnikOQd8hDJthX44_CuzMsOfJR3UGtGhnyJneatQ2qyg6iZ3DuMJRu1DfKWwgBwrY9QndyXYpGBfc0b-l4o_-2gISuNZwD9LLtXTIKCicH-YjR4pA-uW5gaXmIevjwXwIJdpatV_qwYZxifnFimI5PpYuumhpnQCwPPCBRx1wwlq6JHUpFWMNabOrig3xNkO_XJ63sYOO3j58gd30bdVzio2Typ2l1jh2Vb7xgfjyM5swsAcLo2SHgntOGCSepbVbiFR-Aho84aEMIwiIRHnGyPVPrXGDcIsNbAmld2OkYnYCiHl9vLgqQ3PER9IoADgAleGZCgPfgAS3VsnFfEKw_xI13EMkPn-BILGNCOmYZf1Oinjkh6KV9TmASXeONAz_t34lKd8MyWT3TQbfTj2TYgqTa1go-qVdwTA50Dqe9jrUysV2BolDoN4t5uIzcP25cLsbpmWvQQZELcciC9wqiy7Ap7nA9DrKhYmaFE0n62kbgDrGZ4LKWNwQ9b6iIzzJRFJ3vncNY8ZTM4G2mELBBurjf2vhf6KEY1ZBRXOCYs_2Sij6Hx1HtmVXRtP43lidbRY8hLNNmye0-AbgwYQCXatEyirRMh84VuDY6NdynD4kALwgl3bgMlWGpr4736Lx3NjXXsEauZ8Rhc4Smqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bus.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bus.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/ Frame EE88 10 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bus.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 10:02:02 GMT
etag: 10353107486223812946
expires: Wed, 18 Jan 2023 10:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 69c1ef8cd6705b780c90575bfa06206f.js Show response
www.gstatic.com/mysidia/ Frame EE88 9 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/69c1ef8cd6705b780c90575bfa06206f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Mar 2023 20:50:48 GMT

GET
H3 200 5068746d5b69c1ca0f802cf7a5a1468f.js Show response
www.gstatic.com/mysidia/ Frame EE88 10 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5068746d5b69c1ca0f802cf7a5a1468f.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 00:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4491
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Apr 2023 00:30:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EE88 8 KB
895 B 43ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 06:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:29:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 06:09:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EE88 2 KB
765 B 21ms
20ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame EE88 24 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9534
x-xss-protection: 0
server: cafe
etag: 3719958914939444779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EE88 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 04:28:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EE88 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 08:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Jan 2023 08:26:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EE88 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjTYaG61VHclkIQroBvepkKqP1dWjyhjDwREm6PuJHnrRvu2xLbU1A4I-lKmMVhf7JDFRuD3n7-qqjG8mYw4OyRAbvbA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE88 154 KB
47 KB 97ms
96ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:09:16 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame EE88 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:18:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:18:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE88 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIw5_i2m2Y-erGNL97_UPscWb-Anlge7dbYnikZSoDPXdytDULhABIKW5mQVgleKQgqAHoAGWqcP9AsgBAakCBmGgCJTKsT6oAwHIA8sEqgS-AU_QgTJxi83lpzBN1Tbt1zejYQ78-FlVPaCF_91IDy1NYuKrsPzhLOzkqSwLm7LOfPH6g8bmWsyDS7ynC4fxSwN-6txbWkbHM3hYl4u5T-UHlADjgvCQQ9SNkdxYJdNGYYbi5IDXOAv7UjGTQic3uE2Oz6N6HBwtCy3pjETItHff2cLhbECuRgRuFITR7QXjyS0NucsPXYjY0JAtaE5ImRxTROkR5WZQdUa7Mr2bVfjuhPu15frkNKfkogjETD3ABO3St5OcA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfS1ryCAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKqYE9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU2NzE1NDg0NDc2OTI3NDQYAA&sigh=pjEYp76AXq8&uach_m=[UACH]&cid=CAQSOwDq26N9-Qn8nRqz7j9SmcD5-ByoZjcFg3Th_0v5uDvw6_tzUmC5A9LW8079zgiglgQlzkNfTrUONZy9GAEgEw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 06:09:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 75FD 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 15:03:50 GMT
etag: 48472445140208031
expires: Thu, 05 Jan 2023 15:03:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE88 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f02ac9f26ddf4cf991bf2fc5903b36911c110ff6be2d27a224f7017ce84a94f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 75FD
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECJ6l9qqcdrZtqWygQ1ncAc&google_cver=1&google_push=AavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECJ6l9qqcdrZtqWygQ1ncAc&google_cver=1&google_push=AavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK...

43 B
423 B

179ms
164ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECJ6l9qqcdrZtqWygQ1ncAc&google_cver=1&google_push=AavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784a0b4e2b83912a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 502
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECJ6l9qqcdrZtqWygQ1ncAc&google_cver=1&google_push=AavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OoJmptzK0dujovOM4auqzEAEgh51xNepB9o6GckvW6UM3MNpjxPZO0zjaVLmTiECo0FzN7yKUeltwa-XHFyRZYP3eZQlK0b8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 784a0b4ce9f2912a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 75FD 70 B
265 B 132ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAxDaet9JCSnlhUcigSIkV0&google_cver=1&google_push=AavPq0PdcbDvtFDyh9-F4374lIdgJ91AZyIP6ExXRwSschzom6aUxty9SjBcfFZYV2Sef2C-bYwvYyDhSNqra5SODtgK875veMC6KPI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOeb7McabqBzzwNCoQ-Ngeg&google_cver=1&google_push=AavPq0N4n9Dc9a3203Y8CG7z0zOSJC4QYKfd_ciXHtI29eGc5d-Wf7mQPZAT6O404oCO5AwKVPsKq5hHCvU59y...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTA0NjMwNTUzODQzOTMxMQ%3D%3D&google_push=AavPq0N4n9Dc9a3203Y8CG7z0zOSJC4QYKfd_ciXHtI29eGc5d-Wf7mQPZAT6O404oCO5AwKVPsKq5hHCvU59ybqHF...

170 B
188 B

43ms
43ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTA0NjMwNTUzODQzOTMxMQ%3D%3D&google_push=AavPq0N4n9Dc9a3203Y8CG7z0zOSJC4QYKfd_ciXHtI29eGc5d-Wf7mQPZAT6O404oCO5AwKVPsKq5hHCvU59ybqHFW7o15Ovdu1Az8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTA0NjMwNTUzODQzOTMxMQ%3D%3D&google_push=AavPq0N4n9Dc9a3203Y8CG7z0zOSJC4QYKfd_ciXHtI29eGc5d-Wf7mQPZAT6O404oCO5AwKVPsKq5hHCvU59ybqHFW7o15Ovdu1Az8
Date: Thu, 05 Jan 2023 06:09:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHDcgZa4WSvbVsUG2pOxiHo&google_cver=1&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWlM25Hb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHDcgZa4WSvbVsUG2pOxiHo&google_cver=1&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWl...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0NzYyNzI0MjEyNjMwNTYw&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWlM25Hb...

170 B
188 B

44ms
43ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0NzYyNzI0MjEyNjMwNTYw&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWlM25HbO2XujoP_mp3MckkmXyB8_N8

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU0NzYyNzI0MjEyNjMwNTYw&google_push=AavPq0PQGJs0Rsg1PmxOSh9JtaKEWgZ-0VZceaNC952XlVG8GSpFnSoA6pfIW89BTHyJ3y_YtWlM25HbO2XujoP_mp3MckkmXyB8_N8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 75FD 0
12 B 41ms
41ms Image
text/html 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfdvQTQ2n6TxSw_tLoyye_u0JEGx9ZmTZx-aCanWdGqG8ZlERp

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame FDEB 36 KB
16 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:43:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE88 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnt8gmYiLpvrZPhpZw-piH_irdpCDgHXFSoZM_Ap3sn3GYlx4Plv4uoMLPZmTWiPB4eBY7oV8KpHzNDvS3sRuYpufJJJCtAIovMPKSFoRhNkeRsPmj_CC9tLRXjaKMkEEfvISxCg&sai=AMfl-YRnOxt4ZEn-XZ8818NhTLySl52_vDqAZi250HNQE0FefmEKGMANcONl1xKeXsD2m1Lt7cJROG4QGra9CA26AUIkTvZlkAjt7pdFDhipAAZoULUL22Gda-ZwiP_7SQ&sig=Cg0ArKJSzH_A4lmytouCEAE&cid=CAQSOwDq26N9-Qn8nRqz7j9SmcD5-ByoZjcFg3Th_0v5uDvw6_tzUmC5A9LW8079zgiglgQlzkNfTrUONZy9GAEgEw&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,769,1000,1111,1161&tos=83,686,231,111,50&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1672898956185&rpt=216&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bus.com.ua
URL: http://bus.com.ua/main/bus.css

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bus.com.ua/	1969-12-31 23:59:59	Name: b Value: b
.bus.com.ua/	1969-12-31 23:59:59	Name: __utmc Value: 150504101
.bus.com.ua/	1970-01-20 13:04:26	Name: __utmz Value: 150504101.1672898953.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.bus.com.ua/	1970-01-20 08:41:39	Name: __utmt Value: 1
.bus.com.ua/	1970-01-20 18:17:38	Name: __utma Value: 150504101.199089328.1672898953.1672898953.1672898953.1
.bus.com.ua/	1970-01-20 08:41:40	Name: __utmb Value: 150504101.1.10.1672898953
bus.com.ua/	1969-12-31 23:59:59	Name: googtrans Value: /auto/uk
.bus.com.ua/	1969-12-31 23:59:59	Name: googtrans Value: /auto/uk
.bus.com.ua/	1970-01-20 18:03:14	Name: __gpi Value: UID=00000b9d5c011c82:T=1672898953:RT=1672898953:S=ALNI_MbrHRHF34ZI9oOVWgdO8uqV48YtHg
.doubleclick.net/	1970-01-20 18:03:14	Name: IDE Value: AHWqTUnCotmskkoB83nN-OpUG_tBOo58YQJUtqbp64DyyPWJ01tln0Sysp_I0PK_Vkg
.doubleclick.net/	1970-01-20 08:41:39	Name: test_cookie Value: CheckForPermission
.bus.com.ua/	1970-01-20 18:03:14	Name: __gads Value: ID=2fc9d49f6c732393-2251d59bfcda0001:T=1672898953:RT=1672898954:S=ALNI_Mba3tpyFsH2Y6HKWqKFNjaE7XUTYA
.doubleclick.net/	1970-01-20 08:41:42	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 17:28:41	Name: suid Value: C4E57C87F6DB4ABEBF42659C3B2ECB8A
.1rx.io/	1970-01-20 17:27:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ce33b4c8-af29-4ae9-8591-85afae1183c5-003%22%7D
.adnxs.com/	1970-01-20 10:51:14	Name: uuid2 Value: 6281292141236757943
.de17a.com/	1970-01-20 17:20:02	Name: guid Value: 1.571997771161554886
.targeting.unrulymedia.com/	1970-01-20 17:27:14	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ce33b4c8-af29-4ae9-8591-85afae1183c5-003%22%7D
.everesttech.net/	1970-01-20 17:27:14	Name: everest_g_v2 Value: g_surferid~Y7ZpiwAADfJd0QAe
.adfarm1.adition.com/	1970-01-20 10:51:14	Name: UserID1 Value: 7185046305538439311
.adform.net/	1970-01-20 09:26:17	Name: C Value: 1
.adform.net/	1970-01-20 10:08:02	Name: uid Value: 254762724212630560
.tribalfusion.com/	1970-01-20 10:51:14	Name: ANON_ID Value: a6nseFMZaAC6pqGpS71cw8FouZbgxI8eIUq7VdDgKcS28YZbZbUfZcQTHjGRDXIXkpGBZc9J2BaLTIU7RmJqjtOXHZc

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://bus.com.ua/(Line 670) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://bus.com.ua/(Line 670) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1(Line 4) Message: Mixed Content: The page at 'https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1' was loaded over HTTPS, but requested an insecure stylesheet 'http://bus.com.ua/main/bus.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1(Line 11) Message: Mixed Content: The page at 'https://ticket.bus.com.ua/static/partner/SecondExample.html?partner_id=1' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://ticket.bus.com.ua/order/forming_bn'. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2806fb5259d3c70583b851fc09238c15.safeframe.googlesyndication.com
a.tribalfusion.com
adservice.google.com
adservice.google.de
bus.com.ua
c.bigmir.net
c1.adform.net
cdn.jsdelivr.net
cm.g.doubleclick.net
d5p.de17a.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.bigmir.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
s.tribalfusion.com
secondary.net.ua
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
ticket.bus.com.ua
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
bus.com.ua
142.251.39.2
151.101.2.49
185.86.137.122
185.89.210.46
193.201.116.4
193.239.68.97
193.239.71.100
193.243.159.4
193.243.159.5
213.155.156.169
213.19.147.45
2606:4700::6810:5814
2606:4700::6812:18ad
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a00:1450:400d:808::2001
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2003
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
3.33.220.150
34.91.62.186
37.157.6.246
51.38.120.206
85.114.159.93
0129f2609dce9cc375972acd7328216add961d31b58da45a7b2ca3eb40807acc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
109fd47c58f7b0aa694da65dee308ded227b25bb0c2f9c6cb89ffcec5b46fa8b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13c281d9ffb2d4bc9d8635c0f5f295af6012ee5b0a36e0f216a144e5892c74d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ab01ed9ad7aa8d158839ce71895ddb5ac06ea4a1304ac0bf2198ca5af06e85d
1ef6bd4326a8cbe77c7aad11958118af36f9cb7c383e800a3c1b6025427a40d7
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
22afd4aaee14dea5dd0e34ac845e57585b18db3ef1d3390170ec8b7428ab99cc
24ca2d77541439710b2cabc8345fa07bef8653066feef18b39309610dcdfc5c2
270665a3d97e7d35e67813df4aef7c8dd7a31ba1795c72568a74e796337aa193
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
28db2f6f57aed58ba08da244a310d536bdf8e1835a36a1c65e7c8044817b7c91
2ce808cb97e7d2258c45dc23bfe13d0542b83671dd449aa34bc2352aec152c2d
2f02ac9f26ddf4cf991bf2fc5903b36911c110ff6be2d27a224f7017ce84a94f
304da9143c0b1fe3da015969b5e7f6e1449ff08cacd1b6209d5d9d68efa738b2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
383d3f8af7d4fe5f405e0db9d4aeaa8147aaa1641ae2cfb49b17823ada35f4b1
391dffa2c2325c8babe1d2846a4e0017afb4ab059aceb137259d6d4b61a8cb3c
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3d23327687acbb7ad8c16cb8b9c76f1328ec1b7b1471a557d429eab6c277380d
4354e70ef0a0e3080b74fba3ffda889d0dd658b2e559d8d54d99f695728699e1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4f60c36a88cb05ebcd96a558d79ad4419a86e4f2d13313ab14b36d87ac5b0432
50d9eea335953bf57d5b37de5df5c78dcfe5868d305be473b1cd10af7ced566c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57dc1c8f6e8b26c2cb6506fd038d01dd9a8ad08e6cd3dc5230679adb3200ffaf
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628b1ff2d763eb9fb6d81ad38545bc3164f63e9cc096117d6bbc606e8eacfe15
6755641a64b3cf0398d6783fc97812f2c50544ac18865910d96f138db8da5238
698367c52c1e4b9c6e1d3642b2bee2c8021780eb6b65ec945d495b15f7c418af
6fc6ddbd6339fb0a71978a09f3b94f036a9135b507bd0f19fe5caf3510c1b9f1
70c4dc883d218071faf07279231d8fd4d4ddf76f435d26d7e2dbd54fdf885f39
727b556426274697111e63749c1b803592d6cef97d36676c70cee10a82bbd1db
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
737fa2060bec5738e224e6697a1a6875e5308b7a9224d63b74e27453d9141843
73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628
73f9ed5e274177267ee4a491c608b7b52a4ca9e867c35400053cc8f8cbaff386
74ffdc446645a1bb680238877a898e86c51f42ce06b82caa207884e682ccddf2
758ef9d3380afc249880e748021a7e0498df092748ca875086a44d9d8662f379
778765dc550fa70dba846d9bc267afa4b954189b5b1a7aeecd25998f77207429
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
7afa3d982e22e63528bd24faeb45ac4884bd0efd282d6bbcc43bd0793c6ddb9c
7b06063a639c069ef96d4a40155e7ca25b7fca36806c95862d871e2c3e8dcaca
81323484fb01528c9ac56bc226165b30a712823a85d9a7b7ac59e77ce1b6810f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
869a52816f64d3b93295748b7508b4a340a254133e91b7a567bf591780eb94e2
8c7cbc7d274513a2d809ae402522b626e2a9ed6f54ff39561ea57ac36a6a62e6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8febbb773317577fbc7318af538d7e16d901bbd3c65bf40f71de49b788fd9705
95df52a5bc11f59b2262f48a414340f4886e42106df151bb0e4cd9f993fd8780
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52016504a524c9dbf935d4ab7e67fd1c638c7bb11c0532b23794f6e4963793a
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaef4bd6874180c5867c14dcbe4a06c48dcbd75cac41c0158165a69a50984699
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
ad8d2cd94034c74bab9f41df29343beb6f51bfb723d5338da211bcc9d6be4ef6
afbabc663867e8a13bca412facf5eeed52e06264f0ba1466d71d1710510fe86b
b0cc2aa8a9bc75108eab63c27bb2d381c45edb7371728fb21c5a910a8ae431c7
b333023d9a82e57579e7180275dff046417b912eb4a2860ead06d352d41d3018
bf2d21352d39531cbe6fcfdf7c79d1ab36a1f580c46cc9d436de0dc4bea7e9f2
c09f1eba4042eabe754624d431fde12951731db71a048d8980d9fa0906799764
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d6608d2d74dcc65a634e8f6ef9e06230ea670014705e46153e636fd9c56037dd
dab4162aa61582f9954cd59aeb9f037fcca94888cd9e77f4036ca1650e683aa4
dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
de013e4043552cca3ef3dc94ba30350ff33b428799653375ceaac70ec9611d3a
e00330427c51aa6054ec3c96952fedc0afb22033164411791fbbe67c2ecf5838
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e99a6f0f8e700a9d1d45f7fd8e731f2899ffb5778bc8ab833eb7b629b14572ff
ea5dd1c1a73dd168756ec9b63300e21d595014f914bc084c987a7b0239ad13e9
eaea51174ff3e7fd1f3491dac0f8d87002bf1acfb3e6ff7b7c6d67632118b84b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f594be4989691157e32afa97129bad288200a19864c15ffa24d3abd5784f80e8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74ff49b76ac1d9686f6d10b100938a8d4ef056ec3e2fb465a0594bc129ff7a4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

bus.com.ua Open in urlscan Pro 193.243.159.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

74 %HTTPS

53 %IPv6

25 Domains

37 Subdomains

28 IPs

10 Countries

1601 kBTransfer

4307 kBSize

23 Cookies

15 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

bus.com.ua Open in urlscan Pro
193.243.159.4 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

74 %
HTTPS

53 %
IPv6

25
Domains

37
Subdomains

28
IPs

10
Countries

1601 kB
Transfer

4307 kB
Size

23
Cookies

150 HTTP transactions
7 data transactions