www.pisni.org.ua Open in urlscan Pro
5.9.154.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pisni.org.ua/
Effective URL:
https://www.pisni.org.ua/
Submission: On November 14 via api (November 14th 2023, 11:31:34 pm UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 16 domains to perform 123 HTTP transactions. The main IP is 5.9.154.242, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.pisni.org.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 24th 2023. Valid for: a year.

This is the only time www.pisni.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	5.9.154.242 5.9.154.242	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	94.16.106.197 94.16.106.197	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
22	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
17	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
3 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::210:a46b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
123	25

9 5.9.154.242 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: server.diywheel.com

www.pisni.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.16.106.197 (Austria) 1 redirects

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: panel33.myhosting.name

kazky.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a46b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	311 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	318 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	104 KB
16	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	96 KB
9	pisni.org.ua 1 redirects www.pisni.org.ua	49 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732	99 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	189 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	10 KB
2	kazky.org.ua 1 redirects kazky.org.ua	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	63 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364	34 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	82 KB
123	16

	Domain	Requested by
22	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
17	s0.2mdn.net	www.pisni.org.ua s0.2mdn.net googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	www.pisni.org.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	imageproxy.eu.criteo.net	ads.eu.criteo.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net www.pisni.org.ua tpc.googlesyndication.com pagead2.googlesyndication.com
9	www.pisni.org.ua	1 redirects www.pisni.org.ua
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	www.pisni.org.ua
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.pisni.org.ua
2	kazky.org.ua	1 redirects www.pisni.org.ua
1	www.google.com	tpc.googlesyndication.com
1	code.createjs.com	s0.2mdn.net
1	www.google-analytics.com	stats.g.doubleclick.net
1	ajax.googleapis.com	www.pisni.org.ua
1	www.googletagmanager.com	www.pisni.org.ua
123	25

This site contains links to these domains. Also see Links.

Domain
m.pisni.org.ua
tyssa.ozdorov.info
drymba.com
ukrlife.org
poetry.uazone.net
www.gorgany.com
kazky.org.ua

Subject Issuer	Validity	Valid
pisni.org.ua Sectigo RSA Domain Validation Secure Server CA	`2023-05-24` - `2024-06-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.pisni.org.ua/
Frame ID: F8DA623DCE9FA24F639458B41F56056C
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 0B005B55161D6B5254551BF3334C211A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=9579533887&adk=196833566&adf=10100615&pi=t.ma~as.9579533887&w=728&lmt=1700004689&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688792&bpp=126&bdt=189&idt=290&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&abxe=1&correlator=6578430204843&frm=20&pv=2&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=299
Frame ID: A5DFEF3E93F7822CB9196424EC4EB025
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=5592391948&adk=3081044279&adf=3540024497&pi=t.ma~as.5592391948&w=728&lmt=1700004689&format=728x90&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688918&bpp=1&bdt=315&idt=179&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=182
Frame ID: B5DC19033DD6990740051CA0D945C5E7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=250&slotname=7208725945&adk=3397241891&adf=1161742964&pi=t.ma~as.7208725945&w=250&lmt=1700004689&format=250x250&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688919&bpp=1&bdt=316&idt=184&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1343&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=186
Frame ID: 50B91695859F7C4C00675F12EF4464FA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&adk=1812271804&adf=3025194257&lmt=1700004689&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688931&bpp=2&bdt=328&idt=175&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C250x250&prev_slotnames=9579533887&nras=1&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=185
Frame ID: C1D489E2B0F080BDA7F9534449E23265
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVQDUQACHO0DogkwAAC8sfLgVgY8SJsq8gPjwQ&u=%7CgXrI8IUz7yKRqHdrFMo14526%2FZRkT64YSdbIOTMYGng%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5M4q1Gj9rubS9eqWEwaJkhsGsNmrsuWZimjTRhAsY873ecwkf2dJM4ofzHWIS89O5UZJACzREYV76ADo_N9jtqV_-d9tLDM7AS2vUMi6ZNCsMJP_D64uLa0OoYsXWJY_zM2kpCwW04adsRgERK7EVQQinzqqs7ImHtI79od687XwWj8AUJsd-ngcTj5XFxpe36Ss_jz92mehj7lVKqB2i78-Xa3vTgIP4KiILXj0_7fxPKB-khNAaVEXa1hleBg3b3foDczl2jnc7KqmTu2rGnb442sj2pyyeWxc1EhV1YY7y7TpL0O0YoDx08kRvf2B1agFjfpVO-7tlQ3OSiMmJozm85GE53WpkwBRSjY4f18RSoF2LRbIA2h9fE6tPy-jCVqUhDE7eMGnRiTRfKkCe7fnSw-Iesx-eNp6rNsR5plLs2nxm-13c2EEHy5SiY2sYi9bTATAjno0Gp3eGKpyZAqOU619_ntHl2EPuTlE5s9NiWGiGyNRxr7HumPrJ98OQMedwVC-bwEpPMbBkMoaBH8LY5pWXOnTmCpNwYH5kADo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCklk4UQNUZe25CLCSiM0PsfmC4AjJntKxXNWdkfdwwI23ARABIABgldr8gZQHggEXY2EtcHViLTI2Mzk0NDg3NjAzOTUxMjfIAQmpAtnqYQBjOLI-qAMByAMCqgTZAU_Qh0WS0DKg2JVBNlzeATAlH1QZYmaGpadGeel9YKjjIB81wWxbxZkQ5gL47g-4rvjeMX8jN64zwwCRZTfs3PJknZBrg-VK_dDVzmwm6mzd9XhbxlvPTvyZSlFIGXBB340tgBOuLxNHiySZ_NTGNPHACM8BiUl4Q3sA24-Y3gd1DLj4_z1zQmn0eW_-6fAggPG26EkjqcyO3NuOr1b7iEusKROMbHuTzi7ktA6viiOqx33B8iH0r8wnYJ0fo45tqb2nLeLN3I9Wn0ezbMqHK-BW2Kf_ob5IPFaABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Lsa4k5OvHu5ARKxdIvmZtGwJamw%26client%3Dca-pub-2639448760395127%26adurl%3D
Frame ID: E56AB79B631B981F81B3D310F5EC288C
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVQDUQACEZsK4E-MAAWX4KoMyHGevSMxCkAKyg&u=%7CgXrI8IUz7yL5KSVOM%2FFC6AgZBrbVItraJ6Q52a4ng%2BE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqArssQp8ietYBV6CyGQtzkwKXz9zanFgq6EFzdXc0NYZHnrwV5pMC_NoKJXGOZE5KZI6YcXSE2-whcFt5EjvOlyOtHC0LOab15UiL4CtT22yEnQNGgLewr3gEYyLTzaC6_1_G6kqB8wMExKlwGQzbIT-1f-xJtL99-7cMzO5PnMrWFhoyKAIAeNnv6zIWo_JrE69NHjFqcohSGEPfPtdjE3dqWyoRTHJJt7Dz6TV8zoPoMPZAnXm5qAiPEI5Bq-Vyni-L-b6eHVDKrSzwrreOU5mr-mnwt6zOivP1CpsdgC3trNA5QH3WAo6HUcCLywqlyiJRsiWw7gkyCESGJqaLdXxVE1e5PbWFSw32pGyX62Uqp1pDNEuwSU2S4gAJ4xamPs-T-YoTxxh9rBnsrTpanfc7jZTT8SmBnWGtxmKAY0-xxyG5CBfl9qiz2AoTJJLYW9RDM1NKpEzb5IffWCOTNknx8Cujm5a-Mj4QtRHFtztxnh-jkojHOb9lfxX6084w5Sw7wh28K4fTyZAm0eLmMA1r_x9YHOOOcRc7jhrfJWijn1J9rU12eRGx3ZeQ6bjy4qdSXTm0mt1eVv4jsy1rW7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp5fmUQNUZZujCIyfgQfgr5bAD8me0rFc1Z2R93DAjbcBEAEgAGCV2vyBlAeCARdjYS1wdWItMjYzOTQ0ODc2MDM5NTEyN8gBCakC2ephAGM4sj6oAwHIAwKqBN0BT9D9VQeozptCWMW97_xAJu2Jh7QLLfEJrdMdjKeYefC6CofdG13G8flfwviADRrhTn971tz2hU-8EUcz3hlgNpGksyJmxcuqlOros5IDbmTwRZmNMCD_LhugSQNYb_RusOA22wK0-W9VnZbd-EzaHRbUpOPBYnF97F3leIv-qgJ-0PJkQjx7ea1rrV7d2twZ3XnE8M6e0zFowMuBlGFCCivWcB5_K68NrHp6v4bNVNAVNbeC58j7Y0pH0qYUlWmGwIxFdngBF1dlmgPhj2NjBEzkZwJIU3zrLoLVpDiABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0JrVuKeSW3JJKP5VxrS4iIAVhxIw%26client%3Dca-pub-2639448760395127%26adurl%3D
Frame ID: BB93199D52598D43D0915725DE9A8126
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNWn9SfGc5TGTO-iZxlWMWs29CQj4bb3VTcfB8TN-bZEXdzDFoDHdtaMtSsB_sLyinbGQJNQJbbStQEn8wWaQKFcpnVXLFnzcQW7HWjB0Fynq0tKrTZ_oStkU5zKg4UTPU7vVNoRN06GBuAPwthQGZn8gJmwcA3aI0thZucpltk-GRw9iV4
Frame ID: A8A98A630D5DA679E22060ADE4BB8BCE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 31BEE6D015021DF7BF67A1C74CFCCA09
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
Frame ID: CAE119330A97A83A3209C69A95F74634
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8CA3C5C82BF8E6A70E9FE0DE784382D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E7A10F76FFB6BD5B430A7E138F03CDA6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Тексти та акорди пісень - Українські пісні

Page URL History Show full URLs

http://www.pisni.org.ua/ HTTP 301
https://www.pisni.org.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

96 %
HTTPS

71 %
IPv6

16
Domains

25
Subdomains

25
IPs

5
Countries

1362 kB
Transfer

3246 kB
Size

17
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://m.pisni.org.ua/
Title: моб.версія

Search URL Search Domain Scan URL

URL: https://tyssa.ozdorov.info/
Title: Диспетчер Курортів Закарпаття

Search URL Search Domain Scan URL

URL: https://drymba.com/uk/
Title: Туристичний портал "Дримба"

Search URL Search Domain Scan URL

URL: http://ukrlife.org/

Search URL Search Domain Scan URL

URL: http://poetry.uazone.net/

Search URL Search Domain Scan URL

URL: https://www.gorgany.com/
Title: Горгани

Search URL Search Domain Scan URL

URL: https://kazky.org.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pisni.org.ua/ HTTP 301
https://www.pisni.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://kazky.org.ua/img/baner/UkrKazka_88x31.gif HTTP 301
https://kazky.org.ua/img/UkrKazka_m.gif

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVQDUb.rHHw550CxnOUa9wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1&google_hm=2

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBNoFykob8U14bV39CACnoI&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDQ4MjMwNjc3NDQxNzA2

123 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.pisni.org.ua/
Redirect Chain

http://www.pisni.org.ua/
https://www.pisni.org.ua/

43 KB
10 KB

135ms
52ms

Document
text/html

5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pisni.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: 969e33d8088acf4a82a74f7f1ecd2bfc906e34d1e30827fa4f49f46cdc605c39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 10124
Content-Type: text/html; charset=windows-1251
Date: Tue, 14 Nov 2023 23:31:28 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 14 Nov 2023 23:31:28 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.pisni.org.ua/
Server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 144ms
55ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NXDVFYNNNK

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33c628c5df8cecf4af33595c6174e1e840df82396ceedb46740a07ce33ed38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 23:31:28 GMT

GET
H/1.1 200
OK songs.css
www.pisni.org.ua/ 22 KB
5 KB 41ms
40ms Stylesheet
text/css 5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pisni.org.ua/songs.css
Requested by: Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: 7ea4a49e4dda927916d2e46d3a8b43067b9d5e67cf48017775a83f6b6a33283f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 23:31:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jun 2023 19:08:26 GMT
Server: Apache
ETag: "563f-5fe078f5abc3d-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4659

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
34 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 08:32:17 GMT

GET
H/1.1 200
OK songs.js Show response
www.pisni.org.ua/ 24 KB
7 KB 82ms
40ms Script
application/javascript 5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pisni.org.ua/songs.js
Requested by: Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: ec7575c8ff13b6882985e34f3e4c4c93c07e1f6fc6fe27a1211b0e2cc886e2af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 23:31:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Feb 2022 21:09:09 GMT
Server: Apache
ETag: "616a-5d7238b9edff6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7271

GET
H/1.1 200
OK header1.png
www.pisni.org.ua/images/ 4 KB
4 KB 117ms
38ms Image
image/png 5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pisni.org.ua/images/header1.png
Requested by: Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: 56534e77d4dd61f6030a4efcf9127f99f95820a29dfb933bfa4f89d5059db43e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 23:31:28 GMT
Last-Modified: Mon, 26 Aug 2013 22:00:00 GMT
Server: Apache
ETag: "fee-4e4e0e0abb800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4078

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 24 KB
10 KB 152ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

521157d284882b7c9a622e5c26e123243551bd2c1251fbd9a18a1d6a1e1340e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10189
x-xss-protection: 0
server: cafe
etag: 8789710487289907268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:31:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

865b310dcd64222a590a94afc650dc88d0e90d7aafa75c472687e676e1c59353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52701
x-xss-protection: 0
server: cafe
etag: 183872733639739796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:31:28 GMT

GET
H/1.1 200
OK button.gif
www.pisni.org.ua/images/ 4 KB
4 KB 39ms
39ms Image
image/gif 5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pisni.org.ua/images/button.gif
Requested by: Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: c0a95382b63a6b8140b5ce3f673d366f9af8bdfda5b012e6db17a7c9a1eff8b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 23:31:28 GMT
Last-Modified: Sun, 29 Aug 2010 22:00:00 GMT
Server: Apache
ETag: "105e-48efd781ed800"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4190

GET
H/1.1 200
OK ukrlife_88x31.gif
www.pisni.org.ua/images/buttons/ 4 KB
4 KB 39ms
39ms Image
image/gif 5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pisni.org.ua/images/buttons/ukrlife_88x31.gif
Requested by: Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: e3e4786a020a1ab943498d29ad637f954470632e8643c99716ad1e60ccee755b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 23:31:28 GMT
Last-Modified: Mon, 20 May 2019 22:00:00 GMT
Server: Apache
ETag: "fdd-58958da879800"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4061

GET
H/1.1 200
OK poetyka_88x31.gif
www.pisni.org.ua/images/buttons/ 1 KB
2 KB 39ms
39ms Image
image/gif 5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pisni.org.ua/images/buttons/poetyka_88x31.gif
Requested by: Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: 8ce590988cb6da38d3eecb3d5297b97a6b8edb7997a8998e166db81392351ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 23:31:28 GMT
Last-Modified: Mon, 20 May 2019 22:00:00 GMT
Server: Apache
ETag: "572-58958da879800"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1394

GET
H2

200

UkrKazka_m.gif
kazky.org.ua/img/
Redirect Chain

https://kazky.org.ua/img/baner/UkrKazka_88x31.gif
https://kazky.org.ua/img/UkrKazka_m.gif

4 KB
5 KB

53ms
53ms

Image
image/gif

94.16.106.197
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kazky.org.ua/img/UkrKazka_m.gif

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Server

94.16.106.197 , Austria, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

panel33.myhosting.name

Software

nginx / PleskLin

Resource Hash

1b2bc73199000f0237ed5f7e50b2b91324ba4252a59f97869a82ca6476b7c5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Jun 2014 23:32:37 GMT
server: nginx
etag: "538fac95-1152"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: image/gif
cache-control: public, max-age=2592000, max-age=86400,stale-while-revalidate=600, stale-if-error=18000
accept-ranges: bytes
content-length: 4434
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 14 Nov 2023 23:31:29 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.33, WPHost.me BROWSER Cache
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://kazky.org.ua/img/UkrKazka_m.gif
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 148ms
49ms Script
text/javascript 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 21:50:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6074
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Tue, 14 Nov 2023 23:50:14 GMT

GET
H/1.1 200
OK files.png
www.pisni.org.ua/images/ 11 KB
12 KB 39ms
39ms Image
image/png 5.9.154.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pisni.org.ua/images/files.png
Requested by: Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/songs.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.154.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server.diywheel.com
Software: Apache /
Resource Hash: 512915d20918e7f6d4ef8bd6950fa3a1493bd5bba09b51bb27565bdfe7f91a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/songs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 23:31:28 GMT
Last-Modified: Mon, 01 Jun 2020 17:35:01 GMT
Server: Apache
ETag: "2dc0-5a70936f2db08"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11712

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 134ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NXDVFYNNNK&gtm=45je3b81v9120595294&_p=1700004688623&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1146355442.1700004689&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700004688&sct=1&seg=0&dl=https%3A%2F%2Fwww.pisni.org.ua%2F&dt=%D0%A2%D0%B5%D0%BA%D1%81%D1%82%D0%B8%20%D1%82%D0%B0%20%D0%B0%D0%BA%D0%BE%D1%80%D0%B4%D0%B8%20%D0%BF%D1%96%D1%81%D0%B5%D0%BD%D1%8C%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%96%20%D0%BF%D1%96%D1%81%D0%BD%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1036
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXDVFYNNNK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pisni.org.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 397 KB
134 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=pub-2639448760395127&plah=www.pisni.org.ua&bust=31079654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

568a03420a07bb5c472c59ff60b0906168f8ba81bc762ada847e4b0270f67260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137189
x-xss-protection: 0
server: cafe
etag: 6465431908553726961
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:31:28 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 0B00 9 KB
4 KB 126ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pisni.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 12:22:37 GMT
etag: 16674218716276178799
expires: Tue, 28 Nov 2023 12:22:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 inpage_linkid.js Show response
www.google-analytics.com/plugins/ga/ 1 KB
1 KB 145ms
39ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ga/inpage_linkid.js

Requested by

Host: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 22:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 Nov 2023 23:58:42 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5DF 36 KB
15 KB 349ms
349ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=9579533887&adk=196833566&adf=10100615&pi=t.ma~as.9579533887&w=728&lmt=1700004689&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688792&bpp=126&bdt=189&idt=290&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&abxe=1&correlator=6578430204843&frm=20&pv=2&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=pub-2639448760395127&plah=www.pisni.org.ua&bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fce4e244e9da5ac7663bffd73d646010eaa90295b2954d882751e28c5fc0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pisni.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14717
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:29 GMT
expires: Tue, 14 Nov 2023 23:31:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B5DC 105 KB
44 KB 654ms
653ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=5592391948&adk=3081044279&adf=3540024497&pi=t.ma~as.5592391948&w=728&lmt=1700004689&format=728x90&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688918&bpp=1&bdt=315&idt=179&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=182

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ecf043012b29c375f7a341ada90cd72b9cc0a08dea550f00a4fd0309c7273bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pisni.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44859
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:29 GMT
expires: Tue, 14 Nov 2023 23:31:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50B9 36 KB
15 KB 369ms
369ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=250&slotname=7208725945&adk=3397241891&adf=1161742964&pi=t.ma~as.7208725945&w=250&lmt=1700004689&format=250x250&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688919&bpp=1&bdt=316&idt=184&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1343&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=186

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

678697c08ddc460e366d3524bcbccdaac02b646b10f03fc27994fe29e101a681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pisni.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14699
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:29 GMT
expires: Tue, 14 Nov 2023 23:31:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C1D4 0
180 B 50ms
49ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&adk=1812271804&adf=3025194257&lmt=1700004689&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688931&bpp=2&bdt=328&idt=175&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C250x250&prev_slotnames=9579533887&nras=1&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=185

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pisni.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:29 GMT
expires: Tue, 14 Nov 2023 23:31:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
198 B 50ms
50ms Image
image/gif 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=2023918506&utmhn=www.pisni.org.ua&utme=8(3!feature*5!segment)9(3!SFG*5!m)11(3!1)&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%A2%D0%B5%D0%BA%D1%81%D1%82%D0%B8%20%D1%82%D0%B0%20%D0%B0%D0%BA%D0%BE%D1%80%D0%B4%D0%B8%20%D0%BF%D1%96%D1%81%D0%B5%D0%BD%D1%8C%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%96%20%D0%BF%D1%96%D1%81%D0%BD%D1%96&utmhid=120521270&utmr=-&utmp=%2F&utmht=1700004689125&utmac=UA-737540-1&utmcc=__utma%3D157420603.1146355442.1700004689.1700004689.1700004689.1%3B%2B__utmz%3D157420603.1700004689.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1304325822&utmredir=3&utmu=qQAAAAAAAAAAAAAAAAQBAAAE~

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Nov 2023 23:31:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E56A 140 KB
47 KB 177ms
91ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVQDUQACHO0DogkwAAC8sfLgVgY8SJsq8gPjwQ&u=%7CgXrI8IUz7yKRqHdrFMo14526%2FZRkT64YSdbIOTMYGng%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5M4q1Gj9rubS9eqWEwaJkhsGsNmrsuWZimjTRhAsY873ecwkf2dJM4ofzHWIS89O5UZJACzREYV76ADo_N9jtqV_-d9tLDM7AS2vUMi6ZNCsMJP_D64uLa0OoYsXWJY_zM2kpCwW04adsRgERK7EVQQinzqqs7ImHtI79od687XwWj8AUJsd-ngcTj5XFxpe36Ss_jz92mehj7lVKqB2i78-Xa3vTgIP4KiILXj0_7fxPKB-khNAaVEXa1hleBg3b3foDczl2jnc7KqmTu2rGnb442sj2pyyeWxc1EhV1YY7y7TpL0O0YoDx08kRvf2B1agFjfpVO-7tlQ3OSiMmJozm85GE53WpkwBRSjY4f18RSoF2LRbIA2h9fE6tPy-jCVqUhDE7eMGnRiTRfKkCe7fnSw-Iesx-eNp6rNsR5plLs2nxm-13c2EEHy5SiY2sYi9bTATAjno0Gp3eGKpyZAqOU619_ntHl2EPuTlE5s9NiWGiGyNRxr7HumPrJ98OQMedwVC-bwEpPMbBkMoaBH8LY5pWXOnTmCpNwYH5kADo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCklk4UQNUZe25CLCSiM0PsfmC4AjJntKxXNWdkfdwwI23ARABIABgldr8gZQHggEXY2EtcHViLTI2Mzk0NDg3NjAzOTUxMjfIAQmpAtnqYQBjOLI-qAMByAMCqgTZAU_Qh0WS0DKg2JVBNlzeATAlH1QZYmaGpadGeel9YKjjIB81wWxbxZkQ5gL47g-4rvjeMX8jN64zwwCRZTfs3PJknZBrg-VK_dDVzmwm6mzd9XhbxlvPTvyZSlFIGXBB340tgBOuLxNHiySZ_NTGNPHACM8BiUl4Q3sA24-Y3gd1DLj4_z1zQmn0eW_-6fAggPG26EkjqcyO3NuOr1b7iEusKROMbHuTzi7ktA6viiOqx33B8iH0r8wnYJ0fo45tqb2nLeLN3I9Wn0ezbMqHK-BW2Kf_ob5IPFaABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Lsa4k5OvHu5ARKxdIvmZtGwJamw%26client%3Dca-pub-2639448760395127%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=9579533887&adk=196833566&adf=10100615&pi=t.ma~as.9579533887&w=728&lmt=1700004689&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688792&bpp=126&bdt=189&idt=290&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&abxe=1&correlator=6578430204843&frm=20&pv=2&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

66f125300043a72ed4807b8335e022011d8ee087c0678b4e61fa1d0b4b99e668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DYR5rUqYWPBGxEr5cRrJ7tBmOy9dg6ZJ_P9VBGloRKOPLGnM_lMIWmIYVJWWryWQYf9jp7w0Mt5RiF4rgyCzzBcKobxb0NG8gIb_9Vl_BNtbvUfkY0-OxBFaFXeGyVWs2RrLXzpOb5N5MRhSsqlwRajaFnXXzUpdB9Q9RoTrmm-LcZcPbpA_i9yL9yag5UIUlu-2WpIeGaWekpV6I0N82yHy_Be-855xbZ_F1VlDZu3LK7aRe3-YCqPS4VXOZEtY-wVAXQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 41538632
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A5DF 3 KB
1 KB 140ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:42:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A5DF 20 KB
9 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5DF 199 KB
63 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:31:29 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BB93 158 KB
50 KB 220ms
168ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVQDUQACEZsK4E-MAAWX4KoMyHGevSMxCkAKyg&u=%7CgXrI8IUz7yL5KSVOM%2FFC6AgZBrbVItraJ6Q52a4ng%2BE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqArssQp8ietYBV6CyGQtzkwKXz9zanFgq6EFzdXc0NYZHnrwV5pMC_NoKJXGOZE5KZI6YcXSE2-whcFt5EjvOlyOtHC0LOab15UiL4CtT22yEnQNGgLewr3gEYyLTzaC6_1_G6kqB8wMExKlwGQzbIT-1f-xJtL99-7cMzO5PnMrWFhoyKAIAeNnv6zIWo_JrE69NHjFqcohSGEPfPtdjE3dqWyoRTHJJt7Dz6TV8zoPoMPZAnXm5qAiPEI5Bq-Vyni-L-b6eHVDKrSzwrreOU5mr-mnwt6zOivP1CpsdgC3trNA5QH3WAo6HUcCLywqlyiJRsiWw7gkyCESGJqaLdXxVE1e5PbWFSw32pGyX62Uqp1pDNEuwSU2S4gAJ4xamPs-T-YoTxxh9rBnsrTpanfc7jZTT8SmBnWGtxmKAY0-xxyG5CBfl9qiz2AoTJJLYW9RDM1NKpEzb5IffWCOTNknx8Cujm5a-Mj4QtRHFtztxnh-jkojHOb9lfxX6084w5Sw7wh28K4fTyZAm0eLmMA1r_x9YHOOOcRc7jhrfJWijn1J9rU12eRGx3ZeQ6bjy4qdSXTm0mt1eVv4jsy1rW7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp5fmUQNUZZujCIyfgQfgr5bAD8me0rFc1Z2R93DAjbcBEAEgAGCV2vyBlAeCARdjYS1wdWItMjYzOTQ0ODc2MDM5NTEyN8gBCakC2ephAGM4sj6oAwHIAwKqBN0BT9D9VQeozptCWMW97_xAJu2Jh7QLLfEJrdMdjKeYefC6CofdG13G8flfwviADRrhTn971tz2hU-8EUcz3hlgNpGksyJmxcuqlOros5IDbmTwRZmNMCD_LhugSQNYb_RusOA22wK0-W9VnZbd-EzaHRbUpOPBYnF97F3leIv-qgJ-0PJkQjx7ea1rrV7d2twZ3XnE8M6e0zFowMuBlGFCCivWcB5_K68NrHp6v4bNVNAVNbeC58j7Y0pH0qYUlWmGwIxFdngBF1dlmgPhj2NjBEzkZwJIU3zrLoLVpDiABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0JrVuKeSW3JJKP5VxrS4iIAVhxIw%26client%3Dca-pub-2639448760395127%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=250&slotname=7208725945&adk=3397241891&adf=1161742964&pi=t.ma~as.7208725945&w=250&lmt=1700004689&format=250x250&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688919&bpp=1&bdt=316&idt=184&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1343&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9e4b14bccd2b3d454abf7a0dcc9501e5fcf8766632a8a4e782ba7f611433f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=J6XOpEqYWPBGxEr5_l-r_uFVa4cNLxSdncvW5Ej4DIOj6YoEVNXXUuhXGK7lMafhgF7qkAHiKrWVmAe1lr9E3qszRaW0zS1FM-PRr-xPih5L7I6rwHXJGBFqx6JDbGVm2LAdVCH9QyrerdMny8Tv05bJREJIkxQRZhWOZS-Lu6S00yJE62Fqmj-HYv4pYEZmJ4go4vcGKohCOmucocAqZJe1QDNSUg5EusmHfwLmDYHozfIGvCXV-dgxCHApJyBz4voMSQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52978049
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 50B9 3 KB
1 KB 104ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:42:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 50B9 20 KB
8 KB 98ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50B9 199 KB
63 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:31:29 GMT

GET
DATA 200
OK truncated
/ Frame A5DF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bde21fa459776734f50218b4865d4d5360d2b2444b3c9d935cfd49a51e051635

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E56A 2 KB
1 KB 130ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVQDUQACHO0DogkwAAC8sfLgVgY8SJsq8gPjwQ&u=%7CgXrI8IUz7yKRqHdrFMo14526%2FZRkT64YSdbIOTMYGng%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5M4q1Gj9rubS9eqWEwaJkhsGsNmrsuWZimjTRhAsY873ecwkf2dJM4ofzHWIS89O5UZJACzREYV76ADo_N9jtqV_-d9tLDM7AS2vUMi6ZNCsMJP_D64uLa0OoYsXWJY_zM2kpCwW04adsRgERK7EVQQinzqqs7ImHtI79od687XwWj8AUJsd-ngcTj5XFxpe36Ss_jz92mehj7lVKqB2i78-Xa3vTgIP4KiILXj0_7fxPKB-khNAaVEXa1hleBg3b3foDczl2jnc7KqmTu2rGnb442sj2pyyeWxc1EhV1YY7y7TpL0O0YoDx08kRvf2B1agFjfpVO-7tlQ3OSiMmJozm85GE53WpkwBRSjY4f18RSoF2LRbIA2h9fE6tPy-jCVqUhDE7eMGnRiTRfKkCe7fnSw-Iesx-eNp6rNsR5plLs2nxm-13c2EEHy5SiY2sYi9bTATAjno0Gp3eGKpyZAqOU619_ntHl2EPuTlE5s9NiWGiGyNRxr7HumPrJ98OQMedwVC-bwEpPMbBkMoaBH8LY5pWXOnTmCpNwYH5kADo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCklk4UQNUZe25CLCSiM0PsfmC4AjJntKxXNWdkfdwwI23ARABIABgldr8gZQHggEXY2EtcHViLTI2Mzk0NDg3NjAzOTUxMjfIAQmpAtnqYQBjOLI-qAMByAMCqgTZAU_Qh0WS0DKg2JVBNlzeATAlH1QZYmaGpadGeel9YKjjIB81wWxbxZkQ5gL47g-4rvjeMX8jN64zwwCRZTfs3PJknZBrg-VK_dDVzmwm6mzd9XhbxlvPTvyZSlFIGXBB340tgBOuLxNHiySZ_NTGNPHACM8BiUl4Q3sA24-Y3gd1DLj4_z1zQmn0eW_-6fAggPG26EkjqcyO3NuOr1b7iEusKROMbHuTzi7ktA6viiOqx33B8iH0r8wnYJ0fo45tqb2nLeLN3I9Wn0ezbMqHK-BW2Kf_ob5IPFaABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Lsa4k5OvHu5ARKxdIvmZtGwJamw%26client%3Dca-pub-2639448760395127%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E56A 2 KB
1 KB 130ms
44ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E56A 308 B
636 B 124ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E56A 293 B
621 B 123ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E56A 43 B
347 B 148ms
43ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jVb6GT-ZLOqQdR2Krdrafv0luw9dI4-CC5cW1q_EXGurv_z_sybOVoEMA2-UERBHhymGP6BHxqC9zceB--0quVUL3T2EcKjC4IkmQOAvieeT5CYAS7a6uBbXmoz3XQPlTe5thW8aw9BuQzDn2rqK6WEVmkkoDb4_Mz-nfqUzN0JyCf4XBfuUJFUrgFyek4cejFrvgrSnzW3T7EvKslKfB1U-N4ORil7O-JWZmKJqVZ3fQpgCsrj-EXodWgYFyB8UULzWB4X1JUMesz3tU6b1UXx5IeCLwSZ_jbnLQMJuk6DoD77PEEAYTeFVSwR82ivxYOuDerMhLMz_cisYhZoABDjpGUbyuPkDfJcQ7zcoF3sXZG6G7mGhDXTSHb4ETIDu34N_dr3dQEDhj8XKanu_4yRumQ1QVa29Hn8ASkMAEv3Q_oekH1wpvs2aLjeBDBz9L0jp8A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1868571
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NXDVFYNNNK&gtm=45je3b81v9120595294&_p=1700004688623&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1146355442.1700004689&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700004688&sct=1&seg=0&dl=https%3A%2F%2Fwww.pisni.org.ua%2F&dt=%D0%A2%D0%B5%D0%BA%D1%81%D1%82%D0%B8%20%D1%82%D0%B0%20%D0%B0%D0%BA%D0%BE%D1%80%D0%B4%D0%B8%20%D0%BF%D1%96%D1%81%D0%B5%D0%BD%D1%8C%20-%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%96%20%D0%BF%D1%96%D1%81%D0%BD%D1%96&en=screen_view&_ee=1&ep.pisni_section=m&_et=2&tfd=1819
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NXDVFYNNNK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pisni.org.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 50B9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4a92aeea14e590472c597589b88d31305ee49c5df99ac789182fd3153db8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E56A 12 KB
5 KB 137ms
45ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 237499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76eRfFGOyq1FK%2BG6O7OsUhQgyGR7uCa%2B%2FhASya6ARuVr3NVLvfhlwEBIfNM3D%2FiR0xZmkvdtRsQ465hGzdsJK4IVve81Ymmp0B0l1%2BYRJ3Q8IR7cDrcWcyw0d5jP8ONAycuCOJyFk%2BvkP5jyV%2FUhV49O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82630c5f3dc73610-FRA
expires: Sun, 03 Nov 2024 23:31:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50B9 0
23 B 88ms
87ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7R0gUQNUZZujCIyfgQfgr5bAD8me0rFc1Z2R93DAjbcBEAEgAGCV2vyBlAeCARdjYS1wdWItMjYzOTQ0ODc2MDM5NTEyN8gBCakC2ephAGM4sj6oAwHIAwKqBNoBT9D9VQeozptCWMW97_xAJu2Jh7QLLfEJrdMdjKeYefC6CofdG13G8flfwviADRrhTn971tz2hU-8EUcz3hlgNpGksyJmxcuqlOros5IDbmTwRZmNMCD_LhugSQNYb_RusOA22wK0-W9VnZbd-EzaHRbUpOPBYnF97F3leIv-qgJ-0PJkQjx7ea1rrV7d2twZ3XnE8M6e0zFowMuBlGFCCivWcB5_K68NrHp6v4bNVNAVNbeCpcra8crUApuyRU5cTKys0nYmHeFvtBtjO6teor5beS5Qy7Z_DmuABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjYzOTQ0ODc2MDM5NTEyNxgA&sigh=kDY7cQhUp1A&uach_m=[UACH]&cid=CAQSTgDICaaNx6br0VC44cUrh2ipLldijfQRG8AnJL37fxv0ZbMPZtzOFX5UggJXSd6fH93DZwo6jLJ8wgTvUXFy8YLGib4W5uU96ERtNv6hURgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=250&slotname=7208725945&adk=3397241891&adf=1161742964&pi=t.ma~as.7208725945&w=250&lmt=1700004689&format=250x250&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688919&bpp=1&bdt=316&idt=184&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1343&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 14 Nov 2023 23:31:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Nov 2023 23:31:29 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 50B9 0
126 B 164ms
50ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=koqLFYDEMPoB-gGdg2ICAgAAAJu8aeXelMd0-fUpyhBQA1Rl1kN0GRttcP8onQAAEgAACgpBUVVERHdFQkR3&wp=ZVQDUQACEZsK4E-MAAWX4KoMyHGevSMxCkAKyg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 138380
server: Kestrel
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E56A 12 KB
6 KB 122ms
88ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E56A 2 KB
2 KB 145ms
51ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F4848686%2Fec0a6f3a4f4b4a0f8eb4a29df22d2d97_500x500.jpg&v=3&w=256&rid=4&s=Ylt29GytRTrXPKpu15UznhzE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

87f31a4d9982d94ad2529856980a83c04df453d5b76953d97f18a7054595b914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1958
expires: Fri, 11 Oct 2024 09:52:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E56A 51 KB
51 KB 227ms
133ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F5084113%2Fc7c2b6bc43c444d4b47cf90174b65599_1200x628_prospecting.jpg&v=3&w=1200&rid=4&s=gQzpqbsnX96RJrwp8tGTE-5K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b7f928b24fde5b0a3e93b9fa5d702b2da2d18047a3689f2f7e7625510f35079b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 51992
expires: Fri, 01 Nov 2024 13:47:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E56A 15 KB
15 KB 188ms
95ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Ffiles%2Fget_up_glow_trio_collectionspage01.jpg%3Fv%3D1686559880&v=3&w=400&rid=4&s=gyGMUQr38ZL1pvuHUf1JxGdr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4386bc4b95940bd485e357a8ee1e58f4be6b26479c9f6678e476b2d604ad87bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14984
expires: Fri, 11 Oct 2024 10:35:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E56A 6 KB
6 KB 208ms
114ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Fproducts%2Fallies-of-skin-peptides-and-omegas-firming-eye-cream-01.jpg%3Fv%3D1674052408&v=3&w=400&rid=4&s=ZUeppG7k-kW4qb7BKdsBDX9c&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

086ad890fd0f983a64e291907934666cdcfebb94f40c247d4641bdc666089baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6168
expires: Sun, 27 Oct 2024 15:52:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E56A 8 KB
9 KB 141ms
48ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Fproducts%2FRefinedRadianceRoutinecollectionspage01c.jpg%3Fv%3D1678950523&v=3&w=400&rid=4&s=YjEI3A8vJmvO5UiqQzADabGV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ed4cdcaf9f9f61ddd90b8485b32eda18dc239a0c356c5cc0adca782a1d6957c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 8644
expires: Fri, 11 Oct 2024 09:42:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E56A 7 KB
7 KB 251ms
158ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Fproducts%2Fmolecularsilkaminohydratingcleanser01_d81a5413-e8f4-4976-86a8-2d44b8b682ff.jpg%3Fv%3D1679397479&v=3&w=400&rid=4&s=jM-Gr_upYP0LO1dpkPoXfXo-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08ebe0c89f338dac1af20f05f3c706ee8a40ce0a479ab4104878b42e65df7689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7174
expires: Mon, 28 Oct 2024 15:51:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E56A 0
127 B 108ms
42ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=DYR5rUqYWPBGxEr5cRrJ7tBmOy9dg6ZJ_P9VBGloRKOPLGnM_lMIWmIYVJWWryWQYf9jp7w0Mt5RiF4rgyCzzBcKobxb0NG8gIb_9Vl_BNtbvUfkY0-OxBFaFXeGyVWs2RrLXzpOb5N5MRhSsqlwRajaFnXXzUpdB9Q9RoTrmm-LcZcPbpA_i9yL9yag5UIUlu-2WpIeGaWekpV6I0N82yHy_Be-855xbZ_F1VlDZu3LK7aRe3-YCqPS4VXOZEtY-wVAXQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E56A 2 KB
1 KB 55ms
54ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E56A 2 KB
1 KB 53ms
52ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BB93 2 KB
1 KB 60ms
48ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVQDUQACEZsK4E-MAAWX4KoMyHGevSMxCkAKyg&u=%7CgXrI8IUz7yL5KSVOM%2FFC6AgZBrbVItraJ6Q52a4ng%2BE%3D%7C&c1=s9Ouqadr9PMXEEf9T3KSp2NRawDp88DGRxIbKBsnzqArssQp8ietYBV6CyGQtzkwKXz9zanFgq6EFzdXc0NYZHnrwV5pMC_NoKJXGOZE5KZI6YcXSE2-whcFt5EjvOlyOtHC0LOab15UiL4CtT22yEnQNGgLewr3gEYyLTzaC6_1_G6kqB8wMExKlwGQzbIT-1f-xJtL99-7cMzO5PnMrWFhoyKAIAeNnv6zIWo_JrE69NHjFqcohSGEPfPtdjE3dqWyoRTHJJt7Dz6TV8zoPoMPZAnXm5qAiPEI5Bq-Vyni-L-b6eHVDKrSzwrreOU5mr-mnwt6zOivP1CpsdgC3trNA5QH3WAo6HUcCLywqlyiJRsiWw7gkyCESGJqaLdXxVE1e5PbWFSw32pGyX62Uqp1pDNEuwSU2S4gAJ4xamPs-T-YoTxxh9rBnsrTpanfc7jZTT8SmBnWGtxmKAY0-xxyG5CBfl9qiz2AoTJJLYW9RDM1NKpEzb5IffWCOTNknx8Cujm5a-Mj4QtRHFtztxnh-jkojHOb9lfxX6084w5Sw7wh28K4fTyZAm0eLmMA1r_x9YHOOOcRc7jhrfJWijn1J9rU12eRGx3ZeQ6bjy4qdSXTm0mt1eVv4jsy1rW7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp5fmUQNUZZujCIyfgQfgr5bAD8me0rFc1Z2R93DAjbcBEAEgAGCV2vyBlAeCARdjYS1wdWItMjYzOTQ0ODc2MDM5NTEyN8gBCakC2ephAGM4sj6oAwHIAwKqBN0BT9D9VQeozptCWMW97_xAJu2Jh7QLLfEJrdMdjKeYefC6CofdG13G8flfwviADRrhTn971tz2hU-8EUcz3hlgNpGksyJmxcuqlOros5IDbmTwRZmNMCD_LhugSQNYb_RusOA22wK0-W9VnZbd-EzaHRbUpOPBYnF97F3leIv-qgJ-0PJkQjx7ea1rrV7d2twZ3XnE8M6e0zFowMuBlGFCCivWcB5_K68NrHp6v4bNVNAVNbeC58j7Y0pH0qYUlWmGwIxFdngBF1dlmgPhj2NjBEzkZwJIU3zrLoLVpDiABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0JrVuKeSW3JJKP5VxrS4iIAVhxIw%26client%3Dca-pub-2639448760395127%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BB93 2 KB
1 KB 55ms
43ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BB93 308 B
636 B 49ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BB93 293 B
622 B 48ms
42ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BB93 43 B
348 B 78ms
43ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Ojcj7XZ6zN0ZoiYeE_tOnRs6V6Mam8VFwdByEV1J7rU4s3tLU8baS-9P7S-rjw4POMODkk3D4U8WMR5EQiLmo-AYVTo1FS8zsW4VCvpdOFvXB8Eui3kiO_dEuQkgkb5q99mDaRXpR_F-7H1IAe40BROqSvu4EQLcbsd5AchhGACHiRwGAK_F6hHjqn7RJ4ndCmcuUf1Js1lErT5S6xnaucPFE1vOuew8VMU6GUouxWWSUiucJrEuTxumJtQcHYAoMvAjs1JuJdCv_d2-n_nw1pI8iTVXBfSvnduK-dmuoz-VkoC2vsSBcbQRCRchpx3fpBqIThJBQkiP68GjHttlTe7cQW1CfM6clmhcOrEBltm4vMPCt90SIGJYBESSxZiEjDb0CZ3QVNBv1T1cpbpNRGXWLjyDYfKADiRZs9gimJO603kT6DMnLvJShPuisgJqyilltw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1789099
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BB93 12 KB
5 KB 98ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 237499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zR8UbkwFi8PBlqchAg2VMkaf6yFcL956gBkv%2B0%2BxDKrbVoIt9sCYDBl6oN3dZTW8%2B3ttK2rF%2FiPj%2FW%2B3%2BePS2ibEwcPGEjiXjzkFYyE4cKT4NSx60HTyJzIfsTU7rjZ7zcGUtl78Wgj%2ByQ8a2JAMxUbC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82630c5f3dc93610-FRA
expires: Sun, 03 Nov 2024 23:31:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BB93 12 KB
6 KB 90ms
90ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BB93 15 KB
15 KB 258ms
209ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4386bc4b95940bd485e357a8ee1e58f4be6b26479c9f6678e476b2d604ad87bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14984
expires: Fri, 11 Oct 2024 10:35:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BB93 12 KB
12 KB 154ms
106ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F4848686%2F35ada455a8fe4014ac3c491f27889b85_horizontal.png&v=3&w=496&rid=4&s=-eDzi-AiSTVhr2g20zQFv1Kl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7ccd1ecf33c08a757676770863630c000f78276abe1056ff38c534b782782496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12184
expires: Tue, 05 Nov 2024 06:05:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BB93 77 KB
77 KB 217ms
169ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F98009%2F5084113%2F4d081a092cf4435e805acf055f4f12c2_1080x1620_prospecting.jpg&v=3&w=1200&rid=4&s=nIMI_mhSMWimDMP3Rlew4FFJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

67cc8747a59f3dc59112642c783acff57ba59517bdfbdd08d86b38f2779e3145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 78430
expires: Fri, 01 Nov 2024 13:47:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BB93 10 KB
10 KB 257ms
210ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=98009&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0584%2F3645%2F2512%2Fproducts%2Fcollectionspage01_b54e7ead-c6ed-45d4-80d3-d0f4a2f08d26.jpg%3Fv%3D1679549491&v=3&w=400&rid=4&s=ceRp14Bxq34RQ618dgi4Wf06&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b2467767f5c52291c0584a252e37d994dba7c0e7eb2aecfc846cbb2d888f70a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10416
expires: Sun, 27 Oct 2024 15:52:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BB93 0
128 B 130ms
41ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=J6XOpEqYWPBGxEr5_l-r_uFVa4cNLxSdncvW5Ej4DIOj6YoEVNXXUuhXGK7lMafhgF7qkAHiKrWVmAe1lr9E3qszRaW0zS1FM-PRr-xPih5L7I6rwHXJGBFqx6JDbGVm2LAdVCH9QyrerdMny8Tv05bJREJIkxQRZhWOZS-Lu6S00yJE62Fqmj-HYv4pYEZmJ4go4vcGKohCOmucocAqZJe1QDNSUg5EusmHfwLmDYHozfIGvCXV-dgxCHApJyBz4voMSQ&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 23:31:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BB93 2 KB
1 KB 66ms
61ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BB93 2 KB
1 KB 66ms
61ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5DC 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Csq2FiMTBCf3INd5WFR7wQKgSQpP0bpxXkYg5bOQvsK1WnRe0HKzZWT84xd7GuCeaLZ3jZBX6gcKXOh9qhFmxMWhF1fCEVnN1s3q6bLlYtuc4MvXY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=5592391948&adk=3081044279&adf=3540024497&pi=t.ma~as.5592391948&w=728&lmt=1700004689&format=728x90&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688918&bpp=1&bdt=315&idt=179&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=182

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A8A9 624 B
246 B 55ms
54ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNWn9SfGc5TGTO-iZxlWMWs29CQj4bb3VTcfB8TN-bZEXdzDFoDHdtaMtSsB_sLyinbGQJNQJbbStQEn8wWaQKFcpnVXLFnzcQW7HWjB0Fynq0tKrTZ_oStkU5zKg4UTPU7vVNoRN06GBuAPwthQGZn8gJmwcA3aI0thZucpltk-GRw9iV4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=5592391948&adk=3081044279&adf=3540024497&pi=t.ma~as.5592391948&w=728&lmt=1700004689&format=728x90&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688918&bpp=1&bdt=315&idt=179&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_slotnames=9579533887&correlator=6578430204843&frm=20&pv=1&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=308&ady=237&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=182
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:29 GMT
expires: Tue, 14 Nov 2023 23:31:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B5DC 111 KB
39 KB 152ms
39ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame B5DC 7 KB
3 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:41:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B5DC 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:58:47 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B5DC 41 KB
14 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 409638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 05:44:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B5DC 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:42:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 18:42:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B5DC 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 15:51:25 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5DC 199 KB
63 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64401
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699878811805094"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 23:31:29 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A8A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1

43 B
540 B

61ms
60ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNWn9SfGc5TGTO-iZxlWMWs29CQj4bb3VTcfB8TN-bZEXdzDFoDHdtaMtSsB_sLyinbGQJNQJbbStQEn8wWaQKFcpnVXLFnzcQW7HWjB0Fynq0tKrTZ_oStkU5zKg4UTPU7vVNoRN06GBuAPwthQGZn8gJmwcA3aI0thZucpltk-GRw9iV4
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fODdYY3ZhMnPHHobrX0gl14yEkSyl2%2FaYnBlcnGWGEHCKMCNB%2FUCP9QDuEUxodP96A9Av7b57MwJPoS%2FCir%2BKkIFlzCQkhL0ZLELJgyGgkKiZU%2Bfdjjr5wCPzRNyDE92Nbf0eHgaofSniw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82630c608b8d6a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A8A9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVQDUb.rHHw550CxnOUa9wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1&google_hm=2

43 B
767 B

60ms
59ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNWn9SfGc5TGTO-iZxlWMWs29CQj4bb3VTcfB8TN-bZEXdzDFoDHdtaMtSsB_sLyinbGQJNQJbbStQEn8wWaQKFcpnVXLFnzcQW7HWjB0Fynq0tKrTZ_oStkU5zKg4UTPU7vVNoRN06GBuAPwthQGZn8gJmwcA3aI0thZucpltk-GRw9iV4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUdRq%2BNQrZfwhnuuCd0bNSqpvNggpMAhMPq7I9jBVMg1PFvvp7JvbDQae3uhuJoJTVo0WM5VBaEcvLSF3jtzvg9uiAMhNBC0um6zaT3tdGEi33ZL9Jx%2FpXB9quCDn06RLuBwaGPttd49yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82630c611c846a77-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKM3ipjybnWWUrZPxQUVKw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A8A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBNoFykob8U14bV39CACnoI&google_cver=1

43 B
834 B

40ms
39ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBNoFykob8U14bV39CACnoI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNWn9SfGc5TGTO-iZxlWMWs29CQj4bb3VTcfB8TN-bZEXdzDFoDHdtaMtSsB_sLyinbGQJNQJbbStQEn8wWaQKFcpnVXLFnzcQW7HWjB0Fynq0tKrTZ_oStkU5zKg4UTPU7vVNoRN06GBuAPwthQGZn8gJmwcA3aI0thZucpltk-GRw9iV4

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
an-x-request-uuid: a2597084-747b-4d6f-8440-0ae34f8fe713
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBNoFykob8U14bV39CACnoI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A8A9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDQ4MjMwNjc3NDQxNzA2

170 B
243 B

53ms
53ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDQ4MjMwNjc3NDQxNzA2

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
an-x-request-uuid: fbc15879-79cf-482d-8af8-8b5264a220e3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQwNDQ4MjMwNjc3NDQxNzA2
x-proxy-origin: 80.255.7.103; 80.255.7.103; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame E56A 2 KB
842 B 42ms
42ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame E56A 2 KB
841 B 42ms
41ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame BB93 2 KB
842 B 44ms
43ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame BB93 2 KB
841 B 43ms
42ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:29 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 31BE 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 515367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 00:22:02 GMT
expires: Fri, 08 Nov 2024 00:22:02 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B5DC 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24888e7c78595574827cb0b9a9fbf4e0695d111b3e64c221007741b0c97c474c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame E56A 15 KB
16 KB 168ms
83ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:30 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame E56A 15 KB
16 KB 222ms
138ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:30 GMT

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame BB93 15 KB
16 KB 206ms
126ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:30 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame BB93 15 KB
16 KB 180ms
100ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Nov 2024 23:31:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E56A 15 KB
15 KB 81ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4386bc4b95940bd485e357a8ee1e58f4be6b26479c9f6678e476b2d604ad87bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14984
expires: Fri, 11 Oct 2024 10:35:26 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 31BE 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 19:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 19:02:59 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 6 KB
2 KB 121ms
41ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

285f908e9ac330cca2a1f542c2f53ed215e9eeaeabed4c4e8968e4e7e5254537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 120245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2128
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 14:07:25 GMT
expires: Tue, 12 Nov 2024 14:07:25 GMT
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B5DC 0
0 202ms
86ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstmHGrk2rTWS1dYjnMSFhT3Nwb7ZojZhlnRZvjZAUP6U8qVJwG_6z-5tzSMqGvUUkkOEkYnFNV2UMMWInc-uiJqraFGAByEdjZNEtfxXXDkpRTiCeSXKWyExuy0pyi1j-H9wexAQ-Xs5u1F5sLkbi40VMvAABMxzeVPOQlIBpaxbWcgxeUMZMR61dU7r3rEUSOJzpNdmUXJl8jb22lJZAeJo0l-8uZTiKfsqvBMaFUCGOjssp61xIqYAPy0hyTlV6BMSeJFrfiOhBzZ4iYSqPprUFenMxEruLEpHqJymKQnRj3QKaM6SqeJ8KpE_3GoIzGfo7foz4D5gnyLqLlQptPLFNQsH3n5kfGUQmxGIVCLxu_y9dDhOQfbI2r_XiERrRcT8K6wyOzkmIQkrspv5gG1rATXhpeQqoXUx8rOeY--CSfPXnlMnKGqPtpiCxuGe9B0LxqTg6Z_IKPT9r4t1jCHKggt84I_BCue9ta2qJKI1FUzzO0BQ-I8pwsUd9fkZDRQZTbtP_OqDmJ3XP-9SoAPlK7gDlYj2SUQtMmDRn20b993IiZE2o7wPwsCI2K_14RJI82KOdk3Q2cNc_WIXDlNrFW1oKBFRv6OKiy1UwlgV4RIktXCiy3PHI0hCLwT0aI-Gn4t7ktVpJHLbT1PaFEFG1RbA2NfhuoelRSRaLV2oMLAbogoavivQ0I20CZtmjIebeC8uFX-3y8PeGDnaUdcSWFu8dhn_ymg_9s3OkYVmHCChCPA73yRSpP4TV7-qO5ozr5_LtZCL0UbaYeFd_KVYGoMmSW-RpwQSL3RTO8bx4M4blYAShCilIG1qgR8ScZlHd54Ut86dSe9cfhZtPnVvqF0j3ayfRWI80z34x1NTVgmFFy7F71ibeSW_dbciq9qG41ke8WmFjh-QhDQH5lEdC88xhL6sT8ZNnKHALwho9ISQo5-TBvLJv9ymmmuZZNQrZy0PPia_6yPa8DLH0aX7q4rTm1EJDJjUCd998BoR8_DwwYJq4BjJEC5PW_JcxJIgGMqGkTs-bA0_Dnr2dL6o6U3dh9cqh3jsFZumJlY7vQLCw5Y20hjLpOP7waoAt8OpumSYub7w1jiBvGmbDkI9crwjuM4u0OKUL_EpiHDZOXbS9uL_ASHTz53lIP_MK5ZOVtvHLW_rQ6UUgSKZcY7thde8lFrPgoYUtRHxwN7p36aUDcHT0TZGV29YLbZ07rsEJvzf3loELbqseg5IR9EM5_7zxoVpuvMJMp7W9XZX1IO4NRVL031euiFAiwBh10koE8nDE1mpI16rmVvXzX9hnkqj6tV70U-CWYYHkGhgeNeCC0DJigmy3NWJ-ve8yEnsfM2JZz91V46mB9eLyZ0tKkprQFhqw&sai=AMfl-YQZnrMAgmkabf2hGwouu7WPddDnyNGVV5I0cNfz3Kjb5JdldS2-KLZLyPcsGaDLUCw6Mi0oPOLAs0MWpYsEnJMlc5iO86QwkFABuz-IGqU7kSW0NT8Gkqk1IjidlqEzHjeyLN75PysuBxv6S8gdZLy5n6Uki7CpWHsSifw04D3NrgL59wGZgcMmfBld4v1N43GpyBzihESJn4MF5JgPhZBBWe8qv447pGdp4Iz_AP2WbdsUVvrenV0r0eH6Q8-XNf4MtA6VGspmB3UV1ofm9NYUrw6aDe91ywBipSSYwsi7EEnsV1cBIDtd9Dwp5BMacjeETiztiDgkPuClkfAGPU1he3ooxaNIuYVBoFrwJBjGkvrEYGhG0e6mUS9wKX5-dAkKMJglEEqXfpM8x1cZdMige4OmZYLA6MAi2mOKcPQ9E8Z1rcg7asHE91M0xT9ZccPXb3zPvU99FWoZOe1-Hfo1MZcoeOzFoU6SRtpmJDoKRqnxbmX0ZV_4Mbmv1D19Ut8gug&sig=Cg0ArKJSzGd_Y5s6HWuQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9raWEuZGU&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=238&cbvp=1&cstd=236&cisv=r20231109.01913&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 14 Nov 2023 23:31:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 31BE 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZNYnUQNUZaGnDIqen88P65Og6AMAAAAAOAHgBAI&bg=!W1ilWBfNAAZxrfrxUa07ADQBe5WfOEEGndwEvP9EqitBQiG2zi0UUEAoJ2rRYFHUWQrvKoKmgO4P8OE6dJwV96kc6iZVAgAAAFlSAAAAA2gBB5kC8sdwXjgvBJCLXeFk47mZzh_Nk8P1ibIklPkkYeysLIt37gLsepmhQMlHt_Douabqq-2awKiVmQvA4C6RPFKMcNPtfvp-QiWq4SQnt08rJOdp6VVbkuQaDTX9Fhi_PpqQMUu3tcAYVPyXVYYP1N1jhKvpLsCQKmlKIC28t-QDvi3bbcIohdvRAAmnOyt32KGawPgjc96XtKNIr91mvzPy4t79QrPp9_ZQdRzoszSaje1x8BHwU86RkO6JlfMjOhuSfh1iDY4q0XomXRNNeZKKkrBRG9aeRbyA2103uJjCCyWeX3JrAC9g7us6ea7P8GC1RYXcfgKbRO-XnOHNvygLJuvHCO9Qh-DlTI5T8GtNVHRJMWGZwdxY-H-jHAmQzoi24t3_1FtJHi0u1iUDBpyOaoo2YHRc8LtmZAW4ywEEqVKY3yX_AvXKCwokDEojoBqS3o3HJtt_piv3bgt8dA8WBcN9gKFma74UFXY0vKASk1EoxSX-c0Lkyuv-jg6RGpJpz5dsmMBV9KAWlhpHWJ3kL9BiqYv8M9-HLTzNPcWkKWCKgUYmuFu0bKdQo6TaEVcoJJcPpAQnOZ5fyFOiXsu2KktgJI7A3Z_QAdq_hEdo6EmsuIUW-GKdzCTEC5caCpiYnTC21Yyb0JtkgRREM3m83H7mChKPIxJp2nqvDZyhVX0fOgkVlWhbbfLd9MZ8GCejOQxSCjI9nm_lyPHdUBlWJsGmzZ8z-MClAWpyiUBhawTDPs7iaiMkJF9D3L9wHG4gBb8T2b_6S1wZtUCgc27snnGWNhM_rj78_VkuMnRCBU6tREWlav-ULgoC68PLWW1dcapK6lbtXCWbTn5RcYgLb3pK6WY702Mh12cWEuuZPdETpAU6jLkvaPozPObjY8M0kMtJDniRK5xxapRfGIQRA_-Ldx9qhl2CSp2LlDBKBaEKzBPNI4zwM2zw5u2mAtiBeuEY7r5IAD9-PqHAGLb1P7v3WoIgAvTbDWxmNm1w-hCIZ3U

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A5DF 0
19 B 86ms
85ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUDopUQNUZe25CLCSiM0PsfmC4AjJntKxXNWdkfdwwI23ARABIABgldr8gZQHggEXY2EtcHViLTI2Mzk0NDg3NjAzOTUxMjfIAQmpAtnqYQBjOLI-qAMByAMCqgTWAU_Qh0WS0DKg2JVBNlzeATAlH1QZYmaGpadGeel9YKjjIB81wWxbxZkQ5gL47g-4rvjeMX8jN64zwwCRZTfs3PJknZBrg-VK_dDVzmwm6mzd9XhbxlvPTvyZSlFIGXBB340tgBOuLxNHiySZ_NTGNPHACM8BiUl4Q3sA24-Y3gd1DLj4_z1zQmn0eW_-6fAggPG26EkjqcyO3NuOr1b7iEusKROMbHuTzi7ktA6viiOqhX_gYKFnf_GBsLrFL66EDbOAJ1TH8pfUK4-Oyjg4NcxOQG1rgVeABuzopabn8ve5jQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjYzOTQ0ODc2MDM5NTEyNxgA&sigh=53taFt0N6Do&uach_m=[UACH]&cid=CAQSTwDICaaNVtmFI59pnejMHunraIaEi2gxGrSjHQ8Uv3kJNNT3K9XPE5h-MeUJi-H94fUfC4a6KTgf43il-9XdXteo3q8A7lxQhdwgtxjrNboYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=9579533887&adk=196833566&adf=10100615&pi=t.ma~as.9579533887&w=728&lmt=1700004689&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688792&bpp=126&bdt=189&idt=290&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&abxe=1&correlator=6578430204843&frm=20&pv=2&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 14 Nov 2023 23:31:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A5DF 0
125 B 50ms
49ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=koqLFcg12AVanYNiAgIAAAARhMpGDj1Dl_n1KcoQUANUZXmmyoRlfKz9PTQAABIAAAoKQVFVQkR3RUJEdw&wp=ZVQDUQACHO0DogkwAAC8sfLgVgY8SJsq8gPjwQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:29 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 156615
server: Kestrel
content-length: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame CAE1 236 KB
63 KB 218ms
66ms Script
text/javascript 2a02:26f0:780::210:a46b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:780::210:a46b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 14 Nov 2023 23:46:30 GMT

GET
H3 200 728x90_kia-flex_picanto.js Show response
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 38 KB
6 KB 40ms
39ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/728x90_kia-flex_picanto.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7bf086f345a4e84fcb980ecc5592ec1dd6f32d9900704005983a58ba54fc50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85633
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6189
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:44:17 GMT

GET
H3 200 bg_01.jpg
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 19 KB
19 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/bg_01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eadf22746d03e3230309ccc2e339dcac9443ec9ac414d0cb63e9c4a7e06cf0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:26 GMT
x-content-type-options: nosniff
age: 120244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19295
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:26 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B5DC 0
0 79ms
78ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstmHGrk2rTWS1dYjnMSFhT3Nwb7ZojZhlnRZvjZAUP6U8qVJwG_6z-5tzSMqGvUUkkOEkYnFNV2UMMWInc-uiJqraFGAByEdjZNEtfxXXDkpRTiCeSXKWyExuy0pyi1j-H9wexAQ-Xs5u1F5sLkbi40VMvAABMxzeVPOQlIBpaxbWcgxeUMZMR61dU7r3rEUSOJzpNdmUXJl8jb22lJZAeJo0l-8uZTiKfsqvBMaFUCGOjssp61xIqYAPy0hyTlV6BMSeJFrfiOhBzZ4iYSqPprUFenMxEruLEpHqJymKQnRj3QKaM6SqeJ8KpE_3GoIzGfo7foz4D5gnyLqLlQptPLFNQsH3n5kfGUQmxGIVCLxu_y9dDhOQfbI2r_XiERrRcT8K6wyOzkmIQkrspv5gG1rATXhpeQqoXUx8rOeY--CSfPXnlMnKGqPtpiCxuGe9B0LxqTg6Z_IKPT9r4t1jCHKggt84I_BCue9ta2qJKI1FUzzO0BQ-I8pwsUd9fkZDRQZTbtP_OqDmJ3XP-9SoAPlK7gDlYj2SUQtMmDRn20b993IiZE2o7wPwsCI2K_14RJI82KOdk3Q2cNc_WIXDlNrFW1oKBFRv6OKiy1UwlgV4RIktXCiy3PHI0hCLwT0aI-Gn4t7ktVpJHLbT1PaFEFG1RbA2NfhuoelRSRaLV2oMLAbogoavivQ0I20CZtmjIebeC8uFX-3y8PeGDnaUdcSWFu8dhn_ymg_9s3OkYVmHCChCPA73yRSpP4TV7-qO5ozr5_LtZCL0UbaYeFd_KVYGoMmSW-RpwQSL3RTO8bx4M4blYAShCilIG1qgR8ScZlHd54Ut86dSe9cfhZtPnVvqF0j3ayfRWI80z34x1NTVgmFFy7F71ibeSW_dbciq9qG41ke8WmFjh-QhDQH5lEdC88xhL6sT8ZNnKHALwho9ISQo5-TBvLJv9ymmmuZZNQrZy0PPia_6yPa8DLH0aX7q4rTm1EJDJjUCd998BoR8_DwwYJq4BjJEC5PW_JcxJIgGMqGkTs-bA0_Dnr2dL6o6U3dh9cqh3jsFZumJlY7vQLCw5Y20hjLpOP7waoAt8OpumSYub7w1jiBvGmbDkI9crwjuM4u0OKUL_EpiHDZOXbS9uL_ASHTz53lIP_MK5ZOVtvHLW_rQ6UUgSKZcY7thde8lFrPgoYUtRHxwN7p36aUDcHT0TZGV29YLbZ07rsEJvzf3loELbqseg5IR9EM5_7zxoVpuvMJMp7W9XZX1IO4NRVL031euiFAiwBh10koE8nDE1mpI16rmVvXzX9hnkqj6tV70U-CWYYHkGhgeNeCC0DJigmy3NWJ-ve8yEnsfM2JZz91V46mB9eLyZ0tKkprQFhqw&sai=AMfl-YQZnrMAgmkabf2hGwouu7WPddDnyNGVV5I0cNfz3Kjb5JdldS2-KLZLyPcsGaDLUCw6Mi0oPOLAs0MWpYsEnJMlc5iO86QwkFABuz-IGqU7kSW0NT8Gkqk1IjidlqEzHjeyLN75PysuBxv6S8gdZLy5n6Uki7CpWHsSifw04D3NrgL59wGZgcMmfBld4v1N43GpyBzihESJn4MF5JgPhZBBWe8qv447pGdp4Iz_AP2WbdsUVvrenV0r0eH6Q8-XNf4MtA6VGspmB3UV1ofm9NYUrw6aDe91ywBipSSYwsi7EEnsV1cBIDtd9Dwp5BMacjeETiztiDgkPuClkfAGPU1he3ooxaNIuYVBoFrwJBjGkvrEYGhG0e6mUS9wKX5-dAkKMJglEEqXfpM8x1cZdMige4OmZYLA6MAi2mOKcPQ9E8Z1rcg7asHE91M0xT9ZccPXb3zPvU99FWoZOe1-Hfo1MZcoeOzFoU6SRtpmJDoKRqnxbmX0ZV_4Mbmv1D19Ut8gug&sig=Cg0ArKJSzGd_Y5s6HWuQEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9raWEuZGU&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=653&vt=11&dtpt=415&dett=3&cstd=236&cisv=r20231109.01913&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.pisni.org.ua
URL: https://www.pisni.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 138ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f056ff33d15edbbf4bd2262477924b76537b4bc808e4d4665ba0df0cce691448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12311
x-xss-protection: 0

GET
H3 200 bg_02.jpg
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 23 KB
23 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/bg_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8cf8af5f7ce1b60e70dae3f619a1f9e855b7ab5e68feb12aaadbb2a97713d28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:45:59 GMT
x-content-type-options: nosniff
age: 528331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23545
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 20:45:59 GMT

GET
H3 200 btn_cta.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 438 B
465 B 40ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/btn_cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea36e2e156d5d861e513457927036cc4cc08f1ae5ee35562213f40db5840487f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:26 GMT
x-content-type-options: nosniff
age: 120244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:26 GMT

GET
H3 200 headline_01.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 822 B
849 B 41ms
40ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/headline_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc86e1b35b866377c2ac0238841223a9f6e1dfb3893749dc3026e472bf005843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:26 GMT
x-content-type-options: nosniff
age: 120244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 822
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 23:31:30 GMT

GET
H3 200 headline_02.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 1 KB
1 KB 39ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/headline_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52e2bf4766cac03a5433dff25caf4e8ed4f98a85e74a2d0f337640918b70737c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:26 GMT
x-content-type-options: nosniff
age: 120244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5DF 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyVRRM_YlyCrKhG2NcHvwHtxYL2mTH9JUS9WSYUxKDxSFh7aaAUJsNi7Ko4vDWCUMnDLQh4kqT9dAzA_Y18b2PyDa_w7UazZaVcmwhCAGAh4VVgRTr&sig=Cg0ArKJSzFeGgL9EayCEEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=196833566&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700004689093&rpt=530&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon_check.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 740 B
767 B 40ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/icon_check.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467f3917eae4e04ecc5b93d003a2cc082233813949a443973d66d3e6351a02bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:26 GMT
x-content-type-options: nosniff
age: 120244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 740
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8CA 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pisni.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 20:39:34 GMT
expires: Wed, 13 Nov 2024 20:39:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E7A1 829 B
1 KB 142ms
48ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc44f7ad294e120ed60e8fe9c729f9d7df54d382a5183f5f8f4a61f5af7bcf40

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g3-Kmo51EVRgzN1HBmP68A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pisni.org.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-g3-Kmo51EVRgzN1HBmP68A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 23:31:30 GMT
expires: Tue, 14 Nov 2023 23:31:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50B9 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDSeaRNZlAgnRAVMz8Fp37nmQScXc5otVT3d85IvieXfiCHzNeXplCx7erbvQHyzBLj6ldcA2u-xXwAvZyxW04twUkYNpXLBy3pW0vjxihK3BqxQPm&sig=Cg0ArKJSzCKHvbQxn0bLEAE&id=lidar2&mcvt=1000&p=0,0,250,250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3397241891&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700004689106&rpt=571&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kia_flex_white.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/kia_flex_white.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c27b3b668a4d0e76ab6d3e9595aca410859c3733ad4108c3329aab1340948015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:26 GMT
x-content-type-options: nosniff
age: 120244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1988
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:26 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E56A 0
127 B 42ms
41ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 23:31:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B8CA 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 19:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 19:02:59 GMT

GET
H3 200 liste_01.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 693 B
720 B 40ms
40ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/liste_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3565b100a05581186cc960900bc7919bf4c14f00a2191a4ac0794546c8586904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:27 GMT
x-content-type-options: nosniff
age: 120243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 693
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:27 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BB93 0
127 B 43ms
42ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 23:31:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 liste_02.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 882 B
909 B 39ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/liste_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc903194a62def3cc2fab8ff67f5f74928753307379b6dad8f52becc3d71ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:38 GMT
x-content-type-options: nosniff
age: 8092
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 882
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Nov 2024 21:16:38 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B8CA 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zTGJfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 23:31:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E7A1 0
0 73ms
73ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=486504163595234&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 liste_03.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 804 B
831 B 40ms
40ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/liste_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b72e7528995c7f3ad1934d7a66094a279f686d66424be237c42d6817f59ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:27 GMT
x-content-type-options: nosniff
age: 120243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:27 GMT

GET
H3 200 liste_04.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 813 B
840 B 40ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/liste_04.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b9df0bca75fa90fdfec9524abd05b13f10a58ec4b7b06d0b9daf038d4af977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:27 GMT
x-content-type-options: nosniff
age: 120243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 813
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:27 GMT

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 1 KB
1 KB 39ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/preis.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9352063d1d772a5cff6803570b5987c1720a23064b103e5b26cdd7b822061ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:27 GMT
x-content-type-options: nosniff
age: 120243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1224
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:27 GMT

GET
H3 200 subline_01.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 893 B
920 B 39ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/subline_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a5a6a44d2039f6b3b7d21a3b6afa0c0e6b7e0ec852ad3f824d2eea0ff148fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:27 GMT
x-content-type-options: nosniff
age: 120243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 893
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:27 GMT

GET
H3 200 va.png
s0.2mdn.net/sadbundle/12564380314924892758/ Frame CAE1 4 KB
4 KB 39ms
39ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12564380314924892758/va.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

556fba9f27ad15095fc90563e4aacc73a05972577c2dcd3222a5d5ec9a9a25f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12564380314924892758/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:07:27 GMT
x-content-type-options: nosniff
age: 120244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4124
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 14:07:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5DC 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskHkkLaV3L6lYkpJXptuAe-_mXwYd8iDn-Pg6AYUIFrbJB9-zOris7m7ws5V65b6i_8ZJKtOUB36FV0_1nqlO_vQ5ZrOtoDfL9Sco26MTs-CLyeaR6dPUJDKv3DKdB6yiVcOJjEWoWEU1M&sai=AMfl-YSChSbwf9cU64Rdzs10U3mk5r9CTVKuZsMvG0JpeGkTxkzfUOV-7kV4eb-cYlusygyQsMsEHlBx4aRPekqZl-l5b8eVc9Xs0BZqKFZTXWIoz_jomT2oi3zWqVNKpHpvj0r5qLaybqp-cnbtZzZY&sig=Cg0ArKJSzGG3y_V9ROi3EAE&cid=CAQSTgDICaaNkeysBDzlM8u8pbFiWFSBSfezp_hSC6lj4p0VmMrWEhz4tGN8RWJQ5MVqDWEGRoN2xlGZ1TUAX-fxo-R7odv-RrfvAAaSyxXOGhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3081044279&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700004689101&rpt=1050&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 23:31:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=486504163595234&bg=!39yl3JPNAAZxrfrxUa07ADQBe5WfOKy17GWAvOb5Cq2WIHZ6wtGgOvlnIL9vOYAmUI32DrXAGgNwgb9DUS5XYFZbWqoYAgAAAEdSAAAABWgBB5kCswk4_NnWGFRy3DcRyPiU13ZsKF-52GkKpjTDABA_lsfF4-8UGHyQSjzWDTG1LN1W2yhKjKU-ctfPZxBbrpFkouY5BUvy9HkMIHhHztcHXNRJJKakbFXI4wAi1lOAcTkdbr4UPsnHeDOPkpsTdxjiunrFXgbcQ_OMcqdfnlXoghgjgHw5pgSs3THQPQG5UJW15udDCtaLdfqEU4FZ2z-h0AzSzXWAT8Nw5eZI5gijVTyvLuGa9Xs-mYJAfxS9rGH038JGeGL09PBB9T1G_pAUlY_fbVVNI5MJE2Wx32csxQXsgOSFxuhd3aG5AOsyuj3P12nY9eI0rWSkBQhShw9dX1OEDgsFmIMf8gpg1_LAimXXJjpO76ZTbwo1Ms2nqJS17ODLii2CKqwqel8sOE1ZllRMPBA_2wSWP8I3KmOSrxPddiSrK4LTP_HOELrvJjI4c3MVotVX4axYtrSOfbFs8YoNNPZt4c2DY74Le_uBNUb0zlAzLoyTCIO6rEIMVVC5Uzs3eDhDCPJUHk2rrgxn6sC74PYwUUCpLz4V6AutpSGiaUETLFDExnyfu-WGZ7sD7ykp8qYwcFIY0UDrSMlArBt64FlLX0xKwzmCaLUPAYWl5xNMgD0AxIri6CvtZVMaa5XiJ9HBkxJLb5AAZJojwZk-5NrYxoWE1Z8zIH37zJc-LTrvdBXUKiQhzdX5ttfH218jXtei9G-HL4rvioF914tr70skABQUu2sLNb5qPtbdggokcTklit8GLW7WVDQktDCDh5A-W57Pu9xWR-v-Plq7MXJ5AGbg4O-051iqgZt371d8vF1GBAY2K8s4kMvX4H8LExBDyY_hJnoZ9Buun_JcXaVxgcsE7XcQg46NSnXE1dATGYMqiRvd4Yhi7TPyZyTu9E_XT6GT51-Vcrk8qK919ws
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pisni.org.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pisni.org.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: pcdcmtp0navlouf5qdtutj6j3m
.pisni.org.ua/	1970-01-21 01:49:24	Name: _ga Value: GA1.1.1146355442.1700004689
.pisni.org.ua/	1970-01-21 01:49:24	Name: __utma Value: 157420603.1146355442.1700004689.1700004689.1700004689.1
.pisni.org.ua/	1969-12-31 23:59:59	Name: __utmc Value: 157420603
.pisni.org.ua/	1970-01-20 20:36:12	Name: __utmz Value: 157420603.1700004689.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.pisni.org.ua/	1970-01-21 01:49:24	Name: __utmv Value: 157420603.\|3=feature=SFG=1
.pisni.org.ua/	1970-01-20 16:13:25	Name: __utmt Value: 1
.pisni.org.ua/	1970-01-20 16:13:26	Name: __utmb Value: 157420603.1.10.1700004689
.pisni.org.ua/	1970-01-21 01:35:00	Name: __gads Value: ID=d301d11a0118f79c:T=1700004689:RT=1700004689:S=ALNI_MZUFJki91BG7sjzmuyTmfcKAv63uQ
.pisni.org.ua/	1970-01-21 01:35:00	Name: __gpi Value: UID=00000cc7ea0553de:T=1700004689:RT=1700004689:S=ALNI_MYvodisIHeH8vvD7xtHaXhqEA3EYw
.doubleclick.net/	1970-01-21 01:35:00	Name: IDE Value: AHWqTUmorHwaZHYk-KDt2lhDB3-2Qq9crRxOIyjI5EOJu79Lj4HLSKXgsQGEFqGf
.pisni.org.ua/	1970-01-21 01:49:24	Name: _ga_NXDVFYNNNK Value: GS1.1.1700004688.1.0.1700004689.0.0.0
.casalemedia.com/	1970-01-21 00:59:00	Name: CMID Value: ZVQDUb.rHHw550CxnOUa9wAA
.casalemedia.com/	1970-01-20 18:23:00	Name: CMPS Value: 5151
.casalemedia.com/	1970-01-20 18:23:00	Name: CMPRO Value: 5151
.adnxs.com/	1970-01-20 18:23:00	Name: uuid2 Value: 340448230677441706
.adnxs.com/	1970-01-20 18:23:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUaKNV=$!@wnfH8K6pQK`!5=E<*L5?%M%3Enqj7%Ym5jFkLngm4Dxi8eq??wGV1OnQv'%nugO%v4VB%nluz)kh9t

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2639448760395127&output=html&h=90&slotname=9579533887&adk=196833566&adf=10100615&pi=t.ma~as.9579533887&w=728&lmt=1700004689&url=https%3A%2F%2Fwww.pisni.org.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700004688792&bpp=126&bdt=189&idt=290&shv=r20231109&mjsv=m202311130101&ptt=5&saldr=sd&abxe=1&correlator=6578430204843&frm=20&pv=2&ga_vid=1146355442.1700004689&ga_sid=1700004689&ga_hid=120521270&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=6&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079628%2C31078297%2C31079654%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=486504163595234&tmod=1987537923&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=299 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
ajax.googleapis.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
imageproxy.eu.criteo.net
kazky.org.ua
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pisni.org.ua
142.250.185.70
172.64.151.101
178.250.1.6
2001:4860:4802:32::36
216.58.212.130
2606:4700::6811:190e
2a00:1450:4001:800::2008
2a00:1450:4001:802::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:26f0:780::210:a46b
37.252.173.215
5.9.154.242
94.16.106.197
086ad890fd0f983a64e291907934666cdcfebb94f40c247d4641bdc666089baf
08ebe0c89f338dac1af20f05f3c706ee8a40ce0a479ab4104878b42e65df7689
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b2bc73199000f0237ed5f7e50b2b91324ba4252a59f97869a82ca6476b7c5a0
24888e7c78595574827cb0b9a9fbf4e0695d111b3e64c221007741b0c97c474c
285f908e9ac330cca2a1f542c2f53ed215e9eeaeabed4c4e8968e4e7e5254537
28a5a6a44d2039f6b3b7d21a3b6afa0c0e6b7e0ec852ad3f824d2eea0ff148fa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33c628c5df8cecf4af33595c6174e1e840df82396ceedb46740a07ce33ed38dc
3565b100a05581186cc960900bc7919bf4c14f00a2191a4ac0794546c8586904
3bc903194a62def3cc2fab8ff67f5f74928753307379b6dad8f52becc3d71ae6
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
42fce4e244e9da5ac7663bffd73d646010eaa90295b2954d882751e28c5fc0b7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4386bc4b95940bd485e357a8ee1e58f4be6b26479c9f6678e476b2d604ad87bf
45b9df0bca75fa90fdfec9524abd05b13f10a58ec4b7b06d0b9daf038d4af977
467f3917eae4e04ecc5b93d003a2cc082233813949a443973d66d3e6351a02bd
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
512915d20918e7f6d4ef8bd6950fa3a1493bd5bba09b51bb27565bdfe7f91a20
521157d284882b7c9a622e5c26e123243551bd2c1251fbd9a18a1d6a1e1340e3
52e2bf4766cac03a5433dff25caf4e8ed4f98a85e74a2d0f337640918b70737c
556fba9f27ad15095fc90563e4aacc73a05972577c2dcd3222a5d5ec9a9a25f3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56534e77d4dd61f6030a4efcf9127f99f95820a29dfb933bfa4f89d5059db43e
568a03420a07bb5c472c59ff60b0906168f8ba81bc762ada847e4b0270f67260
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
66f125300043a72ed4807b8335e022011d8ee087c0678b4e61fa1d0b4b99e668
678697c08ddc460e366d3524bcbccdaac02b646b10f03fc27994fe29e101a681
67cc8747a59f3dc59112642c783acff57ba59517bdfbdd08d86b38f2779e3145
6b4a92aeea14e590472c597589b88d31305ee49c5df99ac789182fd3153db8fa
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7ccd1ecf33c08a757676770863630c000f78276abe1056ff38c534b782782496
7ea4a49e4dda927916d2e46d3a8b43067b9d5e67cf48017775a83f6b6a33283f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865b310dcd64222a590a94afc650dc88d0e90d7aafa75c472687e676e1c59353
87f31a4d9982d94ad2529856980a83c04df453d5b76953d97f18a7054595b914
8ce590988cb6da38d3eecb3d5297b97a6b8edb7997a8998e166db81392351ada
8eadf22746d03e3230309ccc2e339dcac9443ec9ac414d0cb63e9c4a7e06cf0a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
969e33d8088acf4a82a74f7f1ecd2bfc906e34d1e30827fa4f49f46cdc605c39
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
9ecf043012b29c375f7a341ada90cd72b9cc0a08dea550f00a4fd0309c7273bc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8cf8af5f7ce1b60e70dae3f619a1f9e855b7ab5e68feb12aaadbb2a97713d28
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2467767f5c52291c0584a252e37d994dba7c0e7eb2aecfc846cbb2d888f70a0
b7f928b24fde5b0a3e93b9fa5d702b2da2d18047a3689f2f7e7625510f35079b
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bc86e1b35b866377c2ac0238841223a9f6e1dfb3893749dc3026e472bf005843
bde21fa459776734f50218b4865d4d5360d2b2444b3c9d935cfd49a51e051635
c0a95382b63a6b8140b5ce3f673d366f9af8bdfda5b012e6db17a7c9a1eff8b3
c27b3b668a4d0e76ab6d3e9595aca410859c3733ad4108c3329aab1340948015
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c9352063d1d772a5cff6803570b5987c1720a23064b103e5b26cdd7b822061ab
cc44f7ad294e120ed60e8fe9c729f9d7df54d382a5183f5f8f4a61f5af7bcf40
d7bf086f345a4e84fcb980ecc5592ec1dd6f32d9900704005983a58ba54fc50b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e4786a020a1ab943498d29ad637f954470632e8643c99716ad1e60ccee755b
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ea36e2e156d5d861e513457927036cc4cc08f1ae5ee35562213f40db5840487f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec7575c8ff13b6882985e34f3e4c4c93c07e1f6fc6fe27a1211b0e2cc886e2af
ed4cdcaf9f9f61ddd90b8485b32eda18dc239a0c356c5cc0adca782a1d6957c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
f056ff33d15edbbf4bd2262477924b76537b4bc808e4d4665ba0df0cce691448
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7b72e7528995c7f3ad1934d7a66094a279f686d66424be237c42d6817f59ef0
f9e4b14bccd2b3d454abf7a0dcc9501e5fcf8766632a8a4e782ba7f611433f37

www.pisni.org.ua Open in urlscan Pro 5.9.154.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

96 %HTTPS

71 %IPv6

16 Domains

25 Subdomains

25 IPs

5 Countries

1362 kBTransfer

3246 kBSize

17 Cookies

7 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pisni.org.ua Open in urlscan Pro
5.9.154.242 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

96 %
HTTPS

71 %
IPv6

16
Domains

25
Subdomains

25
IPs

5
Countries

1362 kB
Transfer

3246 kB
Size

17
Cookies

123 HTTP transactions
3 data transactions