greenpost.ua Open in urlscan Pro
2a01:4f8:10b:94d::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.greenpost.ua/
Effective URL:
https://greenpost.ua/
Submission: On March 30 via automatic, source certstream-suspicious (March 30th 2021, 12:05:40 am UTC)

Summary HTTP 281 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 40 IPs in 10 countries across 29 domains to perform 281 HTTP transactions. The main IP is 2a01:4f8:10b:94d::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is greenpost.ua.
TLS certificate: Issued by R3 on February 22nd 2021. Valid for: 3 months.

This is the only time greenpost.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 77	2a01:4f8:10b:... 2a01:4f8:10b:94d::2	24940 (HETZNER-AS) (HETZNER-AS)
24	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
10	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 23	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
8	37.187.205.228 37.187.205.228	16276 (OVH) (OVH)
1 6	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	54.72.174.106 54.72.174.106	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 2	195.209.108.39 195.209.108.39	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2 2	35.157.13.124 35.157.13.124	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2600:9000:218... 2600:9000:2182:2800:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
4	34.194.182.213 34.194.182.213	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
281	40

77 2a01:4f8:10b:94d::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

www.greenpost.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
greenpost.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 146.0.227.110 (Ascension Island) 2 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.187.205.228 (France)

ASN16276 (OVH, FR)
PTR: app-04.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.184.8.30 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.174.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-174-106.eu-west-1.compute.amazonaws.com

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.39 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.26 (Ukraine) 1 redirects

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.13.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2182:2800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.194.182.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-182-213.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	greenpost.ua 1 redirects www.greenpost.ua greenpost.ua	1 MB
76	googlesyndication.com pagead2.googlesyndication.com e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com tpc.googlesyndication.com	938 KB
33	admixer.net 2 redirects cdn.admixer.net inv-nets.admixer.net inv-nets-eu.admixer.net	223 KB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	204 KB
11	google.com 3 redirects adservice.google.com www.google.com	1 KB
8	geoedge.be rumcdn.geoedge.be gw.geoedge.be	116 KB
8	adpartner.pro a4p.adpartner.pro	9 KB
8	googletagservices.com www.googletagservices.com	238 KB
6	creativecdn.com 1 redirects prebid-eu.creativecdn.com creativecdn.com ams.creativecdn.com	1 KB
6	google.de adservice.google.de www.google.de	1 KB
6	gstatic.com fonts.gstatic.com	131 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	bigmir.net c.bigmir.net i.bigmir.net	1 KB
3	trafmag.com m.trafmag.com	1 KB
3	googleadservices.com partner.googleadservices.com	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net	955 B
2	tns-ua.com 1 redirects pa.tns-ua.com	468 B
2	adriver.ru 2 redirects ad.adriver.ru	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	973 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	facebook.net connect.facebook.net	62 KB
1	2mdn.net s0.2mdn.net	38 KB
1	mookie1.com odr.mookie1.com	324 B
1	ismatlab.com ismatlab.com	149 B
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	facebook.com www.facebook.com	258 B
1	i.ua r.i.ua	1 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
281	29

	Domain	Requested by
76	greenpost.ua	greenpost.ua
50	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com greenpost.ua tpc.googlesyndication.com googleads.g.doubleclick.net
24	pagead2.googlesyndication.com	greenpost.ua pagead2.googlesyndication.com cdn.admixer.net securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	inv-nets-eu.admixer.net	greenpost.ua
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	cdn.admixer.net	greenpost.ua cdn.admixer.net
9	inv-nets.admixer.net	2 redirects cdn.admixer.net greenpost.ua
8	a4p.adpartner.pro	cdn.admixer.net
8	www.googletagservices.com	pagead2.googlesyndication.com cdn.admixer.net securepubads.g.doubleclick.net greenpost.ua googleads.g.doubleclick.net
7	www.google.com	3 redirects greenpost.ua googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	greenpost.ua tpc.googlesyndication.com
4	gw.geoedge.be	rumcdn.geoedge.be
4	rumcdn.geoedge.be	greenpost.ua rumcdn.geoedge.be
4	prebid-eu.creativecdn.com	cdn.admixer.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com greenpost.ua
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net greenpost.ua
3	m.trafmag.com	greenpost.ua
3	i.bigmir.net	greenpost.ua
3	stats.g.doubleclick.net	www.google-analytics.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
2	e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	pa.tns-ua.com	1 redirects greenpost.ua
2	ad.adriver.ru	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ads.betweendigital.com	2 redirects
2	www.google.de	greenpost.ua
2	counter.yadro.ru	1 redirects greenpost.ua
2	connect.facebook.net	greenpost.ua connect.facebook.net
1	s0.2mdn.net	tpc.googlesyndication.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	odr.mookie1.com	greenpost.ua
1	ams.creativecdn.com	greenpost.ua
1	creativecdn.com	1 redirects
1	ismatlab.com	greenpost.ua
1	cdnjs.cloudflare.com	greenpost.ua
1	www.facebook.com	greenpost.ua
1	c.bigmir.net	greenpost.ua
1	r.i.ua	greenpost.ua
1	www.googletagmanager.com	greenpost.ua
1	www.greenpost.ua	1 redirects
281	44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
t.me
www.instagram.com
www.liveinternet.ru
www.i.ua
www.bigmir.net
yedynka.com

Subject Issuer	Validity	Valid
greenpost.ua R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-06-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
i.ua R3	`2021-02-13` - `2021-05-14`	3 months	crt.sh
c.bigmir.net R3	`2021-01-31` - `2021-05-01`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
img.com.ua R3	`2021-03-03` - `2021-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
adpartner.pro R3	`2021-02-26` - `2021-05-27`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
ismatlab.com RapidSSL RSA CA 2018	`2020-05-19` - `2021-05-20`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
rumcdn.geoedge.be Amazon	`2020-10-02` - `2021-11-03`	a year	crt.sh
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA	`2020-01-29` - `2022-01-28`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://greenpost.ua/
Frame ID: 038A3670C531840C6D205FDC999F1399
Requests: 163 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html
Frame ID: 06B68E0B9537EE1F5296044012A19081
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: 879F4D58073E506A88756A302474DFD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&adk=1812271804&adf=3025194257&lmt=1617062719&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617062719018&bpp=22&bdt=71&idt=341&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3118294486100&frm=20&pv=2&ga_vid=902713396.1617062719&ga_sid=1617062719&ga_hid=1779681269&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C44740079%2C44739387&oid=3&pvsid=3166768538204532&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=369
Frame ID: 711C2F52D63E4699D6206180AEAD8AD2
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F5FA29EFBAD10DC968086BF63DEDBB7B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 2E6FB9C496636EA8B79115C27DF70D17
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Frame ID: 34C3ADAE460FE747A223966034E736F5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: BC2564083D593B42E64F35CD40E56C24
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Frame ID: 1E1B0000D6CAF82B96FB36BDAF4236E6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119
Frame ID: 83B59FA934375F5C9FD879D3A35D0D44
Requests: 10 HTTP requests in this frame

Frame: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 162BA5D333937D4FB1A626797003120B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89
Frame ID: 21F630E8B88B4F885B657AC2A4DE21AC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html
Frame ID: 99659158F9E0EE143074225C540E53F5
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUx9jQGtiYNSFEcP53gPy67jgBM-wqbZh0_6dt4QNmJmCgoMiEAEg4-C8I2CRhJOF_BegAdSd0aMDyAEJqQIV6rWGF76zPuACAKgDAcgDCKoEzgFP0K3ao16xGxZLZHAoMkOu7ygYwZY4mFtDGViL8IUOW2v4BNMtLe_QW67rICum3bonTwUiXrN6CD0XuQqn4HJuSAxmnxeVW2_sAwc6G7fRLFDtbRW8yb5zJPi7obnp9YWxlGj5lfyU1eep_1kk3-ZMMci1PfSGs9Nw57tB7rTb_DGRSM_bM8DSD1Mb7qZcnR7XvhmM5C7YmuyKO1HN8XOxkDpvCAgqHlGanKhVHWq2CfVBjObYNksabQ9yx-9w-nU563rDf_3bnBv8MSDfJsAEh7Dp3L8D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5TirlyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQieUE0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04OTgyODc2Mzc1MzcxNjMxgAoDyAsB2BMNshcaChgIABIUcHViLTMzNzk5NjkxMTY5NTAxOTk&sigh=CY1fbGEjRxk&template_id=419&tpd=AGWhJmtg5WPJ_bvg0WLJYY3vCzqo8RuLknw6onu-aAGNx6HJyw
Frame ID: 14574455F674FAC3F50458A5D67DB669
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D3F47A98B073A97331F604F04BE894D9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 460E7B64108845941E3D0E1680A006DA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1D6D65B9453D79324805CB1C865AA365
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F1C1B45B918521DA31905F576BD50729
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html
Frame ID: 85CFC589A9A6E73A90DAD239336E7C9B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FDE0917A53D096F9419539041CFB9758
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html
Frame ID: 8630EF40DF8F14E75E754776318DF118
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FCF50ACEA6B64841794DD673FE751C2E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3E386E3EF2A35FAD6107E53E39CA845D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.greenpost.ua/ HTTP 301
https://greenpost.ua/ Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

281
Requests

100 %
HTTPS

60 %
IPv6

29
Domains

44
Subdomains

40
IPs

10
Countries

3404 kB
Transfer

6702 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/greenpost.ua/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCBOPbWNFhqftr3SRyYJF_uA

Search URL Search Domain Scan URL

URL: https://t.me/greenpostua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/greenpost.ua/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://www.i.ua/
Title: iS='http'+(window.location.protocol=='https:'?'s':'')+ '://r.i.ua/s?u230317&p4&n'+Math.random(); iD=document;if(!iD.cookie)iD.cookie="b=b; path=/";if(iD.cookie)iS+='&c1'; iS+='&d'+(screen.colorDepth?screen.colorDepth:screen.pixelDepth) +"&w"+screen.width+'&h'+screen.height; iT=iR=iD.referrer.replace(iP=/^[a-z]*:\/\//,'');iH=window.location.href.replace(iP,''); ((iI=iT.indexOf('/'))!=-1)?(iT=iT.substring(0,iI)):(iI=iT.length); if(iT!=iH.substring(0,iI))iS+='&f'+escape(iR); iS+='&r'+escape(iH); iD.write('<img src="'+iS+'" border="0" width="88" height="31" />');

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: https://yedynka.com/
Title: Розробник: Yedynka Dgtl

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.greenpost.ua/ HTTP 301
https://greenpost.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttps%3A//greenpost.ua/;hGreenPost;0.22269585219716137 HTTP 302
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//greenpost.ua/;hGreenPost;0.22269585219716137

Request Chain 130

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bdac8148-a470-5259-b37d-d513d31fbe2c

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ODJhOGQ3MDlmNmFmNGZkYjhkZjRlZDdiYjMxMTYzMmE&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEF2u1DV8DDXyiXUm5Aq8JzY&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a

Request Chain 132

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5860576505 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Av4Je_dhBXkWVcsKxWD7nQA

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEMlwlUFt1FvCnQiG4mj_d5o&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a

Request Chain 134

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 136

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=82a8d709f6af4fdb8df4ed7bb311632a HTTP 302
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z5B3C8F87AB540D4BBA254639DAF114A&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=82a8d709f6af4fdb8df4ed7bb311632a

Request Chain 137

https://x.bidswitch.net/sync?ssp=admixer&user_id=82a8d709f6af4fdb8df4ed7bb311632a&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=82a8d709f6af4fdb8df4ed7bb311632a&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f279bf10-158f-47e0-b8e2-386393d2bdab&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]

Request Chain 211

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 245

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 268

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

281 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
greenpost.ua/
Redirect Chain

https://www.greenpost.ua/
https://greenpost.ua/

90 KB
20 KB

68ms
62ms

Document
text/html

2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 441d9e7c108bebc5488b987b7bbb54350f0380ebf9114489fdcbf39a83a0bb92

Request headers

Host: greenpost.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:18 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: _csrf-frontend=1ded68485d92ed73e78940a0aa4e70975d76e5d32f0a282737d116fca8352ceaa%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22dPF-8dGXZzNTQDrbJzyOMIna66cH3BN7%22%3B%7D; path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20281
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 30 Mar 2021 00:05:18 GMT
Server: Apache/2.4.38 (Debian)
Location: https://greenpost.ua/
Content-Length: 312
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK ed0c0a9748819a86491661973468c6b2.css
greenpost.ua/assets/css-compress/ 171 KB
22 KB 4ms
4ms Stylesheet
text/css 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7681d403682f24ac996a61777cceabc6a1280ad253e60d205d8a5aa1c9f356a3

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 19:35:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2acae-5b466b6e68df1-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9999
Content-Length: 22487

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feea6127a153da9ba9d4553649cbc353d8d3e504a0406d59e2828b1d506147c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49709
x-xss-protection: 0
server: cafe
etag: 2439029923726210354
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 00:05:18 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 86 KB
29 KB 30ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d55f81e52c653aaafd762224540775c8b75a83896c37566c1e0a09236552e5bb

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:28 GMT
server: nginx
etag: W/"6054ad14-156c2"
x-cached-since: 2021-03-30T00:02:48+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
x-vhost-ver: 5960220520391311182
expires: Fri, 19 Mar 2021 14:09:19 GMT

GET
H/1.1 200
OK close_icon_white.svg
greenpost.ua/img/icons/ 2 KB
2 KB 1ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/close_icon_white.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1e98b102012e0c61aca5d66a39650a3f813e456a0072787467ce3c68e5d87cb0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:18 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "67e-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9997
Content-Length: 1662

GET
H/1.1 200
OK hamburger_icon.svg
greenpost.ua/img/icons/ 1 KB
1 KB 15ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/hamburger_icon.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: e7208edfd7affb0c8fa62b9cbb05c9f958994d33309518f911eb758a46e56b24

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 20 Feb 2020 15:07:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4db-59f0342bfa358"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9996
Content-Length: 1243

GET
H/1.1 200
OK logo-black-top.png
greenpost.ua/img/ 10 KB
10 KB 18ms
2ms Image
image/png 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/logo-black-top.png
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 3f6ec0d0418362de2cd9c5255ce08005ffedec3338081a447a5730ac32fae7b8

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 06 Nov 2020 09:36:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2826-5b36cf1cae880"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=10000
Content-Length: 10278

GET
H/1.1 200
OK logo-black.png
greenpost.ua/img/ 9 KB
10 KB 17ms
1ms Image
image/png 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/logo-black.png
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1bb9499d9796fdf4c93767155c5afc5be9afe7659bfa4c72770f6ba1ba6f758e

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 06 Nov 2020 09:36:42 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2564-5b36cf3391e80"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9995
Content-Length: 9572

GET
H/1.1 200
OK rss_icon.svg
greenpost.ua/img/icons/ 2 KB
2 KB 18ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/rss_icon.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4b6ad0207ec3a28e701f6166544fb2a541922358c54ea9c02b9c39e297911d9d

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 28 Feb 2020 11:31:14 GMT
Server: Apache/2.4.38 (Debian)
ETag: "77c-59fa12cd313d8"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=10000
Content-Length: 1916

GET
H/1.1 200
OK fb_icon.svg
greenpost.ua/img/icons/ 1 KB
1 KB 18ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/fb_icon.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4366747f8e78ff1647ff96dec84a3914b6de9fbbc26b4d3b65e016861338e9a2

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 02 Mar 2020 13:53:33 GMT
Server: Apache/2.4.38 (Debian)
ETag: "480-59fdf83509120"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=10000
Content-Length: 1152

GET
H/1.1 200
OK youtube_icon.svg
greenpost.ua/img/icons/ 2 KB
2 KB 21ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/youtube_icon.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 9029cd2b6ca418481b961a08ca7ab9893f80b05a2174dce677a886995ff5e81d

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 02 Mar 2020 13:53:33 GMT
Server: Apache/2.4.38 (Debian)
ETag: "6bb-59fdf83509120"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9994
Content-Length: 1723

GET
H/1.1 200
OK tele.svg
greenpost.ua/img/icons/ 2 KB
2 KB 9ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/tele.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: edd634a2c4c814a562284b37da1311606b9b55903b3a87ec4684351d4746c201

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 02 Mar 2020 14:30:43 GMT
Server: Apache/2.4.38 (Debian)
ETag: "6be-59fe0084320c8"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9999
Content-Length: 1726

GET
H/1.1 200
OK instagram.svg
greenpost.ua/img/icons/ 2 KB
3 KB 6ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/instagram.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 3b57713e1774f18046f566c969576a2d490e6f777ce61029fe343c7d738ffdb9

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 30 Apr 2020 07:15:08 GMT
Server: Apache/2.4.38 (Debian)
ETag: "973-5a47cd3182c30"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9999
Content-Length: 2419

GET
H/1.1 200
OK camera.svg
greenpost.ua/img/icons/ 1 KB
2 KB 6ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/camera.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7a6f65e5031773af2db12dbdc1d6adac52682bf4b93df5f2fd00665c4116320f

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "57e-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9993
Content-Length: 1406

GET
H/1.1 200
OK circle.svg
greenpost.ua/img/icons/ 1 KB
2 KB 6ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/circle.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 6b8974313880b34bb37303c6154aa9ffceb76f4980def60a698dbc7d9be7ad9d

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4f6-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9998
Content-Length: 1270

GET
H/1.1 200
OK search-right.svg
greenpost.ua/img/icons/ 2 KB
2 KB 6ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/search-right.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: a8ca7d3026e65b15e425973b8c0644a0282607a5e3d5be21cd8207f746ac6d70

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "654-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9999
Content-Length: 1620

GET
H/1.1 200
OK photo-2020-12-21-12-24-31.jpg
greenpost.ua/upload/media/2020/12/21/ 52 KB
52 KB 6ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/media/2020/12/21/photo-2020-12-21-12-24-31.jpg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5a794554bce927f2d3c34a694a3a25683bfcb2d2826c72b13e1ffa422b2eafcd

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 21 Dec 2020 10:27:09 GMT
Server: Apache/2.4.38 (Debian)
ETag: "ce56-5b6f6e684cea5"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9998
Content-Length: 52822

GET
H/1.1 200
OK close_icon.svg
greenpost.ua/img/icons/ 2 KB
2 KB 5ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/close_icon.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: e39dd05df1bba9feb4d643daadfb8758fc569bf33a8e4dd785c992d08df14071

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "67e-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9997
Content-Length: 1662

GET
H/1.1 200
OK arrow_up.svg
greenpost.ua/img/icons/ 1 KB
1 KB 4ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/arrow_up.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2de9fe31eeed403db6c6d24372a875bb019d3354b9803d5e8463e437c111a88

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 20 Feb 2020 15:07:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4c4-59f0342bf5538"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9992
Content-Length: 1220

GET
H/1.1 200
OK edit_icon.svg
greenpost.ua/img/icons/ 2 KB
2 KB 3ms
1ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/edit_icon.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: f6b753a9c0996806309c1c548850aeb2a45ae03612af0c637f1fb0cfb297c6cd

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 20 Feb 2020 15:07:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "68b-59f0342bf8418"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9998
Content-Length: 1675

GET
H/1.1 200
OK close_icon_black.svg
greenpost.ua/img/icons/ 596 B
887 B 3ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/close_icon_black.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 713c1291fdb24f43b56cfca41591b0009c9ab61137d6d25b46986e2364402a5f

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 20 Feb 2020 15:07:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "254-59f0342bf5538"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=10000
Content-Length: 596

GET
H/1.1 200
OK 075f042a5a8289c-img-20200618-224633_crop_150x150.jpg
greenpost.ua/upload/author/2020/07/07/ 4 KB
4 KB 4ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/author/2020/07/07/075f042a5a8289c-img-20200618-224633_crop_150x150.jpg?v=1594108508
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: dc0b4e554bbed8a98e3f803085e0b504546533fdcf27b2bcb3ed6cb6ddf2463e

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 07 Jul 2020 07:55:08 GMT
Server: Apache/2.4.38 (Debian)
ETag: "102a-5a9d54f5aa591"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=10000
Content-Length: 4138

GET
H/1.1 200
OK 2560379ac11f93a-200909155710766-2800_crop_150x150.jpg
greenpost.ua/upload/author/2021/02/25/ 5 KB
5 KB 5ms
1ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/author/2021/02/25/2560379ac11f93a-200909155710766-2800_crop_150x150.jpg?v=1614325023
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5629ae0d5acb154c45d37a7a9a392800ea4364578591c307645d259b883d0845

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 25 Feb 2021 12:40:44 GMT
Server: Apache/2.4.38 (Debian)
ETag: "12b4-5bc2875c52269"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9999
Content-Length: 4788

GET
H/1.1 200
OK 095f8082d6693da-227373_crop_150x150.jpg
greenpost.ua/upload/author/2020/10/09/ 2 KB
3 KB 5ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/author/2020/10/09/095f8082d6693da-227373_crop_150x150.jpg?v=1602257624
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0c5651cc59b22a771c0296ac3656a3e4ca3cf72d26249f3a4b041f6d4a0f273f

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 09 Oct 2020 15:33:44 GMT
Server: Apache/2.4.38 (Debian)
ETag: "924-5b13eac8db767"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9997
Content-Length: 2340

GET
H/1.1 200
OK 115ee1e53f8394f-photo-2020-06-11-10-40-08_crop_150x150.jpeg
greenpost.ua/upload/author/2020/06/11/ 5 KB
5 KB 5ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/author/2020/06/11/115ee1e53f8394f-photo-2020-06-11-10-40-08_crop_150x150.jpeg?v=1591862593
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: e49c3536ea775ecee4d8e1f7b8df1cfe706d269312b00014909a7aeb5f42f347

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 11 Jun 2020 08:03:13 GMT
Server: Apache/2.4.38 (Debian)
ETag: "13a4-5a7ca6467d339"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9999
Content-Length: 5028

GET
H/1.1 200
OK wolves_640x360.jpg
greenpost.ua/upload/news/2021/03/29/ 61 KB
61 KB 5ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/wolves_640x360.jpg?v=1617027366
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: fd191c30137a35e3b09ff8ddef5b82b7c80d951b2120088f5106666b7e5ea8f8

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 14:16:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "f290-5bead85c18f27"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9997
Content-Length: 62096

GET
H/1.1 200
OK 1_305x140.PNG
greenpost.ua/upload/news/2021/03/29/ 86 KB
87 KB 4ms
2ms Image
image/png 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/1_305x140.PNG?v=1617018445
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: a4c143319507bc2aae3b608cb896ee8506fbf31b8c7c633137393f01864b50cf

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 11:47:24 GMT
Server: Apache/2.4.38 (Debian)
ETag: "159e4-5beab71f70769"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9996
Content-Length: 88548

GET
H/1.1 200
OK 7114259-prodykti-1_305x140.jpg
greenpost.ua/upload/news/2021/03/29/ 8 KB
9 KB 4ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/7114259-prodykti-1_305x140.jpg?v=1617015815
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: edf6d64fcad347e2600dbf79abee157ffe3e9e9de7baed3d9b487988a5f70853

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 11:03:34 GMT
Server: Apache/2.4.38 (Debian)
ETag: "20d6-5beaad53ea31e"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9991
Content-Length: 8406

GET
H/1.1 200
OK 56214984-303_305x140.jpg
greenpost.ua/upload/news/2021/03/29/ 7 KB
7 KB 4ms
1ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/56214984-303_305x140.jpg?v=1617021192
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 66666bdcdea42343cd4af706f87a01272e94cf226177410f0fdc3720d03ff70c

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 12:33:12 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1cbc-5beac15c10c77"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9990
Content-Length: 7356

GET
H/1.1 200
OK karantin-v-kostanae-scaled-1-1140x664_305x140.jpg
greenpost.ua/upload/news/2021/03/29/ 12 KB
12 KB 4ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/karantin-v-kostanae-scaled-1-1140x664_305x140.jpg?v=1617012685
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 56d74a0e5926d731a7d75090a7f83402ce0c8c8490068434ca8631f4f0a8bd82

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 10:11:25 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2fca-5beaa1ab11eda"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9996
Content-Length: 12234

GET
H/1.1 200
OK ovoshchi-ogurtsy-pomidory-kapusta-kartofel-luk-chesnok-peret_100x100.jpg
greenpost.ua/upload/news/2021/03/29/ 3 KB
4 KB 4ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/ovoshchi-ogurtsy-pomidory-kapusta-kartofel-luk-chesnok-peret_100x100.jpg?v=1617033426
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: f7ef7233e4a1e857edd9b5314783c2781acd34b83d73b50ec991cef2e74b0508

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 15:57:05 GMT
Server: Apache/2.4.38 (Debian)
ETag: "cf2-5beaeeeef1661"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9995
Content-Length: 3314

GET
H/1.1 200
OK wolves_100x100.jpg
greenpost.ua/upload/news/2021/03/29/ 3 KB
4 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/wolves_100x100.jpg?v=1617027366
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 482a5b2927c374bfcf2557a89e24a5b85b34fbc0f7e14d9ab095a4a222dcbb98

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 14:16:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "d6a-5bead85c0b468"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9998
Content-Length: 3434

GET
H/1.1 200
OK 1_100x100.PNG
greenpost.ua/upload/news/2021/03/29/ 22 KB
22 KB 3ms
1ms Image
image/png 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/1_100x100.PNG?v=1617018445
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8af6cd293d9a02de43739c9f11297e6d7e7d1a1eda696fc07bbbd3dbfca05bbc

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 11:47:24 GMT
Server: Apache/2.4.38 (Debian)
ETag: "58b1-5beab71f4966c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9998
Content-Length: 22705

GET
H/1.1 200
OK 129410-1-large_100x100.jpg
greenpost.ua/upload/news/2021/03/29/ 2 KB
2 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/129410-1-large_100x100.jpg?v=1617021943
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: f858b655896d965bdedd235ba2dc048e97b3db72112fd4f00b819bd3789ad7ee

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 12:45:43 GMT
Server: Apache/2.4.38 (Debian)
ETag: "78e-5beac4282aeff"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9996
Content-Length: 1934

GET
H/1.1 200
OK karantin-v-kostanae-scaled-1-1140x664_100x100.jpg
greenpost.ua/upload/news/2021/03/29/ 4 KB
4 KB 6ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/karantin-v-kostanae-scaled-1-1140x664_100x100.jpg?v=1617012685
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: a50873abfd0f277672b9d03e0659aa7ed7ca2d3298183472fe79a73092c2b322

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 10:11:25 GMT
Server: Apache/2.4.38 (Debian)
ETag: "fc4-5beaa1aaff5fb"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9995
Content-Length: 4036

GET
H/1.1 200
OK 417879_100x100.jpeg
greenpost.ua/upload/news/2020/06/12/ 2 KB
2 KB 5ms
1ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/06/12/417879_100x100.jpeg?v=1591992931
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 11bf599ddcd13d2beab27086e36ff8813a5cebfae8693f1a8c2932125ac385e2

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 12 Jun 2020 20:15:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "8aa-5a7e8bd2292eb"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9989
Content-Length: 2218

GET
H/1.1 200
OK 1-rts310ln-jpg-1584004701-41708-vid667271e_100x100.jpg
greenpost.ua/upload/news/2020/06/04/ 2 KB
2 KB 6ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/06/04/1-rts310ln-jpg-1584004701-41708-vid667271e_100x100.jpg?v=1605875168
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 2bd403bc5fba59318556f15f735a0c08c433c1d33187eebe11c9710ec689923a

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 04 Jun 2020 06:49:20 GMT
Server: Apache/2.4.38 (Debian)
ETag: "7d2-5a73c8b4dfbdf"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9995
Content-Length: 2002

GET
H/1.1 200
OK 414096-1_100x100.jpg
greenpost.ua/upload/news/2020/11/28/ 2 KB
2 KB 6ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/11/28/414096-1_100x100.jpg?v=1606522962
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7ba4fb1af9da2954e97c7852cc85de65f7e1cd9ed26764c5831e3ea4702c3839

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Sat, 28 Nov 2020 00:22:41 GMT
Server: Apache/2.4.38 (Debian)
ETag: "6ae-5b51fc67220f5"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9994
Content-Length: 1710

GET
H/1.1 200
OK 20200423181309_100x100.jpg
greenpost.ua/upload/news/2020/08/27/ 1 KB
2 KB 6ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/08/27/20200423181309_100x100.jpg?v=1605956132
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4fdf9dc83963c87dbce2a839f7c32c7df8140e5f7bde2e61a56de0fcd2f0abe0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 27 Aug 2020 13:41:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "5ea-5addc163e8c03"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9997
Content-Length: 1514

GET
H/1.1 200
OK 08-05-20-9_100x100.jpeg
greenpost.ua/upload/news/2020/09/26/ 4 KB
5 KB 5ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/09/26/08-05-20-9_100x100.jpeg?v=1601454392
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8868c9d411ba0c2a863517ee11300c495f728a26297c6fc3aad752165fca57aa

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Sat, 26 Sep 2020 09:43:35 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1120-5b034445c17a4"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9997
Content-Length: 4384

GET
H/1.1 200
OK arrow_right.svg
greenpost.ua/img/icons/ 2 KB
2 KB 6ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/arrow_right.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: ef508faf739daa78ff80f7835a524778a3ac8e519c2c8301456d91668c7b6336

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 09 Apr 2020 07:38:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "663-5a2d6b342f0b8"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9994
Content-Length: 1635

GET
H/1.1 200
OK 160073120-1671230733063012-2926653531965759748-n_640x360.jpg
greenpost.ua/upload/news/2021/03/25/ 19 KB
19 KB 5ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/25/160073120-1671230733063012-2926653531965759748-n_640x360.jpg?v=1616661969
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: d07be41a0b21338253761a9626c2acffed564d868e9d57be2febe265addcea9a

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 25 Mar 2021 08:46:09 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4b90-5be587267e74e"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9996
Content-Length: 19344

GET
H/1.1 200
OK 1616401440-7890_305x170.jpg
greenpost.ua/upload/news/2021/03/22/ 14 KB
14 KB 6ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/22/1616401440-7890_305x170.jpg?v=1616422412
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4d0787bbdf864bc26d69c57e82139e2815f7a0ac1448e8b063db645d5ab5bae7

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 22 Mar 2021 14:13:31 GMT
Server: Apache/2.4.38 (Debian)
ETag: "362e-5be20aba90c8d"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9996
Content-Length: 13870

GET
H/1.1 200
OK whatsapp-image-2021-03-22-at-10-02-39_305x170.jpeg
greenpost.ua/upload/news/2021/03/22/ 9 KB
10 KB 5ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/22/whatsapp-image-2021-03-22-at-10-02-39_305x170.jpeg?v=1616412930
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: d3ad9cb2d38e243a4813d4b861ff5539addbbbdaf8c537e42359c99819fe9c8f

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 22 Mar 2021 11:35:30 GMT
Server: Apache/2.4.38 (Debian)
ETag: "24d4-5be1e768691cc"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9993
Content-Length: 9428

GET
H/1.1 200
OK ew4cfk6xiaes3v4_305x170.jpg
greenpost.ua/upload/news/2021/03/20/ 8 KB
8 KB 4ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/20/ew4cfk6xiaes3v4_305x170.jpg?v=1616243144
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 9d6ae2e39ed75a64b825522f0bdc69814f3d917e8de5e59ee24771ac65734634

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Sat, 20 Mar 2021 12:25:44 GMT
Server: Apache/2.4.38 (Debian)
ETag: "20a0-5bdf6ee7a7251"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9994
Content-Length: 8352

GET
H/1.1 200
OK images_305x320.jpg
greenpost.ua/upload/news/2021/03/27/ 8 KB
8 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/27/images_305x320.jpg?v=1616842427
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: de238c08ad04ad8f2f9a2fcaad24ba748501abb03eb645f481f1c4eeca2cbfa8

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Sat, 27 Mar 2021 10:53:47 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2056-5be82768b158f"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9988
Content-Length: 8278

GET
H/1.1 200
OK 5e294e54646b7490907146_305x320.jpg
greenpost.ua/upload/news/2021/03/26/ 19 KB
19 KB 5ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/26/5e294e54646b7490907146_305x320.jpg?v=1616767317
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8d3f480c2b6dcada1129ae81963fff0091160151e13550fd752de37a074b687e

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 26 Mar 2021 14:01:57 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4c70-5be70f9a4a243"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9993
Content-Length: 19568

GET
H/1.1 200
OK image_305x320.jpg
greenpost.ua/upload/news/2021/03/25/ 12 KB
12 KB 5ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/25/image_305x320.jpg?v=1616686845
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7ba3c09d8f6594afeca4405e9f871fc16420d66838bfee7edc7245dbff14cf18

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 25 Mar 2021 15:40:45 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2e86-5be5e3d2000cf"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9992
Content-Length: 11910

GET
H/1.1 200
OK 602a821083f4f-5f744d2ae6ea8-93-main-1024x575jpgjpg_305x320.jpg
greenpost.ua/upload/news/2021/03/25/ 13 KB
14 KB 7ms
4ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/25/602a821083f4f-5f744d2ae6ea8-93-main-1024x575jpgjpg_305x320.jpg?v=1616682223
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0a4d5cdc0526cde15371f2e174d1a1dd15defd3ceba12201e92e07ffa6153863

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 25 Mar 2021 14:23:43 GMT
Server: Apache/2.4.38 (Debian)
ETag: "34fa-5be5d29a22228"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9987
Content-Length: 13562

GET
H/1.1 200
OK sync.svg
greenpost.ua/img/icons/ 2 KB
3 KB 5ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/sync.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: b2fd306a744971119024cfaf7705273397f80c8d393189e4401a70314b974ce6

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "8fa-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9993
Content-Length: 2298

GET
H/1.1 200
OK ovoshchi-ogurtsy-pomidory-kapusta-kartofel-luk-chesnok-peret_305x320.jpg
greenpost.ua/upload/news/2021/03/29/ 17 KB
18 KB 6ms
4ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/ovoshchi-ogurtsy-pomidory-kapusta-kartofel-luk-chesnok-peret_305x320.jpg?v=1617033426
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: d1e30f73622575f627ca46e5d23c6821f42c62f0ea7f2244b9aebc1ca906f943

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 15:57:05 GMT
Server: Apache/2.4.38 (Debian)
ETag: "458a-5beaeeef1681e"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9992
Content-Length: 17802

GET
H/1.1 200
OK 1_305x320.PNG
greenpost.ua/upload/news/2021/03/29/ 153 KB
153 KB 5ms
2ms Image
image/png 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/1_305x320.PNG?v=1617018445
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 989ed0cf5129961a611edf006c87b9d79cab2aa50e809d1aca2790ec94ed1f3b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 11:47:24 GMT
Server: Apache/2.4.38 (Debian)
ETag: "263fe-5beab71f80168"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9995
Content-Length: 156670

GET
H/1.1 200
OK i4gov75k_305x320.jpg
greenpost.ua/upload/news/2021/03/29/ 19 KB
19 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/i4gov75k_305x320.jpg?v=1617029800
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 61bc85e5a9a4238f5614ea04ee71a2c7cc7b9ee54e320ca680d8ead88c1e5b9d

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 14:56:39 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4bda-5beae16cc7840"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9995
Content-Length: 19418

GET
H/1.1 200
OK 129410-1-large_305x320.jpg
greenpost.ua/upload/news/2021/03/29/ 7 KB
8 KB 6ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/129410-1-large_305x320.jpg?v=1617021943
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: bfdf29dfe21609166f45d2c2d875dec0a571765199e7e92dee0abf20147bb2d6

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 12:45:43 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1d02-5beac4284741d"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9994
Content-Length: 7426

GET
H/1.1 200
OK 7114259-prodykti-1_305x320.jpg
greenpost.ua/upload/news/2021/03/29/ 14 KB
14 KB 5ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/7114259-prodykti-1_305x320.jpg?v=1617015815
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5d6d634daa2103d71acd769e8d2c3d7c33642ea3b5879427ec35fb53a1de0f73

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 11:03:34 GMT
Server: Apache/2.4.38 (Debian)
ETag: "36d2-5beaad53f201e"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9991
Content-Length: 14034

GET
H/1.1 200
OK unnamed_305x320.jpg
greenpost.ua/upload/news/2021/03/29/ 13 KB
14 KB 4ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/unnamed_305x320.jpg?v=1616965314
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 610ec732daaa73ee1b23fafbe400082861bf358681993e69fa7f7fbb3cadf336

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Sun, 28 Mar 2021 21:01:53 GMT
Server: Apache/2.4.38 (Debian)
ETag: "3520-5be9f13249ee4"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9986
Content-Length: 13600

GET
H/1.1 200
OK 1615544573-tulpany-2_305x320.jpg
greenpost.ua/upload/news/2021/03/27/ 31 KB
31 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/27/1615544573-tulpany-2_305x320.jpg?v=1616844568
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: fcca115c987976db7ee5acf122fedb1a1f2139ccf33f0f2381382acde4b5c89a

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Sat, 27 Mar 2021 11:29:28 GMT
Server: Apache/2.4.38 (Debian)
ETag: "7b54-5be82f6297170"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9992
Content-Length: 31572

GET
H/1.1 200
OK chipsy-persyk-750x430_305x320.jpg
greenpost.ua/upload/news/2021/03/26/ 12 KB
12 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/26/chipsy-persyk-750x430_305x320.jpg?v=1616760234
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8ee52d6fbd5334028d1fe9a7b1f7d71773f28be22e068518c00fbc6a8fcbe215

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 26 Mar 2021 12:03:54 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2e4e-5be6f53718500"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9994
Content-Length: 11854

GET
H/1.1 200
OK wolves_305x320.jpg
greenpost.ua/upload/news/2021/03/29/ 27 KB
28 KB 3ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/wolves_305x320.jpg?v=1617027366
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 393d7518e8421e92c8b48ac03652c571f1a4417d246bcea04c3dfc7aeeb132fc

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 14:16:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "6cfe-5bead85c23b06"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9991
Content-Length: 27902

GET
H/1.1 200
OK ed68779f-27a7-4b2b-9de3-756723316446-1043x380_305x320.jpeg
greenpost.ua/upload/news/2021/03/29/ 12 KB
12 KB 5ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/ed68779f-27a7-4b2b-9de3-756723316446-1043x380_305x320.jpeg?v=1617013558
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8419fa3cd1f0ae079a14643b25932f33145da154707d35c05634cd318d4a26cc

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 10:25:57 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2ef6-5beaa4eb8226e"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9991
Content-Length: 12022

GET
H/1.1 200
OK image-2021-03-29-13-48-11_305x320.png
greenpost.ua/upload/news/2021/03/29/ 22 KB
22 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/image-2021-03-29-13-48-11_305x320.png?v=1617014953
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: bc5767a8c612a7a1b9f2b0456e1738ac484bc44df598899f47658dd07fff7757

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 10:49:12 GMT
Server: Apache/2.4.38 (Debian)
ETag: "5820-5beaaa1d4713b"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9990
Content-Length: 22560

GET
H/1.1 200
OK 61b0b4a044367664_305x320.jpg
greenpost.ua/upload/news/2021/03/29/ 9 KB
9 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/29/61b0b4a044367664_305x320.jpg?v=1617009687
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 6ce92b957dc705da17bd5e5c5a702089ed344b6c64237d31d3ac7b777d18b9cc

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 09:21:27 GMT
Server: Apache/2.4.38 (Debian)
ETag: "22b8-5bea968018706"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9993
Content-Length: 8888

GET
H/1.1 200
OK 1560019ec71fe8b-zvglavnoe-foto-965x0_crop_305x320.png
greenpost.ua/upload/news/2021/01/15/ 6 KB
7 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/01/15/1560019ec71fe8b-zvglavnoe-foto-965x0_crop_305x320.png?v=1610723795
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 89a899d3061b6f9592d765b7db03b0b9eb2f47c9e923bf34dee7bf34afcce7e9

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 15 Jan 2021 13:55:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "193c-5b8f0b9422d0c"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9985
Content-Length: 6460

GET
H/1.1 200
OK 1504429459-3-03_305x320.jpg
greenpost.ua/upload/news/2020/12/24/ 7 KB
8 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/12/24/1504429459-3-03_305x320.jpg?v=1608805825
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: b679de86cc78f572e0d1351a457f2753acf15187e35d3f847d77935708794991

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 24 Dec 2020 09:25:14 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1df4-5b73262a2113a"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9990
Content-Length: 7668

GET
H/1.1 200
OK 2572434_305x320.jpg
greenpost.ua/upload/news/2020/12/16/ 9 KB
10 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/12/16/2572434_305x320.jpg?v=1608191438
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 2004776220cff1169b5ce0304ef46e374d0bfab6ceb34c380447fb8f2e3f63a8

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Wed, 16 Dec 2020 15:52:47 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2524-5b696dddf360a"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9993
Content-Length: 9508

GET
H/1.1 200
OK ew5d-z5omrfginxpwiu7-m-v4h6qwgbi_305x320.jpg
greenpost.ua/upload/news/2020/12/09/ 6 KB
6 KB 5ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2020/12/09/ew5d-z5omrfginxpwiu7-m-v4h6qwgbi_305x320.jpg?v=1607589589
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: f153052457c1310b3eb5d76abf723e89280603d3847a63fe1c1c27dec9210104

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Wed, 09 Dec 2020 18:03:32 GMT
Server: Apache/2.4.38 (Debian)
ETag: "189c-5b60be0966bdf"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9992
Content-Length: 6300

GET
H/1.1 200
OK logo.png
greenpost.ua/img/ 12 KB
12 KB 3ms
2ms Image
image/png 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/logo.png
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: e90f060af5185eb1ccbd4426d90ac6d8b9f7038564d710bffc8804231c4329a5

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 20 Oct 2020 06:09:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2e18-5b2141242a1c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9989
Content-Length: 11800

GET
H/1.1 200
OK 4b02fdd00702f4a7f2d34a68f05a6e3f.js Show response
greenpost.ua/assets/js-compress/ 316 KB
87 KB 8ms
7ms Script
application/javascript 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenpost.ua/assets/js-compress/4b02fdd00702f4a7f2d34a68f05a6e3f.js?v=1604589242
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: ce35fbfaac6c7f9991b48664b80912d9357b7eecf1ac1479d63e7dc8a4b55cc5

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Nov 2020 15:14:02 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4ef7d-5b35d8bd3b26d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9998

GET
H2 200 css
fonts.googleapis.com/ 2 KB
656 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=block&subset=cyrillic

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f79118ea8e92a768ac3258815ba07d1164af203c7c2fb6c9b9f4797a8d0fae7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 00:05:18 GMT
server: ESF
date: Tue, 30 Mar 2021 00:05:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 00:05:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
928 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:100,200,300,400,500,600,700,800,900&display=block&subset=cyrillic

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a9ba5dd2228ece9917005a58a1075927fea0b36a3ada97f932407fc291f5d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 00:05:18 GMT
server: ESF
date: Tue, 30 Mar 2021 00:05:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 00:05:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
924 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,300i,400,400i,700,700i,900,900i&display=block&subset=cyrillic

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f055cf8ef8a12cd0e9d9067343c154d1336b37fa2faa27d5bfbbc88bdc68a3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 00:05:18 GMT
server: ESF
date: Tue, 30 Mar 2021 00:05:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 00:05:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 108 KB
39 KB 18ms
13ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV6RQ4D

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

315af7137f99d2c1cd7ca5129793774ea563ff5c3b70e3039a8b11daee353e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40123
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:19 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d546760b7ae82884ce3abb20f084643fcdfd805332f72b75709f1260d23a6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JIXfmxbWpVOmtYulhNOnVQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: xfZOM6KxwvwmfLoiIbsXfPePl5Ms6dxgYgPcU8tFTMXMwnsWM1OF36ULXQ9/+7elUocsmI63nLAiaaTuX3jP1w==
x-fb-trip-id: 686109401
x-fb-content-md5: 56d28296846597caa91db85fcd952469
x-frame-options: DENY
date: Tue, 30 Mar 2021 00:05:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8dea12be76acc0991078819b768eee58"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 30 Mar 2021 00:19:55 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ 226 KB
85 KB 60ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4413437454243923&plah=greenpost.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86619
x-xss-protection: 0
server: cafe
etag: 10759459106970592627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 00:05:19 GMT

GET
H/1.1 200
OK green_arrow_down.svg
greenpost.ua/img/icons/ 1 KB
1 KB 3ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/green_arrow_down.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 38f88a773fef1fb9452fd5458eb29d4395ddd706a58ba343635092e63044ef05

Request headers

Referer: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4a2-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9984
Content-Length: 1186

GET
H/1.1 200
OK autors_row_text_bg.svg
greenpost.ua/img/ 4 KB
5 KB 3ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/autors_row_text_bg.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 09b7365c666a1afa12f23ffc09658260f5c75cd42cdfb4921f6829520621f373

Request headers

Referer: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1120-59dc1ab1e1e40"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9989
Content-Length: 4384

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v13/ 25 KB
26 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:100,200,300,400,500,600,700,800,900&display=block&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

898047769d83521b2ad32aba57922d9152cf4bd73d42ef1dbfa504c49edf91e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://greenpost.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 18:41:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:36:00 GMT
server: sffe
age: 537849
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26040
x-xss-protection: 0
expires: Wed, 23 Mar 2022 18:41:10 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 39 KB
39 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:100,200,300,400,500,600,700,800,900&display=block&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://greenpost.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 10:17:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:03:59 GMT
server: sffe
age: 308875
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39440
x-xss-protection: 0
expires: Sat, 26 Mar 2022 10:17:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/ Frame 06B6 10 KB
5 KB 7ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210322/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 29 Mar 2021 02:30:17 GMT
expires: Mon, 12 Apr 2021 02:30:17 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 77702
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ovoshchi-ogurtsy-pomidory-kapusta-kartofel-luk-chesnok-peret.jpg
greenpost.ua/upload/media/2021/03/29/ 116 KB
117 KB 4ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/media/2021/03/29/ovoshchi-ogurtsy-pomidory-kapusta-kartofel-luk-chesnok-peret.jpg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 89ecec2b746294ecf62caddf088b0c5eb498ac3f7478dba51ff3a3876762d7b1

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 15:56:56 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1d1e0-5beaeee63bf19"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9988
Content-Length: 119264

GET
H/1.1 200
OK i4gov75k.jpg
greenpost.ua/upload/media/2021/03/29/ 80 KB
80 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/media/2021/03/29/i4gov75k.jpg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8e7b895976d0e65e50ee44d5d7c61c28561df429fbc74d3a9888240ff9216690

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Mon, 29 Mar 2021 14:56:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "13e6a-5beae15d8748b"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9991
Content-Length: 81514

GET
H/1.1 200
OK video_play.svg
greenpost.ua/img/icons/ 1 KB
2 KB 3ms
2ms Image
image/svg+xml 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/img/icons/video_play.svg
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: d7807e6f71871409132c8b7a504ef81330435f7463b641dd246dfa419697862d

Request headers

Referer: https://greenpost.ua/assets/css-compress/ed0c0a9748819a86491661973468c6b2.css?v=1605728131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 04 Feb 2020 15:26:48 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4f5-59dc1ab1e2de0"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9987
Content-Length: 1269

GET
H3-Q050 200 u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
fonts.gstatic.com/s/merriweather/v22/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,400,400i,700,700i,900,900i&display=block&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3abda7fa1ac5c9bf5a0354237e403ce6c46723fffeeacf01d452d05f2b1c2bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://greenpost.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:22:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:38 GMT
server: sffe
age: 524599
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14648
x-xss-protection: 0
expires: Wed, 23 Mar 2022 22:22:00 GMT

GET
H3-Q050 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,400,400i,700,700i,900,900i&display=block&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://greenpost.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 13:38:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:53 GMT
server: sffe
age: 556010
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19300
x-xss-protection: 0
expires: Wed, 23 Mar 2022 13:38:29 GMT

GET
H3-Q050 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 18 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,400,400i,700,700i,900,900i&display=block&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://greenpost.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 10:22:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:44 GMT
server: sffe
age: 394987
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
expires: Fri, 25 Mar 2022 10:22:12 GMT

GET
H3-Q050 200 u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v22/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-eCZMZ-Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,400,400i,700,700i,900,900i&display=block&subset=cyrillic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a350ffe72bc35c87f22ca557ab9ea594159a80df5ca8590cb2bbd165a7472d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://greenpost.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 27 Mar 2021 06:32:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:35 GMT
server: sffe
age: 235942
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15288
x-xss-protection: 0
expires: Sun, 27 Mar 2022 06:32:57 GMT

GET
H/1.1 200
OK fa2d122326752dd7_1200x630.jpg
greenpost.ua/upload/news/2021/03/26/ 95 KB
95 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/26/fa2d122326752dd7_1200x630.jpg?v=1616758397
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 3522dc42cffb177dfd89532cfac8dbbdbd13557152dc68c3cf0f0e323e04a38a

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Fri, 26 Mar 2021 11:33:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "17bfe-5be6ee5fef039"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9986
Content-Length: 97278

GET
H/1.1 200
OK 1-4_640x360.jpg
greenpost.ua/upload/news/2021/03/25/ 31 KB
31 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/25/1-4_640x360.jpg?v=1616663617
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0f7121e06f610c806ccab6b307d22e503e84f7e83c5aa03ff8b59e20bec18865

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 25 Mar 2021 09:13:36 GMT
Server: Apache/2.4.38 (Debian)
ETag: "7b14-5be58d498d137"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9990
Content-Length: 31508

GET
H/1.1 200
OK 630-360-1606467968-661_640x360.png
greenpost.ua/upload/news/2021/03/18/ 29 KB
29 KB 3ms
3ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/18/630-360-1606467968-661_640x360.png?v=1616067415
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 19192f41f40c99863ab48c4616c4d03c6b2949dcec0ddeae85a9497f68615099

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Thu, 18 Mar 2021 11:36:54 GMT
Server: Apache/2.4.38 (Debian)
ETag: "74cc-5bdce04341ed8"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9983
Content-Length: 29900

GET
H/1.1 200
OK 1b28ffc-opalenia_640x360.jpg
greenpost.ua/upload/news/2021/03/13/ 8 KB
9 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/13/1b28ffc-opalenia_640x360.jpg?v=1615650258
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: b873c11fff519c1d41589038b81cfd41d9df9f6fae5dcfa34001ba7c14eb5116

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Sat, 13 Mar 2021 15:44:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2106-5bd6ce3b89d73"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9988
Content-Length: 8454

GET
H/1.1 200
OK unnamed_640x360.jpg
greenpost.ua/upload/news/2021/03/09/ 17 KB
17 KB 3ms
2ms Image
image/webp 2a01:4f8:10b:94d::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenpost.ua/upload/news/2021/03/09/unnamed_640x360.jpg?v=1615281482
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:10b:94d::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 13de62e67d7e18c787c52e15a141b291393b8ac37295e593ddf9a7217d8db56a

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Last-Modified: Tue, 09 Mar 2021 09:18:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4460-5bd1706f0f4b9"
Vary: Accept
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=9990
Content-Length: 17504

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 198 KB
60 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=2d3a8021bf09f3334210d4d598402915&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea7b9e56bdd43bc7f904436ac44e8300b2ac54af21d3f78d450fc358c85f0df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://greenpost.ua
Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NmzDRp7Z3Yk5e3tF3gttqw==
cross-origin-resource-policy: cross-origin
expires: Tue, 29 Mar 2022 22:39:32 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60986
x-fb-rlafr: 0
x-fb-debug: 6xNn6npjSj1YzfaiZ2zOTxnaqJKJ7zOZQax3dGyFtrhfyfapl7XKZ8uF18yjOpkkx/6Qa5456Kzv0tqel+Afmg==
x-fb-trip-id: 686109401
x-fb-content-md5: fe289b1fa1981ced8f0de5f06d688e9d
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 30 Mar 2021 00:05:19 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "41fc00c8af8aa80b21cd1bee0afebf91"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame 879F 637 B
517 B 13ms
13ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

server: nginx
date: Tue, 30 Mar 2021 00:05:19 GMT
content-type: text/html
last-modified: Fri, 19 Mar 2021 13:54:23 GMT
vary: Accept-Encoding
etag: W/"6054ad0f-27d"
expires: Sun, 20 Mar 2022 13:59:20 GMT
cache-control: max-age=31622400
access-control-allow-origin: https://m.alwakeelnews.com
access-control-allow-credentials: true
cache: HIT
x-cached-since: 2021-03-19T13:59:20+00:00
x-id: fr5-up-gc37
x-vhost-ver: 5960220520391311182
content-encoding: gzip

GET
H2 200 af0bee68301ea81d4ecb.b.js Show response
cdn.admixer.net/scripts3/ 82 KB
22 KB 15ms
14ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: acb8d9c7e9ffc6b6873755e1a15d74e39339218515d82dbda78d252a1c7f0f55

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:21 GMT
server: nginx
etag: W/"6054ad0d-14693"
vary: Accept-Encoding
x-cached-since: 2021-03-19T13:59:20+00:00
content-type: application/javascript
access-control-allow-origin: https://m.alwakeelnews.com
cache-control: max-age=31622400
access-control-allow-credentials: true
x-vhost-ver: 5960220520391311182
cache: HIT
expires: Sun, 20 Mar 2022 13:59:20 GMT

GET
H2 200 eea2a65c501c927510a8.b.js Show response
cdn.admixer.net/scripts3/ 91 KB
25 KB 16ms
15ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d288f94c0356f27b754ec69817e8578ea0bc9491cc9456331cc9c6de9640130b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:27 GMT
server: nginx
etag: W/"6054ad13-16d53"
vary: Accept-Encoding
x-cached-since: 2021-03-19T13:59:20+00:00
content-type: application/javascript
access-control-allow-origin: https://m.alwakeelnews.com
cache-control: max-age=31622400
access-control-allow-credentials: true
x-vhost-ver: 5960220520391311182
cache: HIT
expires: Sun, 20 Mar 2022 13:59:20 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
640 B 106ms
55ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=greenpost.ua&callback=_gfp_s_&client=ca-pub-4413437454243923

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4413437454243923&plah=greenpost.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

706853b490826d1d3143aa0052b364ff6dad885dfd928fed2bb10d75bdeb8224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=greenpost.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=greenpost.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 711C 54 B
235 B 50ms
49ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&adk=1812271804&adf=3025194257&lmt=1617062719&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617062719018&bpp=22&bdt=71&idt=341&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3118294486100&frm=20&pv=2&ga_vid=902713396.1617062719&ga_sid=1617062719&ga_hid=1779681269&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C44740079%2C44739387&oid=3&pvsid=3166768538204532&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=369

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4413437454243923&output=html&adk=1812271804&adf=3025194257&lmt=1617062719&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1617062719018&bpp=22&bdt=71&idt=341&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3118294486100&frm=20&pv=2&ga_vid=902713396.1617062719&ga_sid=1617062719&ga_hid=1779681269&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C44740079%2C44739387&oid=3&pvsid=3166768538204532&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=369
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 00:05:19 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 30-Mar-2021 00:20:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 00:05:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:19 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttps%3A//greenpost.ua/;hGreenPost;0.22269585219716137
https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//greenpost.ua/;hGreenPost;0.22269585219716137

413 B
867 B

60ms
59ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//greenpost.ua/;hGreenPost;0.22269585219716137

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

631c5057b3878e2864e0e23d2d274537c1506155f3475b292fe1285e18efa71e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 413
Expires: Sun, 29 Mar 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttps%3A//greenpost.ua/;hGreenPost;0.22269585219716137
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 29 Mar 2020 21:00:00 GMT

GET
H/1.1 200
OK s
r.i.ua/ 792 B
1 KB 155ms
51ms Image
image/png 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.i.ua/s?u230317&p4&n0.8947802998568153&c1&d24&w1600&h1200&rgreenpost.ua/
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: 52106d834df10aea6d2869c41d49818e69a854f4749d6101420fbbf18a482a71

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/png
Expires: 0

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 133 B
424 B 214ms
51ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16956153&s16956596&t0&c1&n464465&w0&y0&d24&r1600
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 873468f8251473ba69731d865cc51d0b6fb124dfddaed502bd450d2d476b2c2c

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV6RQ4D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6612
date: Mon, 29 Mar 2021 22:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 30 Mar 2021 00:15:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=121522292513787&ev=fb_page_view&dl=https%3A%2F%2Fgreenpost.ua%2F&rl=&if=false&ts=1617062719501&sw=1600&sh=1200&at=

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 30 Mar 2021 00:05:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-151732632-1&cid=902713396.1617062719&jid=1234593078&gjid=514693572&_gid=1021794027.1617062720&_u=YChAgEABAAAAAE~&z=962678748

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Mar 2021 00:05:19 GMT
content-type: text/plain
access-control-allow-origin: https://greenpost.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1779681269&t=pageview&_s=1&dl=https%3A%2F%2Fgreenpost.ua%2F&ul=en-us&de=UTF-8&dt=GreenPost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAAEABAAAAAG~&jid=1372001860&gjid=1312275370&cid=902713396.1617062719&tid=UA-167585258-1&_gid=1021794027.1617062720&_r=1&gtm=2wg3h0PV6RQ4D&z=1315955547

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greenpost.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1779681269&t=pageview&_s=1&dl=https%3A%2F%2Fgreenpost.ua%2F&ul=en-us&de=UTF-8&dt=GreenPost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgEAB~&jid=1234593078&gjid=514693572&cid=902713396.1617062719&tid=UA-151732632-1&_gid=1021794027.1617062720&gtm=2wg3h0PV6RQ4D&z=442723672

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Mar 2021 13:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
115 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-151732632-1&cid=902713396.1617062719&jid=1234593078&_u=YChAgEABAAAAAE~&z=1254385113

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
23ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-151732632-1&cid=902713396.1617062719&jid=1234593078&_u=YChAgEABAAAAAE~&z=1254385113

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
63 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-167585258-1&cid=902713396.1617062719&jid=1372001860&gjid=1312275370&_gid=1021794027.1617062720&_u=YCjAAEABAAAAAG~&z=408310799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Mar 2021 00:05:19 GMT
content-type: text/plain
access-control-allow-origin: https://greenpost.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b60_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 154ms
49ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b60_top.gif
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 62809c09f78bcbcf1233cfcde966c640fd0ad54e1b5ef157dcac1897180f44d8

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Fri, 02 Apr 2021 00:05:19 GMT

GET
H2 200 b60_center.gif
i.bigmir.net/cnt/samples/diagonal/ 79 B
250 B 154ms
49ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b60_center.gif
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 89d15e8d6c0a69d8914c2c2363200b5fc3033c509439795e5bbe144974038e81

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 79
expires: Fri, 02 Apr 2021 00:05:19 GMT

GET
H2 200 b60_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 154ms
50ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b60_bottom.gif
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 1101aeb68ba6cbf1f0592f3aec94fc2820012891b0543d3b5c54d0cb48324b36

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Fri, 02 Apr 2021 00:05:19 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1617062719648

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/assets/js-compress/4b02fdd00702f4a7f2d34a68f05a6e3f.js?v=1604589242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2248476
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
cf-request-id: 09220c08aa00002c36b21d7000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GfFg6EWbva9gqtt%2BQAVycSQuHHsjvm%2FeROrgYRPpiI0N78IEEsxiXjZhtKdYHA%2BU3gn451evIwXrN55SnJgZKoESUC4qG6DryivstloJL8uH%2BBdI2UUGhqNN6EezL5AweQ%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 637d15edde142c36-FRA
expires: Sun, 20 Mar 2022 00:05:19 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 25 KB
25 KB 146ms
99ms Script
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=6819577971407589&cpv=bbba4031-427c-f8ae-feab-580e40dbcff8&responseType=default&uids=%7B%7D&data=%7B%22id%22%3A%22f6d23607-1470-4be8-f005-2025d5aade63%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fgreenpost.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22871a7545-e7e4-856a-43c2-d4461e9d0175%22%2C%22tagid%22%3A%22a8e44abc-8fad-4880-b2e3-54ea8a778a0b%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_a8e44abc8fad4880b2e354ea8a778a0b_zone_53491_sect_15746_site_11871%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22d78c6b15-ca69-a606-db79-fb8dd64d778e%22%2C%22tagid%22%3A%22b8dc5c91-3421-4f2d-9306-5e15a6127404%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_b8dc5c9134214f2d93065e15a6127404_zone_53492_sect_15746_site_11871%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22dbbbd5ad-3e42-d867-1013-c9ebca49ddc8%22%2C%22tagid%22%3A%22208f0ef3-1050-47f0-b77f-cd394717df9a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_208f0ef3105047f0b77fcd394717df9a_zone_53497_sect_15746_site_11871%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22ccf9e02d-b53b-a367-34a1-2e9a3fc32b7c%22%2C%22tagid%22%3A%22aead1f5d-5198-4e49-8205-c86928d043c9%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_aead1f5d51984e498205c86928d043c9_zone_53494_sect_15746_site_11871%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%222ebf444b-ef2e-0dfc-02d3-17860dbbbbc0%22%2C%22tagid%22%3A%22248d4e44-14c3-4152-a5cd-c8dd25e961f0%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_248d4e4414c34152a5cdc8dd25e961f0_zone_53496_sect_15746_site_11871%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A5%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

a38c7adb14d9cd9c1dc6f1f006a45eb5d5f5b96f7f4c30c4ef9e469dbd5bb707

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
X-XSS-Protection: 0

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 196 B
414 B 328ms
251ms XHR
application/json 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=6725&sizes=300x600|240x400|250x250|300x250|300x400|240x600|300x300|300x500|234x60|300x100|300x50|216x36|300x75|216x54|168x42&referer=https%3A%2F%2Fgreenpost.ua%2F
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: cadda4a56adf0582b830e66b16e119979331e190089d5e7bf4c9d903564b10cd

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 57ms
19ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 196 B
410 B 536ms
461ms XHR
application/json 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=6725&sizes=200x200|250x250|300x250|300x50|300x75|120x240|216x36|216x54|168x42|192x53&referer=https%3A%2F%2Fgreenpost.ua%2F
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: fd43e6806a4df509a6aedc1ba81bd7fb29918d967a2d52dc35586cb91be15f64

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 55ms
19ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 220a3ab992256d1ee152.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
11 KB 7ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/220a3ab992256d1ee152.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:13 GMT
server: nginx
etag: W/"6054ad05-7029"
vary: Accept-Encoding
x-cached-since: 2021-03-19T13:59:20+00:00
content-type: application/javascript
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: max-age=31622400
access-control-allow-credentials: true
x-vhost-ver: 5960220520391311182
cache: HIT
expires: Sun, 20 Mar 2022 13:59:20 GMT

GET
H2 200 ede2c96e6a0d474ef44e.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
18 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ede2c96e6a0d474ef44e.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:26 GMT
server: nginx
etag: W/"6054ad12-a7af"
vary: Accept-Encoding
x-cached-since: 2021-03-19T13:59:20+00:00
content-type: application/javascript
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: max-age=31622400
access-control-allow-credentials: true
x-vhost-ver: 5960220520391311182
cache: HIT
expires: Sun, 20 Mar 2022 13:59:20 GMT

GET
H2 200 ef30fd68f07ce65f2dec.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ef30fd68f07ce65f2dec.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:27 GMT
server: nginx
etag: W/"6054ad13-326c"
vary: Accept-Encoding
x-cached-since: 2021-03-19T13:59:20+00:00
content-type: application/javascript
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: max-age=31622400
access-control-allow-credentials: true
x-vhost-ver: 5960220520391311182
cache: HIT
expires: Sun, 20 Mar 2022 13:59:20 GMT

GET
H2 200 c9b3c2772742a8f4dab8.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c9b3c2772742a8f4dab8.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:24 GMT
server: nginx
etag: W/"6054ad10-2a79"
vary: Accept-Encoding
x-cached-since: 2021-03-19T13:59:20+00:00
content-type: application/javascript
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: max-age=31622400
access-control-allow-credentials: true
x-vhost-ver: 5960220520391311182
cache: HIT
expires: Sun, 20 Mar 2022 13:59:20 GMT

GET
H2 200 7afed1240a73cc8fe781.b.js Show response
cdn.admixer.net/scripts3/ 213 KB
74 KB 9ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/7afed1240a73cc8fe781.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 53440711de93fef828863a40049492fc82111e15f604046ba5088ede84aa6038

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 13:54:18 GMT
server: nginx
etag: W/"6054ad0a-354d5"
vary: Accept-Encoding
x-cached-since: 2021-03-19T13:59:22+00:00
content-type: application/javascript
access-control-allow-origin: https://m.alwakeelnews.com
cache-control: max-age=31622400
access-control-allow-credentials: true
x-vhost-ver: 5960220520391311182
cache: HIT
expires: Sun, 20 Mar 2022 13:59:22 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 9 KB
4 KB 366ms
294ms XHR
application/json 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=6725&sizes=728x90|728x15&referer=https%3A%2F%2Fgreenpost.ua%2F
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: e933c484b5a17a06b1e0899a7aa77bf540002624ce32ce31b358f17e0af19bda

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 52ms
19ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 9 KB
4 KB 572ms
502ms XHR
application/json 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=6725&sizes=728x90|728x15|970x90|730x90|1000x90&referer=https%3A%2F%2Fgreenpost.ua%2F
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: 6c26056b2f8658f752c4100a183bfb4949414ecdd10a6a723fe3ccd1f6f4797b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 52ms
20ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 126ms
41ms Image
image/gif 54.72.174.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=82a8d709f6af4fdb8df4ed7bb311632a&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.174.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-174-106.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bdac8148-a470-5259-b37d-d513d31fbe2c

43 B
448 B

59ms
30ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bdac8148-a470-5259-b37d-d513d31fbe2c

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bdac8148-a470-5259-b37d-d513d31fbe2c
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ODJhOGQ3MDlmNmFmNGZkYjhkZjRlZDdiYjMxMTYzMmE&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEF2u1DV8DDXyiXUm5Aq8JzY&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a

35 B
351 B

36ms
35ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5860576505
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Av4Je_dhBXkWVcsKxWD7nQA

43 B
448 B

23ms
22ms

Image
image/gif

146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Av4Je_dhBXkWVcsKxWD7nQA

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Tue, 30 Mar 2021 00:05:20 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=Av4Je_dhBXkWVcsKxWD7nQA
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEMlwlUFt1FvCnQiG4mj_d5o&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a

35 B
351 B

28ms
17ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=82a8d709f6af4fdb8df4ed7bb311632a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2

200

cm-notify
ams.creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
252 B

17ms
16ms

Image
image/gif

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:19 GMT, Tue, 30 Mar 2021 00:05:19 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
date: Tue, 30 Mar 2021 00:05:19 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 81ms
28ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=82a8d709f6af4fdb8df4ed7bb311632a
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2

200

pic.gif
pa.tns-ua.com/bug/
Redirect Chain

https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=82a8d709f6af4fdb8df4ed7bb311632a
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z5B3C8F87AB540D4BBA254639DAF114A&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=82a8d709f6af4fdb8df4ed7bb311632a

56 B
174 B

46ms
45ms

Image
image/gif

194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z5B3C8F87AB540D4BBA254639DAF114A&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=82a8d709f6af4fdb8df4ed7bb311632a
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.16.0
content-type: image/gif
expires: -1

Redirect headers

location: http://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z5B3C8F87AB540D4BBA254639DAF114A&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=82a8d709f6af4fdb8df4ed7bb311632a
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 0
expires: -1

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=82a8d709f6af4fdb8df4ed7bb311632a&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=82a8d709f6af4fdb8df4ed7bb311632a&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f279bf10-158f-47e0-b8e2-386393d2bdab&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]

43 B
324 B

61ms
28ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f279bf10-158f-47e0-b8e2-386393d2bdab&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:20 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=f279bf10-158f-47e0-b8e2-386393d2bdab&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]
date: Tue, 30 Mar 2021 00:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F5FA 57 KB
20 KB 70ms
55ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba54b62797005aad60352602c7ab7efbbde2a16b46a52b488d7706e788f5920a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "827 / 336 of 1000 / last-modified: 1617055937"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19640
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:19 GMT

GET
H2 200 googletag-catfish.min.js Show response
cdn.admixer.net/scripts2/ Frame F5FA 7 KB
3 KB 6ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts2/googletag-catfish.min.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ff18e6bf184bd659c14d230a8551bba2902c2b548050d9f3c746c78122e4228c

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Tue, 30 Mar 2021 00:05:19 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 13:38:59 GMT
server: nginx
etag: W/"5c1cecf3-1c95"
vary: Accept-Encoding
x-cached-since: 2020-11-05T12:21:15+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
x-vhost-ver: 5960220520391311182
expires: Sat, 06 Nov 2021 12:21:14 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 78ms
28ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&zone=208f0ef3-1050-47f0-b77f-cd394717df9a&rule=00f55343-6db8-4868-968e-40d0fac1ea80&requestId=6d5a2a2b-4b2e-41d0-a132-be00a468cedf&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:19 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 76ms
23ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=18&profile=a0e4ef3e-1f40-4319-a1cf-b36a82b3abd5&zone=aead1f5d-5198-4e49-8205-c86928d043c9&device=28&rule=70c73822-2c4a-4002-86b0-2d7acbfe481e&requestId=967d6418-1cc9-4384-a439-7e122b58d2af&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 69ms
22ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=18&profile=a0e4ef3e-1f40-4319-a1cf-b36a82b3abd5&zone=b8dc5c91-3421-4f2d-9306-5e15a6127404&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=6b8583fe-a562-4422-b4ff-061b984a466b&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 33ms
22ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=18&profile=a0e4ef3e-1f40-4319-a1cf-b36a82b3abd5&zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0&device=28&rule=70c73822-2c4a-4002-86b0-2d7acbfe481e&requestId=f297fa5a-e3bd-4d74-bbb6-5ad440b1e19f&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 49ms
25ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=18&profile=a0e4ef3e-1f40-4319-a1cf-b36a82b3abd5&zone=a8e44abc-8fad-4880-b2e3-54ea8a778a0b&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=f67fed9e-3b71-4046-bf3f-34c24d37ded6&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=2c5ef17d-b996-4a90-aedf-0ff46df1ce39&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 pubads_impl_2021032202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F5FA 286 KB
101 KB 90ms
29ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 18:01:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102487
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame F5FA 107 B
777 B 42ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=greenpost.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame F5FA 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=greenpost.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F5FA 104 KB
30 KB 329ms
300ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1794779613816806&correlator=4332060942509779&output=ldjh&impl=fifs&eid=31060550%2C31060367%2C44739387&vrg=2021032202&ptt=17&sc=1&sfv=1-0-38&ecs=20210330&iu_parts=29636627%2Cgreenpost.ua_970x90_catfish&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&cdm=greenpost.ua&bc=31&abxe=1&lmt=1617062720&dt=1617062720179&dlt=1617062719915&idt=247&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=466794599&ucis=ivugbipiche7&ifi=1&ifk=19465202&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fgreenpost.ua%2F&top=https%3A%2F%2Fgreenpost.ua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1825999212&ga_fc=true&fws=384&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5f18dea943c830d36ce23599c47fc8cd3ab17677404d4c2a1d75809838073ecd

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSllojc1u8CFcO8dwod8jUOTA&gqi=&layout=/sadbundle/%24csp%253Der3%24/377536914903536029/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSllojc1u8CFcO8dwod8jUOTA&gqi=&layout=/sadbundle/%24csp%253Der3%24/377536914903536029/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29148
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 30 Mar 2021 00:05:20 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://greenpost.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F5FA 0
0 29ms
13ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame F5FA 0
0 6ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2E6F 138 KB
49 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feea6127a153da9ba9d4553649cbc353d8d3e504a0406d59e2828b1d506147c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49709
x-xss-protection: 0
server: cafe
etag: 2439029923726210354
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 25ms
25ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=18&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0&device=28&rule=70c73822-2c4a-4002-86b0-2d7acbfe481e&requestId=f297fa5a-e3bd-4d74-bbb6-5ad440b1e19f&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 25ms
24ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0&rule=454dc435-ba39-4289-9b99-b04f0b05801f&requestId=f297fa5a-e3bd-4d74-bbb6-5ad440b1e19f&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

POST
H2 200 bid_won Show response
a4p.adpartner.pro/hb/ 0
135 B 180ms
34ms XHR
text/plain 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid_won?ad=42.968bcc43c33b&tag=6725&geo=31,0&device=1,5&cost=0.30464
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/ Frame 34C3 180 KB
58 KB 155ms
16ms Script
text/javascript 2600:9000:2182:2800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bff07d26b9a985efa8511d0cf36899933c4a02fc21eb57576b8bc8763107e0fc

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:36:08 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 22:34:56 GMT
server: AmazonS3
age: 1752
etag: W/"39c427d6d03a8effd70d0bbec5ce77ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: AOpQa2A2T8YSTzs0blTeqf8oY_DWu2.a
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control: public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: DUS51-C1
content-type: text/javascript
x-amz-cf-id: eJVaieLrMUghwDqjAB-u5GGn-r0-8-YDKmcVG0Ig3Rs6XJFrp8YgDw==

GET
H2 200 if
a4p.adpartner.pro/tracker/ Frame 34C3 0
139 B 94ms
93ms Image
image/gif 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22f1d4e4e2b3985dbb0920c9a0a2676ace%22%2C%22dsp_id%22%3A42%7D%5D%2C%22unit_id%22%3A6725%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apuid%22%3A%22899049ad-2263-4681-b6e3-18a3bb4c3591%22%2C%22apsid%22%3A%22d4ec3f26-5aef-4c56-8496-a807d564afa6%22%2C%22use_viewability%22%3Afalse%2C%22data%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fgreenpost.ua%2F%22%7D
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-cache, no-store, must-revalidate, no-store no-transform
server: nginx
content-type: image/gif
content-length: 0
expires: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 23ms
22ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=b8dc5c91-3421-4f2d-9306-5e15a6127404&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=6b8583fe-a562-4422-b4ff-061b984a466b&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjc1NTIA&cpm=0.167552&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ Frame 2E6F 226 KB
85 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4413437454243923&plah=greenpost.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86619
x-xss-protection: 0
server: cafe
etag: 10759459106970592627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BC25 138 KB
49 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

feea6127a153da9ba9d4553649cbc353d8d3e504a0406d59e2828b1d506147c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49709
x-xss-protection: 0
server: cafe
etag: 2439029923726210354
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 23ms
23ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=18&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=aead1f5d-5198-4e49-8205-c86928d043c9&device=28&rule=70c73822-2c4a-4002-86b0-2d7acbfe481e&requestId=967d6418-1cc9-4384-a439-7e122b58d2af&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 23ms
23ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&zone=aead1f5d-5198-4e49-8205-c86928d043c9&rule=eac5e94a-5bf3-4679-a8fe-3ebe2cc7b385&requestId=967d6418-1cc9-4384-a439-7e122b58d2af&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 34C3 15 B
196 B 314ms
105ms XHR
application/json 34.194.182.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.194.182.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-213.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
content-length: 15
content-type: application/json; charset=utf-8

POST
H2 200 report Show response
gw.geoedge.be/api/ Frame 34C3 15 B
195 B 394ms
191ms XHR
application/json 34.194.182.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/report
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.194.182.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-213.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
content-length: 15
content-type: application/json; charset=utf-8

GET
H2 400 %%WIDTH%%x%%HEIGHT%%.json
rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/ Frame 34C3 0
0 9ms
8ms Script
text/html 2600:9000:2182:2800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/%%WIDTH%%x%%HEIGHT%%.json
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 bid_won Show response
a4p.adpartner.pro/hb/ 0
134 B 35ms
35ms XHR
text/plain 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid_won?ad=42.968bcc43c33b&tag=6725&geo=31,0&device=1,5&cost=0.30396
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/af0bee68301ea81d4ecb.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://greenpost.ua
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/ Frame 1E1B 180 KB
58 KB 14ms
13ms Script
text/javascript 2600:9000:2182:2800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bff07d26b9a985efa8511d0cf36899933c4a02fc21eb57576b8bc8763107e0fc

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:36:08 GMT
content-encoding: br
last-modified: Mon, 29 Mar 2021 22:34:56 GMT
server: AmazonS3
age: 1752
etag: W/"39c427d6d03a8effd70d0bbec5ce77ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: AOpQa2A2T8YSTzs0blTeqf8oY_DWu2.a
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cache-control: public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: DUS51-C1
content-type: text/javascript
x-amz-cf-id: AkEhW7whEpvJTwFiJpZPvTOUFD-qGo660RH6jW8LB_GLj5wlmzQthQ==

GET
H2 200 if
a4p.adpartner.pro/tracker/ Frame 1E1B 0
139 B 94ms
93ms Image
image/gif 37.187.205.228
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a4p.adpartner.pro/tracker/if?data=%7B%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A0%2C%22rule_id%22%3A0%2C%22show_id%22%3A%223ba82e99bc471416bf494674b476361c%22%2C%22dsp_id%22%3A42%7D%5D%2C%22unit_id%22%3A6725%2C%22region_id%22%3A31%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22apuid%22%3A%2201de5486-a5e2-4ef9-9600-5115afea363f%22%2C%22apsid%22%3A%22da52fda8-29a3-4d16-9779-fb3df4c3eb91%22%2C%22use_viewability%22%3Afalse%2C%22data%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fgreenpost.ua%2F%22%7D
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.205.228 , France, ASN16276 (OVH, FR),
Reverse DNS: app-04.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: no-cache, no-store, must-revalidate, no-store no-transform
server: nginx
content-type: image/gif
content-length: 0
expires: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 23ms
22ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=a8e44abc-8fad-4880-b2e3-54ea8a778a0b&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=f67fed9e-3b71-4046-bf3f-34c24d37ded6&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjcxNzgA&cpm=0.167178&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:20 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 2E6F 12 B
202 B 58ms
57ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=greenpost.ua&callback=_gfp_s_&client=ca-pub-4413437454243923&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2E6F 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=greenpost.ua

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2E6F 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=greenpost.ua

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83B5 91 KB
34 KB 442ms
442ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e62a85c7ef050775bc65d5d57a9191fb7eec6e4d0d0c0ca027b62e43e2e90bd

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COW1pIjc1u8CFYKtewodDboOGQ&gqi=QGtiYK_hHsKQgAfkgJ-oDw&layout=/sadbundle/%24csp%253Der3%24/9912970544353279076/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlB39FNhoAFV56Qx12QoXawb8X4gyiEKhgcTvIZGnKJNRPOt2UNMY-3Ef3s4YA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COW1pIjc1u8CFYKtewodDboOGQ&gqi=QGtiYK_hHsKQgAfkgJ-oDw&layout=/sadbundle/%24csp%253Der3%24/9912970544353279076/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 00:05:20 GMT
server: cafe
content-length: 33848
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2E6F 8 KB
7 KB 48ms
34ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013dd4caceb194ae1f26bbf2d272914ee5f3a241d0787684b83ed5e739baf2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6565
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E6F 73 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/ Frame BC25 226 KB
85 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210322/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4413437454243923&plah=greenpost.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86619
x-xss-protection: 0
server: cafe
etag: 10759459106970592627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Mar 2021 00:05:20 GMT

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 1E1B 15 B
195 B 316ms
218ms XHR
application/json 34.194.182.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.194.182.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-213.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
content-length: 15
content-type: application/json; charset=utf-8

POST
H2 200 report Show response
gw.geoedge.be/api/ Frame 1E1B 15 B
195 B 308ms
211ms XHR
application/json 34.194.182.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/report
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.194.182.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-182-213.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
etag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
content-length: 15
content-type: application/json; charset=utf-8

GET
H2 400 %%WIDTH%%x%%HEIGHT%%.json
rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/ Frame 1E1B 0
0 11ms
8ms Script
text/html 2600:9000:2182:2800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/%%WIDTH%%x%%HEIGHT%%.json
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/9e907616-eb95-4c0f-adb9-ccf822981d6a/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:2800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html Show response
e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 162B 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Mar 2021 00:05:20 GMT
expires: Wed, 30 Mar 2022 00:05:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F5FA 274 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27ca2405b9faac0e7915decc2aa1ddc9e47699ab7073ac4c5c1cd8a7f9517a32

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5FA 73 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F5FA 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

103035edef55f84e682cc4412e2e933b0b741a1eda9ae61f1a0302815856b81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6525
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E6F 17 KB
7 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F5FA 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame BC25 202 B
220 B 113ms
113ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=greenpost.ua&callback=_gfp_s_&client=ca-pub-4413437454243923&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b612fad94bf43099391861eb2690dc761fa0e5fb093c6d9ed67c3986994ba408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame BC25 107 B
123 B 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=greenpost.ua

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame BC25 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=greenpost.ua

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21F6 91 KB
33 KB 215ms
215ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f35156e7fe314e28c727b3b67e5aaa8444efce46dd09296723f5038b4b7725b0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfJqojc1u8CFRkZ4AodfuYDbg&gqi=QGtiYL33JJeX-gbbhoTwDA&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlB39FNhoAFV56Qx12QoXawb8X4gyiEKhgcTvIZGnKJNRPOt2UNMY-3Ef3s4YA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfJqojc1u8CFRkZ4AodfuYDbg&gqi=QGtiYL33JJeX-gbbhoTwDA&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Mar 2021 00:05:20 GMT
server: cafe
content-length: 33686
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BC25 8 KB
6 KB 24ms
24ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0571dfd7b16be12243b0cb502b32499747392cd6e5610d2676b5d43521a0b93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6481
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC25 73 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017733465819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame 9965 1 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

988be38bfa0ea8236c14745f92bb044e2611f17b795606a5cdaac420c96187da

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/377536914903536029/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 564
date: Tue, 23 Mar 2021 23:23:12 GMT
expires: Wed, 23 Mar 2022 23:23:12 GMT
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 520928
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1457 0
0 56ms
56ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUx9jQGtiYNSFEcP53gPy67jgBM-wqbZh0_6dt4QNmJmCgoMiEAEg4-C8I2CRhJOF_BegAdSd0aMDyAEJqQIV6rWGF76zPuACAKgDAcgDCKoEzgFP0K3ao16xGxZLZHAoMkOu7ygYwZY4mFtDGViL8IUOW2v4BNMtLe_QW67rICum3bonTwUiXrN6CD0XuQqn4HJuSAxmnxeVW2_sAwc6G7fRLFDtbRW8yb5zJPi7obnp9YWxlGj5lfyU1eep_1kk3-ZMMci1PfSGs9Nw57tB7rTb_DGRSM_bM8DSD1Mb7qZcnR7XvhmM5C7YmuyKO1HN8XOxkDpvCAgqHlGanKhVHWq2CfVBjObYNksabQ9yx-9w-nU563rDf_3bnBv8MSDfJsAEh7Dp3L8D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5TirlyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQieUE0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04OTgyODc2Mzc1MzcxNjMxgAoDyAsB2BMNshcaChgIABIUcHViLTMzNzk5NjkxMTY5NTAxOTk&sigh=CY1fbGEjRxk&template_id=419&tpd=AGWhJmtg5WPJ_bvg0WLJYY3vCzqo8RuLknw6onu-aAGNx6HJyw
Requested by: Host: greenpost.ua
URL: https://greenpost.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 1457 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:36:18 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 1457 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:42:43 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1457 118 KB
36 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 1457 12 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:16:59 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BC25 17 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D3F4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 29 Mar 2021 23:08:44 GMT
expires: Tue, 29 Mar 2022 23:08:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3396
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 460E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 29 Mar 2021 23:08:44 GMT
expires: Tue, 29 Mar 2022 23:08:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3396
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D6D 143 B
216 B 9ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com
URL: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlB39FNhoAFV56Qx12QoXawb8X4gyiEKhgcTvIZGnKJNRPOt2UNMY-3Ef3s4YA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Mar 2021 23:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2520
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F1C1 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 29 Mar 2021 23:08:44 GMT
expires: Tue, 29 Mar 2022 23:08:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3396
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9965 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9965 22 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame 9965 835 B
2 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89f9a7b6549d1c89080bb6fd3c8180dd2e4b218a6e72d4429027985e3bf52ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 250724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 405
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Sat, 27 Mar 2021 02:26:36 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 02:26:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ Frame 9965 81 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379703
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29195
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 14:36:57 GMT

GET
H2 200 tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9965 113 KB
38 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38738
x-xss-protection: 0
last-modified: Thu, 31 May 2018 15:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 animation.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame 9965 626 B
474 B 10ms
9ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/animation.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1e3bbf089fb747849714523d0d42d7fa6f5a0ff45a295430e47ba82e41fbcd8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 520928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 355
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Tue, 23 Mar 2021 23:23:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 23:23:12 GMT

GET
H3-Q050 200 1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame 9965 65 KB
66 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f66f48a8ffd7cbfc8c1943081ae68a29c33c442fb42437f7da405d8d0a75d33

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66962
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Tue, 23 Mar 2021 23:23:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 23:23:12 GMT

GET
H3-Q050 200 2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/ Frame 9965 31 KB
31 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/377536914903536029/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bfeceee6f05b7b6aaa98bc638560e4c55533eff85ee8dff2e04bbdb4edc1d46

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 520928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32016
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 10:00:15 GMT
server: sffe
date: Tue, 23 Mar 2021 23:23:12 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 23:23:12 GMT

GET
DATA 200
OK truncated
/ Frame 1457 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59344f1d076c4b7ba52dd683d290502e4854d0b73cb5712da4701cb908ea8074

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
135 B

15ms
15ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com
URL: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlB39FNhoAFV56Qx12QoXawb8X4gyiEKhgcTvIZGnKJNRPOt2UNMY-3Ef3s4YA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 00:05:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 30-Mar-2021 01:05:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 00:05:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 00:05:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dae5ce5e624eea85dc85a2a36d08fc8accbc68f88e8ea48a5edb82da577aca55

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9424655380617087832/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3507
date: Fri, 26 Mar 2021 04:39:23 GMT
expires: Sat, 26 Mar 2022 04:39:23 GMT
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 329157
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 21F6 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwPTcQGtiYPepJZmygAf-zI_wBrWx5u9hwrO5ysANmPKI50cQASDEiKh8YJWKuILIB6ABvbGA2QPIAQmpAhXqtYYXvrM-qAMByANIqgS7AU_Q7lI_b7ATlXFXLdJysHSYsQrzb2nZuRn_Cbn0Vz86pxrWPVFfHnOGXvF-XlJpw11lX4jSn7Hi3ZYXsr3z2Ktt7EaUp33WSjvlYmErc_B7OG7Y5zlKE4gjCnbtSfW1WtL-QjDSUqIA1rSCVLDRtQa3hHvCF8ApJ6x9Uc56_XzoLuwKbkTsk7FXM2AsgjNYbCxB_rUD8GGjEA09QuQ9WnPmPPQkQSWZviqnYDI0tq9ttlooeXZS3fSqf-jABPqQzNC8A5IFBAgEGAGSBQQIBRgEoAYugAerzv8mqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJn-GdIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi00NDEzNDM3NDU0MjQzOTIz&sigh=ez4hEHhyXvQ&template_id=419&tpd=AGWhJmsmHVj03LZ_J7tn3cvKEEZTAGAwGZ9pues10ylUKbbw6w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Mar 2021 00:05:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 21F6 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:36:18 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 21F6 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:42:43 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21F6 118 KB
36 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 21F6 12 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:16:59 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 21F6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGPIRO3nlD9v8ukSRJbGNhptxfAHELbzejQjb5XrjIXEOVfIPko1MTijw_buZGvgAJ7eFgiackfRCZsTA_FuDJjbMa9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame D3F4 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 23:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 261871
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Sat, 26 Mar 2022 23:20:49 GMT

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 460E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 23:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 261871
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Sat, 26 Mar 2022 23:20:49 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDE0 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlB39FNhoAFV56Qx12QoXawb8X4gyiEKhgcTvIZGnKJNRPOt2UNMY-3Ef3s4YA; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=250&slotname=9481117353&adk=3616364478&adf=3279755405&pi=t.ma~as.9481117353&w=300&psa=0&format=300x250&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720506&bpp=4&bdt=106&idt=81&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8%3AT%3D1617062719%3AS%3DALNI_MZmN0sjLXpP8dmywk8brSOV8VLBVQ&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062721&ga_hid=44163222&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=2224&biw=1600&bih=1200&isw=300&ish=250&ifk=2050141220&scr_x=0&scr_y=0&eid=21068083%2C44740079%2C44739387&oid=3&pvsid=3825679655722784&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.fad7xzcpyg87&btvi=1&fsb=1&dtd=89

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Mar 2021 23:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2520
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame F1C1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 23:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 261871
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Sat, 26 Mar 2022 23:20:49 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 21F6 0
88 B 42ms
42ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfJqojc1u8CFRkZ4AodfuYDbg&gqi=QGtiYL33JJeX-gbbhoTwDA&layout=/sadbundle/%24csp%253Der3%24/9424655380617087832/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 85CF 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 85CF 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 13:07:30 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 85CF 2 KB
631 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 00:05:20 GMT
server: ESF
date: Tue, 30 Mar 2021 00:05:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 00:05:20 GMT

GET
H3-Q050 200 HYPE-712.thin.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 55 KB
25 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/HYPE-712.thin.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b32fb196b8de979c40886c7230e9d3a39f291f281fdf2e82c99c038607747c48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 532731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24394
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 23 Mar 2021 20:06:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 20:06:29 GMT

GET
H2 200 pf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 1 KB
1 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/pf.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 317232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 26 Mar 2021 07:58:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 07:58:09 GMT

GET
H2 200 bg300-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 8 KB
9 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/bg300-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7eab1a8b40da1c5bc4647e55ebfc210432a2373ceb71ae566792a0a6e0fbad1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 61685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8190
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Mon, 29 Mar 2021 06:57:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Mar 2022 06:57:16 GMT

GET
H2 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 2 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 558410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 23 Mar 2021 12:58:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 12:58:31 GMT

GET
H2 200 stoerer3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 18 KB
18 KB 13ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/stoerer3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 543327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 23 Mar 2021 17:09:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 17:09:54 GMT

GET
H2 200 maxtra1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/maxtra1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 239036
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1778
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Sat, 27 Mar 2021 05:41:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 05:41:25 GMT

GET
H2 200 m1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 18 KB
18 KB 10ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 317232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18009
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Fri, 26 Mar 2021 07:58:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 07:58:09 GMT

GET
H3-Q050 200 m2-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 17 KB
17 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m2-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 522106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Tue, 23 Mar 2021 23:03:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 23:03:35 GMT

GET
H3-Q050 200 m3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/ Frame 85CF 17 KB
17 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/m3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9424655380617087832/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 508635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17428
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:16:46 GMT
server: sffe
date: Wed, 24 Mar 2021 02:48:06 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 02:48:06 GMT

GET
DATA 200
OK truncated
/ Frame 21F6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e792d080b7c41da4c842d8518f520f7d6d7edaa561b7a436e357aa857cf2ea3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 12 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490a3785287bdf6be7860b7eebc824812359017bd2cb339253e286aa2147ba9f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9912970544353279076/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4028
date: Fri, 26 Mar 2021 13:59:15 GMT
expires: Sat, 26 Mar 2022 13:59:15 GMT
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 295566
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 83B5 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeEsgQGtiYOWVH4Lb7gON9LrIAbWx5u9hurm5ysANmPKI50cQASDEiKh8YJWKuILIB6ABvbGA2QPIAQmpAhXqtYYXvrM-qAMByANIqgS7AU_QrAeKLpiSBKmGCYoWIGIgdsr86DCzqbUJhy3Tm4N_CFSb8hAqJM530B6IFia6qIxlNXFMHmHi_Az9r2K_xqSfeiToCg-0pkchek2aYwJm3A6u0dA4kEvD2LSmPeXA298Z0IfxPBtbsueZm_zkw6PjDEtvue8dhTYni0Ch65ZTPc4289nJhrdFFVMi3XPOEfkb65sw31qm4lldpbTAMiQtl4bXUUsqI15hc803DWKiT5dz8jlNzWKBtrXABPqQzNC8A5IFBAgEGAGSBQQIBRgEoAYugAerzv8mqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEI2pGdIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi00NDEzNDM3NDU0MjQzOTIz&sigh=QUnzwP_L12M&template_id=419&tpd=AGWhJmt7_Vnm3ExzunuKV_Ts0gTrlvPQxZYXD9UBilcMTIdLaw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Mar 2021 00:05:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:21 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame 83B5 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:36:18 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 83B5 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:42:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83B5 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617017751739567"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36599
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:21 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 83B5 12 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5520
x-xss-protection: 0
server: cafe
etag: 4598867394938533942
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Apr 2021 23:16:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 83B5 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgsCtmxl14kzoaNupNHsu5qQZx_EeNSoAISTZsr6xz63oAYi5NvPBMladW0oNeG73UrC9ICE5fU3sRrxBDl-7_DCwSDg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 23ms
22ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=9&zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0&rule=454dc435-ba39-4289-9b99-b04f0b05801f&requestId=f297fa5a-e3bd-4d74-bbb6-5ad440b1e19f&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:21 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
148 B

14ms
14ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 00:05:21 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 30-Mar-2021 01:05:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 00:05:21 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 00:05:21 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FCF5 143 B
169 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4413437454243923&output=html&h=600&slotname=3236284967&adk=493463479&adf=3279755403&pi=t.ma~as.3236284967&w=300&psa=0&format=300x600&url=https%3A%2F%2Fgreenpost.ua%2F&ea=0&flash=0&wgl=1&dt=1617062720375&bpp=3&bdt=177&idt=103&shv=r20210322&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Ddce2a9ff121534e8-22183093eaba0050%3AT%3D1617062719%3ART%3D1617062719%3AS%3DALNI_MbGHtiOKCCBHBFC685uz7Tvy6qbfw&correlator=3118294486100&frm=23&ife=5&pv=1&ga_vid=902713396.1617062719&ga_sid=1617062720&ga_hid=1029321966&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1150&ady=526&biw=1600&bih=1200&isw=300&ish=600&ifk=2050185612&scr_x=0&scr_y=0&eid=31060351%2C44740079%2C44739387&oid=3&pvsid=2090300791929862&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.80pz38fdrhg2&fsb=1&dtd=119

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 29 Mar 2021 23:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2521
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 83B5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c6b978537ec3b316ffb69c4f51f69caf7f97590fea1d56d91219e318bceace1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 83B5 0
446 B 58ms
39ms Other
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COW1pIjc1u8CFYKtewodDboOGQ&gqi=QGtiYK_hHsKQgAfkgJ-oDw&layout=/sadbundle/%24csp%253Der3%24/9912970544353279076/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 22ms
22ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 85CF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 23:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 261872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Sat, 26 Mar 2022 23:20:49 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 24ms
23ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=9&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=b8dc5c91-3421-4f2d-9306-5e15a6127404&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=6b8583fe-a562-4422-b4ff-061b984a466b&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjc1NTIA&cpm=0.167552&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:21 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 23ms
22ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=b8dc5c91-3421-4f2d-9306-5e15a6127404

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8630 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8630 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Mar 2021 13:07:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8630 2 KB
672 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Mar 2021 00:02:24 GMT
server: ESF
date: Tue, 30 Mar 2021 00:05:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Mar 2021 00:05:21 GMT

GET
H3-Q050 200 HYPE-712.thin.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 55 KB
25 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/HYPE-712.thin.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b32fb196b8de979c40886c7230e9d3a39f291f281fdf2e82c99c038607747c48

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 543931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24394
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Tue, 23 Mar 2021 16:59:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 16:59:50 GMT

GET
H3-Q050 200 pf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/pf.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 510167
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1313
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Wed, 24 Mar 2021 02:22:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 02:22:34 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 532731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Tue, 23 Mar 2021 20:06:30 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 20:06:30 GMT

GET
H3-Q050 200 stoerer3-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 18 KB
18 KB 9ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/stoerer3-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 239411
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18257
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Sat, 27 Mar 2021 05:35:10 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 05:35:10 GMT

GET
H3-Q050 200 maxtra1-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/maxtra1-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 61694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1778
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Mon, 29 Mar 2021 06:57:07 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Mar 2022 06:57:07 GMT

GET
H3-Q050 200 seasonal600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 24 KB
24 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/seasonal600.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e83cd450852843449c7ffd1bf0782c6d7136f7b99d70b404cc3336b323bcf0e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 234627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24091
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Sat, 27 Mar 2021 06:54:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Mar 2022 06:54:54 GMT

GET
H3-Q050 200 einwegplastik1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 5 KB
5 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/einwegplastik1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2acac7c02c49e4ad320bae670b7314b573580ac44223216e5bf49c092ead41e9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 339016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5238
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Fri, 26 Mar 2021 01:55:05 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Mar 2022 01:55:05 GMT

GET
H3-Q050 200 m2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 17 KB
17 KB 14ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/m2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 522154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Tue, 23 Mar 2021 23:02:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 23:02:47 GMT

GET
H3-Q050 200 m1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 18 KB
18 KB 12ms
11ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/m1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 488357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18009
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Wed, 24 Mar 2021 08:26:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Mar 2022 08:26:04 GMT

GET
H3-Q050 200 m3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/ Frame 8630 17 KB
18 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/m3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9912970544353279076/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 61694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17428
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 11:17:46 GMT
server: sffe
date: Mon, 29 Mar 2021 06:57:07 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Mar 2022 06:57:07 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 23ms
23ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=9&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=a8e44abc-8fad-4880-b2e3-54ea8a778a0b&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=f67fed9e-3b71-4046-bf3f-34c24d37ded6&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjcxNzgA&cpm=0.167178&sf=0

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 30 Mar 2021 00:05:21 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 23ms
23ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=a8e44abc-8fad-4880-b2e3-54ea8a778a0b

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FCF5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
287 B

46ms
46ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 00:05:21 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 30-Mar-2021 01:05:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Mar 2021 00:05:21 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Mar 2021 00:05:21 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8630 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 23:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 261872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Sat, 26 Mar 2022 23:20:49 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E6F 0
111 B 60ms
59ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=2090300791929862&bg=!np2lndnNAAbUo7L91KM7ACkAdvg8Wmo3PrzEMSIR_I_7DuI2bopzHkyH1KCHjLrRYGjNcRrWbpPj6AIAAAIjUgAAAFxoAQcKAFCYxXexhq4V80AqrS8MdWXcdSHlPxggbA3XwvX9OVpNLBACupbcUhPAUgg4AKl58hryLGkGoGkk43kO05FRO4OmZibrCIIV8uT11kcUt2Vph5kB4BJHAeYogj3-kNtOLSYpDGK-6sHMA_g0_DluADPWnd9ylyZesV5nkGHofCluoP8EidP7qY6lHg91H9bNynG8UPLYcgp9lewLwJgZzgJt9PEGNUT1s2lI5CGnJikDNXogL5SLOZoryhkmGNduvfX01X-KBM-dt6lKexeeWiJ-AQf0D9RQkECX6ZDR3oSAhawMHKzwQA_bqMVXxGUqX3hW_gDe1mGhB3f4RIf1A9Sgv5mVr4FbsZ7Y0tiu6twWLaoek_EKua9hjDqizCjPHzg4zFeMPEEsC0D8TLokQ1tXs7guXgkfH_HUwPNUW6bXMMBi0YuLBYOlHGK-87EM3EYdFYSLl8D_F8F2xFVah9SegukEekv2mtGkmw6JVg4wwsCH5tUVHlqoaSFqUNHpylyy_81wUeVUPQNfAkjkzMcCD0fkzkDZ7LVAksISt7dKyO6_pR07poY6mli5QMNhOcw-fg2VD5fthEVYs2jSaYcSjzHf8qrMlzTtXLOqjiE5uhqtYIPyjkEsRjwUXD4FqoFh1NURawbJ6g2GWRG160YvzdfHTRgZSgUGrpqozOQfvHdD16iW4Sa0ndagazlavMNdXA6--93Y9n3nQnU7YkAVDsORx7cZ5r1RVLFGRD_JQIpOmQ

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5FA 0
23 B 59ms
59ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021032202&jk=1794779613816806&bg=!4uGl4aXNAAbUo7L91KM7ACkAdvg8WtDLjPd7jvkNYARp7G4cQnkxEPDCJumMTe_4WuTBTkE4MEVK2wIAAAITUgAAAEloAQcKAHzu9_DvVisaIQIYj8-Z6jPDL2zRwnt8senvE8zCXtLnl5TSJ9lq4VvSvUouhsEkFAE2ADuUSOw7kdh7e7PKTZKNmgnD-QPlDS0yCyskhnh1iulWBZ57CRfYS2SxSu1FsVKDWeOTV5zZSYIgf68EebpeCVXH7Boiit7sVCJumQHfrI_JCJbOJnqJgfxOIMYKWzBCjMkzjw4iI9wAdNY42ffMZS378reeWeSM5NJqK9W4NedEYenj7wmLW1g1VnyGVC93eY2DqJ6FzB6FhHo-fZaz-FgtoxKlR5M2ZCRd9t4tFbDzHlulVTxTjGEnKf32FrVhzSzi4Wx9TejlJ5Z5SHc_hHW1drFJBIhYtO8QtrdeqboW_slqo0EiOOjfWgmEdXrSRJR7VGbMaKWi4KRgo5oAXnqcm71is_2LRcVZzfkc9rq7kUBhZLNFsFxX8j8h1KMDqcCdmGQ2OMS74b6f3WDZsl4xR3cOtwDcI53Mc066JdIXgZSXRMzssFnW0GL9ERfeHocEdCty-662OH8uKDbkGbwq1cZKJFFoy_FA1lK07xVGzgYEa2yGFxM_s_2AAPkV7zLqYacpGJuLCJqczatqzMKDNuVvLJCzI2eKSDS-tRRhutKIVxJasLaf0lnVunAzREhcwdZMUyQv7boBXRwnlTAaCSUTnZek9pBwMN369zahjGCRy7HxM1SNz6iKHI8FLiDMXM1eN3VqN07R-CtxsVgrgQLI3Afz5_-nDGM3Zqxy5bE8RV-3YIrOKU2bPDRMiZkAFPhM3LpKQ2q8IO8J3nBRXK-Y0Zpwnf7ynCs

Requested by

Host: greenpost.ua
URL: https://greenpost.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210322&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6dd0653f8029410cfe6d6d2c180746c1986699b71ce60ad9ff1084e43d36353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Mar 2021 00:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6525
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 00:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 30 Mar 2021 00:05:21 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC25 0
23 B 43ms
42ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=3825679655722784&bg=!y8ilyIzNAAbUo7L91KM7ACkAdvg8Wt-KG9V7Eg7COiDx1FQkLMA8wGJJ3q1iWASUx_xQSE80Ysh40wIAAAI5UgAAAIBoAQcKAYAJIAPPsg0oM1M2Aqp2FGg7teso5Xd8IXuKgslVRlY-aqfv-Jeeoo8NOREAUVJ4XPg1oUNCyiAwVpnJjCQ-GgH2KLCajhtJqNxFat5qt7gZcJuoNN1YAP3-MZR6NTY7t_ypXO82OyfFwl9fZuO4Cx4edzw5FHAMT4Q8DBDN_i6kTrqvWBVOLbocJM8b0-Sg4Q1v90mlmR-dV2ucJpvMLjZ15TH9x3JXs3VYbpXKZIgFLtjQj884Er2EAFUbOOO2arqRroHm1X4uxGJ6tRAs2kvI6jXo-tHmE4GyQg2wPzeNXPIK0efLTeiENVEYscY7DHC8y4dxm-hjx4ovjXZ-G_QtWjDbaq0eCLrfkHWGW9nmMPTK0iZozkK9hkhnkWNGdSS_2MCERmX0f597Aaj9ucAQIrgBiloox_h5Do6EMjZdK8fPrd05B-6LUgf8Q_pCnjUj82ceVRFVffZWyZ85WukWuAzfItdEpEymep2BtfNIPR80r5WWiKRp_UtGZ-n9iBWZAfP1Z_oG5edf16HecXgZrj_g6MEBfFLVfprupRirkqCN51et7MZvxfkZOd4h8twCqHAyPts6vq6_4dOtIXfwwm9yabwUQsQ9VQDVXXTwoabEZffIvDofeaAEZ-UQ8MsijrM8EgdALoWuEENFXq-_spGKiUug8M2kc3-eK3I1HvgMgInJm9DN6A5el_D_lnYvxKuz26x5wLNf8fRXe7cRP-RHD9La-hO7o4Hph0z3ZsiZbXcWeXL4Imf173x0-1eqGYyokEJXv3dMgM8snynZDg5nFN1nmJ5-U-XTyNqQ2C8KG959ABKv6mdBQ53Q2YRMEurQmF7SwYoDxes_C9-Xspz7_ssyPdCLT-rBW0WVcYHAcuDRkTVI4NNaM1yNKt6U9tdTWFMrVxEXpsG9MYtj1iGfq4pPI6g5qnwMSnJawninTKayNRGXSiLpp9R_mpuLDX_efwKiIuirELynqtPgTBVBzVPwbJE5N-GWq6-ogwrcO3-eQVuYB_fY4rA9VN5wfW1v3C_UZkbd9smqnoiU6JGKQio5a-hGDpX_ES3KYNSHWSJi2HkHBghz_xUmpYndHBDFiY7nhMvnm5yEWZ08FifB2-ScXgyaXunXeQMWO0e7gEWng8FP4VfNykptrosIJLAzvNQbvTR5LcpvH1AyjvJ-u7u5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1779681269&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgreenpost.ua%2F&ul=en-us&de=UTF-8&dt=GreenPost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=10%25&el=%2F&_u=aCjAAEABAAAAAG~&jid=194955934&gjid=59847048&cid=902713396.1617062719&tid=UA-151732632-1&_gid=1074363285.1617062722&_r=1&gtm=2wg3h0PV6RQ4D&z=1458714013

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greenpost.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3E38 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://greenpost.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://greenpost.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 29 Mar 2021 23:08:44 GMT
expires: Tue, 29 Mar 2022 23:08:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3397
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
51 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-151732632-1&cid=902713396.1617062719&jid=194955934&gjid=59847048&_gid=1074363285.1617062722&_u=aCjAAEABAAAAAG~&z=1737265886

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Mar 2021 00:05:21 GMT
content-type: text/plain
access-control-allow-origin: https://greenpost.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E38 14 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 26 Mar 2021 23:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 261872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5666
x-xss-protection: 0
expires: Sat, 26 Mar 2022 23:20:49 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
109 B 46ms
45ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-151732632-1&cid=902713396.1617062719&jid=194955934&_u=aCjAAEABAAAAAG~&z=2046812475

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 43ms
42ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-151732632-1&cid=902713396.1617062719&jid=194955934&_u=aCjAAEABAAAAAG~&z=2046812475

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 23ms
22ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=208f0ef3-1050-47f0-b77f-cd394717df9a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Mar 2021 00:05:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 40ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210322&jk=3166768538204532&bg=!-vml-b3NAAbUo7L91KM7ACkAdvg8WiqSCVBsR_3GqofPd3IWe2AYhiJ9kKZJVr7LezOuySDyGlCemQIAAAC0UgAAAB9oAQcKAGO13DcjgxxPgOHUt-fdsIba3QcrrUViJZVi3gJwjB4ZbMM34kM6H-0_bDk1khbafGzJZ7o76Z2uFMyr7CVNnBUdpvHRAvW8h2MjCG7M8xsUZsiL2eqDS7AOb9XnA1tjvi4K0gaZAccLDsLFTkkPtmMkPFM1WZ7s_xGYpyqrK57xzxepOBgNU_0rK-qauTy3MPR21682a5qcn8u3IJPZy-ybYQWOlcUhy5KardpdKa6qVdzjseKUk9WHo8bL51E0wUK6xLRXtmWsqQRT7CrwIzPQt1MBIfhV6bMuRTWyJGFgT0Tafxr2w8Pn4x3fAqp7Nx39_T9BbJp448JbXgUtGrgc0d3hATxSXjF_JWaiKYwZ7EbZ3GZjtvgQ8uY5AkbETz8HR_PlOpZdcMVIAx2SRHlFbdDGP7eRARVD8LKtSckn9vSiS6G11AE-3jwOKkTsruUDYaEzUbKX_1hvZXOhW4-SIVOPaAPMe3aCaxzeqPv6XoyRGJQ1lsu51-XTxwYiTjNflk4WgesPKpkjBpzqbwCp8TOTkIo7r1ezbl8lsVEBaUoe7_rZPHxoV51PA46Hyo6g47KEamOS6toQHMThugJ3vW3tx_bTt9yrLHu_G8L2Px3ZrVGWALQZR5jjc-u13iNeAwyRR4z-GzrsJCPi9YQYDWwnXMt8LCwxRCKPP94XziuyOQ08ibBSRRnpB1LFGTv5i1ztHoLlM0QLPpLOsyJTYJIWNlDyW11uvqcVDA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greenpost.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83B5 42 B
92 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVjAbvrM6PZ2C9M0DGyhOTf5qcEVyZ21IbmIWPjeoHSViQXTFjG9TkIebqBYnLeLm1CaBzvCfsgtmMO2VLz5QDy7TOwIjWKe5NEYjeOZU25xnkbFanbSJyUnivFg&sai=AMfl-YRcnYhgdj4UeOOs5ckm22yIuFdFM6yTCpPqT84lFYX4oapkGsFpIFmQunCH7Sq3Br1rI-Sua_0pCroG6ALVsq_WrCD13fo14Ob6Ue0rtJJsVSpzhqUzL0yI6e5C&sig=Cg0ArKJSzF4nS-J-razJEAE&cid=CAASF-RoG1AUawWqGZyzIfROmNpGs_VoBvke&id=osdim&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=493463479&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617062720498&dlt=464&rpt=83&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1457 42 B
66 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQBaNRIlQ8D0XIC8aiYeNk7FtVNc5gKEgIDBXoBm8GXgKIX2t3LL3JzxDtX1z36Z89yAmUcpcQfxi3DReiCqoNQ8Ph3lQ263qnFGPiHv0pR3QnnlNgh7t5vLXAcNrDPKKUg5fbsQIPpkzlyvUrcD31Jg&sai=AMfl-YTqPtWfeclOKlhaZCDhIj_kBVuahHM1F7VSEcgkGnKfCqCWahV_uZpks2clqXA9EOkQqpjTXRx4_l-Brj02br7wnxf87TU9MDjXAbwFAuD2Y5BMwmSVXGiYYvG_&sig=Cg0ArKJSzCKL1LsI0kxQEAE&cid=CAASF-RoCFawyCBdWHts2CF1hC6fVtreOzHz&id=osdim&mcvt=1000&p=30,315,120,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=466794599&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617062720557&dlt=66&rpt=238&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Mar 2021 00:05:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 17:11:06	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-19 17:11:03	Name: test_cookie Value: CheckForPermission

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Mraid Ready false
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&zone=208f0ef3-1050-47f0-b77f-cd394717df9a&rule=00f55343-6db8-4868-968e-40d0fac1ea80&requestId=6d5a2a2b-4b2e-41d0-a132-be00a468cedf&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0&rule=454dc435-ba39-4289-9b99-b04f0b05801f&requestId=f297fa5a-e3bd-4d74-bbb6-5ad440b1e19f&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=b8dc5c91-3421-4f2d-9306-5e15a6127404&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=6b8583fe-a562-4422-b4ff-061b984a466b&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjc1NTIA&cpm=0.167552&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&zone=aead1f5d-5198-4e49-8205-c86928d043c9&rule=eac5e94a-5bf3-4679-a8fe-3ebe2cc7b385&requestId=967d6418-1cc9-4384-a439-7e122b58d2af&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=4&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=a8e44abc-8fad-4880-b2e3-54ea8a778a0b&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=f67fed9e-3b71-4046-bf3f-34c24d37ded6&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjcxNzgA&cpm=0.167178&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/NH/2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=9&zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0&rule=454dc435-ba39-4289-9b99-b04f0b05801f&requestId=f297fa5a-e3bd-4d74-bbb6-5ad440b1e19f&page=greenpost.ua%2F&hp=1600197728&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&inst=ADS-EU-9&ts=637526595197287206&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=248d4e44-14c3-4152-a5cd-c8dd25e961f0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=9&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=b8dc5c91-3421-4f2d-9306-5e15a6127404&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=6b8583fe-a562-4422-b4ff-061b984a466b&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjc1NTIA&cpm=0.167552&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=b8dc5c91-3421-4f2d-9306-5e15a6127404
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?item=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&cc=NL%2FNH%2F2759794&am-uid=82a8d709f6af4fdb8df4ed7bb311632a&cet=9&profile=24327bb9-dd9e-4e85-ad48-569fb2e06c69&zone=a8e44abc-8fad-4880-b2e3-54ea8a778a0b&device=28&rule=cef59f13-0648-4e1d-92e9-8618fa834801&requestId=f67fed9e-3b71-4046-bf3f-34c24d37ded6&page=greenpost.ua%2F&hp=1600197728&size=350x240&adv=N%2FA&dsp=Admixer+Display&segments=2%2C7%2C497&ts=637526595197287206&sync=45%2C3&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&crid=cb9d87b0-8e32-428d-9327-f23d50b9bc4b&pvid=e5f4e227-3bac-49a2-9984-882ad4356e20&extpubid=76037f68-793a-4c1d-b53f-c91635b84e71&inst=ADS-EU-9&pxl=0&dmp_pr=MC4wMDAw&pap=MC4xNjcxNzgA&cpm=0.167178&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=a8e44abc-8fad-4880-b2e3-54ea8a778a0b
console-api	log	(Line 19) Message: [object CSSStyleDeclaration]
console-api	log	(Line 20) Message: [object HTMLDivElement]
console-api	log	URL: https://cdn.admixer.net/scripts3/eea2a65c501c927510a8.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=208f0ef3-1050-47f0-b77f-cd394717df9a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
ad.adriver.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams.creativecdn.com
c.bigmir.net
cdn.admixer.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
creativecdn.com
e7efbf3d9d715c2ef7892173b3141b1a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
greenpost.ua
gw.geoedge.be
i.bigmir.net
inv-nets-eu.admixer.net
inv-nets.admixer.net
ismatlab.com
m.trafmag.com
odr.mookie1.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
r.i.ua
rumcdn.geoedge.be
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.greenpost.ua
x.bidswitch.net
142.250.185.130
142.250.185.162
146.0.227.110
185.184.8.30
188.42.196.115
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.26
195.209.108.39
2600:9000:2182:2800:4:b37b:9440:93a1
2606:4700::6810:125e
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a00:1450:400c:c00::9d
2a01:4f8:10b:94d::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
34.194.182.213
34.98.67.61
35.157.13.124
37.187.205.228
54.72.174.106
88.212.201.216
91.198.36.16
013dd4caceb194ae1f26bbf2d272914ee5f3a241d0787684b83ed5e739baf2de
0571dfd7b16be12243b0cb502b32499747392cd6e5610d2676b5d43521a0b93a
09b7365c666a1afa12f23ffc09658260f5c75cd42cdfb4921f6829520621f373
0a350ffe72bc35c87f22ca557ab9ea594159a80df5ca8590cb2bbd165a7472d3
0a4d5cdc0526cde15371f2e174d1a1dd15defd3ceba12201e92e07ffa6153863
0c5651cc59b22a771c0296ac3656a3e4ca3cf72d26249f3a4b041f6d4a0f273f
0c6b978537ec3b316ffb69c4f51f69caf7f97590fea1d56d91219e318bceace1
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f7121e06f610c806ccab6b307d22e503e84f7e83c5aa03ff8b59e20bec18865
103035edef55f84e682cc4412e2e933b0b741a1eda9ae61f1a0302815856b81a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1101aeb68ba6cbf1f0592f3aec94fc2820012891b0543d3b5c54d0cb48324b36
11bf599ddcd13d2beab27086e36ff8813a5cebfae8693f1a8c2932125ac385e2
13de62e67d7e18c787c52e15a141b291393b8ac37295e593ddf9a7217d8db56a
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19192f41f40c99863ab48c4616c4d03c6b2949dcec0ddeae85a9497f68615099
1bb9499d9796fdf4c93767155c5afc5be9afe7659bfa4c72770f6ba1ba6f758e
1bfeceee6f05b7b6aaa98bc638560e4c55533eff85ee8dff2e04bbdb4edc1d46
1e98b102012e0c61aca5d66a39650a3f813e456a0072787467ce3c68e5d87cb0
2004776220cff1169b5ce0304ef46e374d0bfab6ceb34c380447fb8f2e3f63a8
27ca2405b9faac0e7915decc2aa1ddc9e47699ab7073ac4c5c1cd8a7f9517a32
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2acac7c02c49e4ad320bae670b7314b573580ac44223216e5bf49c092ead41e9
2bd403bc5fba59318556f15f735a0c08c433c1d33187eebe11c9710ec689923a
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
315af7137f99d2c1cd7ca5129793774ea563ff5c3b70e3039a8b11daee353e48
3522dc42cffb177dfd89532cfac8dbbdbd13557152dc68c3cf0f0e323e04a38a
38f88a773fef1fb9452fd5458eb29d4395ddd706a58ba343635092e63044ef05
393d7518e8421e92c8b48ac03652c571f1a4417d246bcea04c3dfc7aeeb132fc
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
3abda7fa1ac5c9bf5a0354237e403ce6c46723fffeeacf01d452d05f2b1c2bd3
3b57713e1774f18046f566c969576a2d490e6f777ce61029fe343c7d738ffdb9
3e62a85c7ef050775bc65d5d57a9191fb7eec6e4d0d0c0ca027b62e43e2e90bd
3f6ec0d0418362de2cd9c5255ce08005ffedec3338081a447a5730ac32fae7b8
4366747f8e78ff1647ff96dec84a3914b6de9fbbc26b4d3b65e016861338e9a2
441d9e7c108bebc5488b987b7bbb54350f0380ebf9114489fdcbf39a83a0bb92
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
482a5b2927c374bfcf2557a89e24a5b85b34fbc0f7e14d9ab095a4a222dcbb98
490a3785287bdf6be7860b7eebc824812359017bd2cb339253e286aa2147ba9f
4acff57c24e409bbd7c5f1f2660fc6ea316c4d1e4fe2af39c656c00a78a7971c
4b6ad0207ec3a28e701f6166544fb2a541922358c54ea9c02b9c39e297911d9d
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4d0787bbdf864bc26d69c57e82139e2815f7a0ac1448e8b063db645d5ab5bae7
4d890a48ea501050f8167a15968c0d8d1d654a54ce3058242ab99acdfb81e288
4ea171e60023ef7c77e4921f88d2a7ce39ea05447b0bbec4d0af23f2ba0278f7
4fdf9dc83963c87dbce2a839f7c32c7df8140e5f7bde2e61a56de0fcd2f0abe0
52106d834df10aea6d2869c41d49818e69a854f4749d6101420fbbf18a482a71
53440711de93fef828863a40049492fc82111e15f604046ba5088ede84aa6038
5629ae0d5acb154c45d37a7a9a392800ea4364578591c307645d259b883d0845
56d74a0e5926d731a7d75090a7f83402ce0c8c8490068434ca8631f4f0a8bd82
59344f1d076c4b7ba52dd683d290502e4854d0b73cb5712da4701cb908ea8074
594ca5002b9cdd63b301365c4dd76f3a08e23049f6aee1f62258d20da8ef1345
5a794554bce927f2d3c34a694a3a25683bfcb2d2826c72b13e1ffa422b2eafcd
5d6d634daa2103d71acd769e8d2c3d7c33642ea3b5879427ec35fb53a1de0f73
5f18dea943c830d36ce23599c47fc8cd3ab17677404d4c2a1d75809838073ecd
606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6
60e57c7f7829ba085103c21646e616624a5394948ce84711f041f04e853066cf
610ec732daaa73ee1b23fafbe400082861bf358681993e69fa7f7fbb3cadf336
61bc85e5a9a4238f5614ea04ee71a2c7cc7b9ee54e320ca680d8ead88c1e5b9d
62809c09f78bcbcf1233cfcde966c640fd0ad54e1b5ef157dcac1897180f44d8
631c5057b3878e2864e0e23d2d274537c1506155f3475b292fe1285e18efa71e
63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899
66666bdcdea42343cd4af706f87a01272e94cf226177410f0fdc3720d03ff70c
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8974313880b34bb37303c6154aa9ffceb76f4980def60a698dbc7d9be7ad9d
6c26056b2f8658f752c4100a183bfb4949414ecdd10a6a723fe3ccd1f6f4797b
6ce92b957dc705da17bd5e5c5a702089ed344b6c64237d31d3ac7b777d18b9cc
6f66f48a8ffd7cbfc8c1943081ae68a29c33c442fb42437f7da405d8d0a75d33
706853b490826d1d3143aa0052b364ff6dad885dfd928fed2bb10d75bdeb8224
713c1291fdb24f43b56cfca41591b0009c9ab61137d6d25b46986e2364402a5f
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7681d403682f24ac996a61777cceabc6a1280ad253e60d205d8a5aa1c9f356a3
783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c
7a6f65e5031773af2db12dbdc1d6adac52682bf4b93df5f2fd00665c4116320f
7a9ba5dd2228ece9917005a58a1075927fea0b36a3ada97f932407fc291f5d0d
7ba3c09d8f6594afeca4405e9f871fc16420d66838bfee7edc7245dbff14cf18
7ba4fb1af9da2954e97c7852cc85de65f7e1cd9ed26764c5831e3ea4702c3839
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8419fa3cd1f0ae079a14643b25932f33145da154707d35c05634cd318d4a26cc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873468f8251473ba69731d865cc51d0b6fb124dfddaed502bd450d2d476b2c2c
8868c9d411ba0c2a863517ee11300c495f728a26297c6fc3aad752165fca57aa
898047769d83521b2ad32aba57922d9152cf4bd73d42ef1dbfa504c49edf91e8
89a899d3061b6f9592d765b7db03b0b9eb2f47c9e923bf34dee7bf34afcce7e9
89d15e8d6c0a69d8914c2c2363200b5fc3033c509439795e5bbe144974038e81
89ecec2b746294ecf62caddf088b0c5eb498ac3f7478dba51ff3a3876762d7b1
8af6cd293d9a02de43739c9f11297e6d7e7d1a1eda696fc07bbbd3dbfca05bbc
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8d3f480c2b6dcada1129ae81963fff0091160151e13550fd752de37a074b687e
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8e7b895976d0e65e50ee44d5d7c61c28561df429fbc74d3a9888240ff9216690
8e845b3c43da250d2131dcca1a9af77bdaca1b61f1215be6317f2d5f17f999e1
8ee52d6fbd5334028d1fe9a7b1f7d71773f28be22e068518c00fbc6a8fcbe215
9029cd2b6ca418481b961a08ca7ab9893f80b05a2174dce677a886995ff5e81d
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
988be38bfa0ea8236c14745f92bb044e2611f17b795606a5cdaac420c96187da
989ed0cf5129961a611edf006c87b9d79cab2aa50e809d1aca2790ec94ed1f3b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cb8456f6b447cf329c5ccc322c42a80c2ae8573b286b151be7027c2253ca921
9d546760b7ae82884ce3abb20f084643fcdfd805332f72b75709f1260d23a6b6
9d6ae2e39ed75a64b825522f0bdc69814f3d917e8de5e59ee24771ac65734634
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a1e3bbf089fb747849714523d0d42d7fa6f5a0ff45a295430e47ba82e41fbcd8
a2de9fe31eeed403db6c6d24372a875bb019d3354b9803d5e8463e437c111a88
a38c7adb14d9cd9c1dc6f1f006a45eb5d5f5b96f7f4c30c4ef9e469dbd5bb707
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c143319507bc2aae3b608cb896ee8506fbf31b8c7c633137393f01864b50cf
a50873abfd0f277672b9d03e0659aa7ed7ca2d3298183472fe79a73092c2b322
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89f9a7b6549d1c89080bb6fd3c8180dd2e4b218a6e72d4429027985e3bf52ac
a8ca7d3026e65b15e425973b8c0644a0282607a5e3d5be21cd8207f746ac6d70
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acb8d9c7e9ffc6b6873755e1a15d74e39339218515d82dbda78d252a1c7f0f55
af39439984f197376c872227bc359f7a1eeb6369c23cdca3754bcb415f0af64d
b2fd306a744971119024cfaf7705273397f80c8d393189e4401a70314b974ce6
b32fb196b8de979c40886c7230e9d3a39f291f281fdf2e82c99c038607747c48
b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554
b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2
b612fad94bf43099391861eb2690dc761fa0e5fb093c6d9ed67c3986994ba408
b679de86cc78f572e0d1351a457f2753acf15187e35d3f847d77935708794991
b873c11fff519c1d41589038b81cfd41d9df9f6fae5dcfa34001ba7c14eb5116
ba54b62797005aad60352602c7ab7efbbde2a16b46a52b488d7706e788f5920a
bc5767a8c612a7a1b9f2b0456e1738ac484bc44df598899f47658dd07fff7757
bfdf29dfe21609166f45d2c2d875dec0a571765199e7e92dee0abf20147bb2d6
bff07d26b9a985efa8511d0cf36899933c4a02fc21eb57576b8bc8763107e0fc
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c976135f44cdeee049ca7163fc671c369c7cf1a93de5e1151fc8d8fc6a33b080
cadda4a56adf0582b830e66b16e119979331e190089d5e7bf4c9d903564b10cd
ce35fbfaac6c7f9991b48664b80912d9357b7eecf1ac1479d63e7dc8a4b55cc5
d07be41a0b21338253761a9626c2acffed564d868e9d57be2febe265addcea9a
d1e30f73622575f627ca46e5d23c6821f42c62f0ea7f2244b9aebc1ca906f943
d288f94c0356f27b754ec69817e8578ea0bc9491cc9456331cc9c6de9640130b
d3ad9cb2d38e243a4813d4b861ff5539addbbbdaf8c537e42359c99819fe9c8f
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d55f81e52c653aaafd762224540775c8b75a83896c37566c1e0a09236552e5bb
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7807e6f71871409132c8b7a504ef81330435f7463b641dd246dfa419697862d
d7eab1a8b40da1c5bc4647e55ebfc210432a2373ceb71ae566792a0a6e0fbad1
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dae5ce5e624eea85dc85a2a36d08fc8accbc68f88e8ea48a5edb82da577aca55
dc0b4e554bbed8a98e3f803085e0b504546533fdcf27b2bcb3ed6cb6ddf2463e
de238c08ad04ad8f2f9a2fcaad24ba748501abb03eb645f481f1c4eeca2cbfa8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e39dd05df1bba9feb4d643daadfb8758fc569bf33a8e4dd785c992d08df14071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49c3536ea775ecee4d8e1f7b8df1cfe706d269312b00014909a7aeb5f42f347
e7208edfd7affb0c8fa62b9cbb05c9f958994d33309518f911eb758a46e56b24
e792d080b7c41da4c842d8518f520f7d6d7edaa561b7a436e357aa857cf2ea3a
e83cd450852843449c7ffd1bf0782c6d7136f7b99d70b404cc3336b323bcf0e5
e90f060af5185eb1ccbd4426d90ac6d8b9f7038564d710bffc8804231c4329a5
e933c484b5a17a06b1e0899a7aa77bf540002624ce32ce31b358f17e0af19bda
ea7b9e56bdd43bc7f904436ac44e8300b2ac54af21d3f78d450fc358c85f0df8
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
edd634a2c4c814a562284b37da1311606b9b55903b3a87ec4684351d4746c201
edf6d64fcad347e2600dbf79abee157ffe3e9e9de7baed3d9b487988a5f70853
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef508faf739daa78ff80f7835a524778a3ac8e519c2c8301456d91668c7b6336
f055cf8ef8a12cd0e9d9067343c154d1336b37fa2faa27d5bfbbc88bdc68a3b8
f12b9249b11a594f39bfa09343bc6d216e64d9861f8de21f328be7fb903377ac
f153052457c1310b3eb5d76abf723e89280603d3847a63fe1c1c27dec9210104
f35156e7fe314e28c727b3b67e5aaa8444efce46dd09296723f5038b4b7725b0
f6b753a9c0996806309c1c548850aeb2a45ae03612af0c637f1fb0cfb297c6cd
f6dd0653f8029410cfe6d6d2c180746c1986699b71ce60ad9ff1084e43d36353
f79118ea8e92a768ac3258815ba07d1164af203c7c2fb6c9b9f4797a8d0fae7f
f7ef7233e4a1e857edd9b5314783c2781acd34b83d73b50ec991cef2e74b0508
f858b655896d965bdedd235ba2dc048e97b3db72112fd4f00b819bd3789ad7ee
fb1e12ac9d633c7e6ae486f98fb41f44662d371d1af97d44f0400e8478a6f45d
fcca115c987976db7ee5acf122fedb1a1f2139ccf33f0f2381382acde4b5c89a
fd191c30137a35e3b09ff8ddef5b82b7c80d951b2120088f5106666b7e5ea8f8
fd43e6806a4df509a6aedc1ba81bd7fb29918d967a2d52dc35586cb91be15f64
feea6127a153da9ba9d4553649cbc353d8d3e504a0406d59e2828b1d506147c0
ff18e6bf184bd659c14d230a8551bba2902c2b548050d9f3c746c78122e4228c

greenpost.ua Open in urlscan Pro 2a01:4f8:10b:94d::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

281 Requests

100 %HTTPS

60 %IPv6

29 Domains

44 Subdomains

40 IPs

10 Countries

3404 kBTransfer

6702 kBSize

2 Cookies

8 Outgoing links

Page URL History

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

greenpost.ua Open in urlscan Pro
2a01:4f8:10b:94d::2 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

100 %
HTTPS

60 %
IPv6

29
Domains

44
Subdomains

40
IPs

10
Countries

3404 kB
Transfer

6702 kB
Size

2
Cookies

281 HTTP transactions
5 data transactions