lb.ua Open in urlscan Pro
2606:4700:10::6816:3f78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lb.ua/
Effective URL:
https://lb.ua/
Submission: On November 20 via api (November 20th 2022, 12:36:32 am UTC) from GB — Scanned from GB

Summary HTTP 176 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 24 domains to perform 176 HTTP transactions. The main IP is 2606:4700:10::6816:3f78, located in United States and belongs to CLOUDFLARENET, US. The main domain is lb.ua. The Cisco Umbrella rank of the primary domain is 482228.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2022. Valid for: a year.

This is the only time lb.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:3e78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:10:... 2606:4700:10::6816:3f78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
39	157.90.133.197 157.90.133.197	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
26	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
9	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
176	31

1 2606:4700:10::6816:3e78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6816:3f78 (United States)

ASN13335 (CLOUDFLARENET, US)

lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 157.90.133.197 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.133.90.157.clients.your-server.de

i.lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	lb.ua 1 redirects lb.ua — Cisco Umbrella Rank: 482228 i.lb.ua — Cisco Umbrella Rank: 769181	1 MB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	455 KB
28	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	328 KB
19	criteo.net static.criteo.net — Cisco Umbrella Rank: 623 pix.eu.criteo.net — Cisco Umbrella Rank: 7562 csm.eu.criteo.net — Cisco Umbrella Rank: 7724	436 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	125 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	236 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 662	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	4 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11662 ads.eu.criteo.com — Cisco Umbrella Rank: 7609 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9258	53 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8709 www.google.de — Cisco Umbrella Rank: 5922	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1487	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 307	922 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473	484 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 615	927 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	112 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 285	17 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	98 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 929	356 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	692 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
176	24

	Domain	Requested by
39	i.lb.ua	lb.ua
26	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	lb.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	lb.ua	1 redirects lb.ua
9	cm.g.doubleclick.net	lb.ua googleads.g.doubleclick.net
9	pix.eu.criteo.net	ads.eu.criteo.com
9	static.criteo.net	ads.eu.criteo.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	lb.ua securepubads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	www.facebook.com	lb.ua
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	lb.ua connect.facebook.net
2	ssl.google-analytics.com	1 redirects lb.ua
1	id.rlcdn.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.de	lb.ua
1	stats.g.doubleclick.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
176	36

This site contains links to these domains. Also see Links.

Domain
en.lb.ua
www.youtube.com
www.facebook.com
twitter.com
t.me
projects.lb.ua
youtube.com
depositphotos.com
irf.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.lb.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-07` - `2023-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-29` - `2022-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://lb.ua/
Frame ID: EF937E299078C9A9D84BAFB2D278D2C0
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 3538C3E2443FD8CDD7765FAD4A409A75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1668904573&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A16777344%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585766&bpp=11&bdt=363&idt=192&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7107775788609&frm=20&pv=2&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213
Frame ID: C04A36C40CCC82DBF616B5BC94E4893A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=1418185256&adf=1779360098&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=1200x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585777&bpp=2&bdt=375&idt=209&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wHJvjg8uB1&p=https%3A//lb.ua&dtd=211
Frame ID: 8CC8C32572475065582C1BBAAA446111
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1668904573&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585792&bpp=2&bdt=389&idt=216&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ttsfWapSM&p=https%3A//lb.ua&dtd=220
Frame ID: F8BD05144E21CED977232F6295115B54
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&slotname=9952089888&adk=2082505381&adf=3812907723&pi=t.ma~as.9952089888&w=336&lmt=1668904573&format=336x280&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585814&bpp=7&bdt=411&idt=209&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C320x150&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YxOSqJlVDA&p=https%3A//lb.ua&dtd=212
Frame ID: D2146C22FD1925B00D6343A2F08B1B21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1668904573&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585822&bpp=1&bdt=419&idt=210&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=p2Fu0wgwOs&p=https%3A//lb.ua&dtd=213
Frame ID: 045DAAD164EDC4EEE446BB225102494D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=416&adk=708048766&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1668870264822&w=429&lmt=1668904573&nsk=50c4104d&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x416&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=935&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600&nras=3&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NgcnnGmYxn&p=https%3A//lb.ua&dtd=27
Frame ID: F1CA9C23B0B7F6899FE1AB2483616A22
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=1761623006&pi=t.aa~a.4141678559~rp.3&daaos=1668870264822&w=429&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=934&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600%2C429x416&nras=4&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1902&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=PH1L52w9EP&p=https%3A//lb.ua&dtd=30
Frame ID: AB1C45A9E84FF648E6A432802537C38C
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3l2igACI4gIu-FYAAbEN8Q9TTDGY1rC_E3Ejg&u=%7C1qoCUqSZbATmiLhtR3iHQ2sFHU7xEFHpG6qxEdEimeY%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkI1qzmMYrY2UYMl8X0aOHarqQoM6QM_MbtOEWUaNvS4hx9bMdk1yWIj-JJ3yYMG64dpQ3sE-VDVP6P17SHrfoxeRCx1785Al5siBR6ycgWMjaZ3u3iJmoNnw0ZEEhQN37PePDNIRivBrp3dUfFvh60b3NuafrutWvfRYeCFhZWwdd5vS2rEdayoU98FlyWaeNl5rSmeSUnZujZS7U_8W4xN-x7BFdNVlFl5ogcgcKnxTn7HXR6ep6BY0I4Eo-iiZJQvTOai18uxzo79mYjlluYNszudtbXE_NQYvR_fxVQu2-iPk8IRvFHUT23dUYUsk_YbGP63CZuVdNnHHr75THPhKRYVOpt1e8foNEXlJ6pzkAUunqRFx0n5CSqFTUW7YPXqGqQSWaILConSetqys7xtH5Qbk2EWP9ya56oVm1wkDgCW6_t2kKzDt9v4Tz5lZVFwCQVKjfawiQvhnB-WKR6qMzX43SCs4_3jhvkWeyeaGZp9hjKZhRpovcl-nylLmqYx0hX1QbzcPkHAhKkFcryqPfN6JQ4Brfr8wVu8CRAE89OLTuvpGL3c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQDveinZ5Y4jHCNjC7_UPt4ibmATJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODDIAQmpAnNp6beoUrE-qAMBqgTYAU_QR6koWhisrpNeR2NCxosEECBCIc7JKU3GQXKUWS_UzHW2LymtMiDdCqJ34Wi36RleopZUxTAcIAvnf8dTNSh7Sq7r-XvqFlb4bCe2cGrmH5IofFPgnv-QKkUu_HuTIDX5k7HQLkDtJAt2lJQnOqGKHUuPKqZFJCkPtgrhxIDE7V1hgFPfek2Wj491eDhOd8yIeyFjl9Q5OTJSECTgzwhB5lxX_qrkXOddnEzgcBL7bkdiu2wP3B1VV21YdsaDoXOmOAjM-jSCc27mIw8sjJUJdN4lp-SAbIAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AW-6GvHANEMyQiyC-5wcu5I069g%26client%3Dca-pub-6096932064585080%26adurl%3D
Frame ID: DD0588FAF50B50D3C0E92598E8A15FE4
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C05BFBBB478C3752C8CD9FA0A016FD4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 95A699279B8D75D1BC227A79AA4619FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A35220A9B844C7BCE983E0A7DD84521
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DC5DADE752AEB1F0F1C57B937A68EC3B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 576DC70CFBC414AE9A87CA717D79076D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 1D5C70E1AEBC09AB823DC1A92A717972
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 6A86A10426F4E803F275F725B80D4210
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 60647C2C7A9515CC515D1905DCD60A23
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FDC5222BE1C923C5CCE2D3C788916EA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97F860714F44A037FA828ABFE3C08EE3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України від LB.ua: оперативна аналітика української політики, економіки, новини культури та спорту

Page URL History Show full URLs

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

176
Requests

95 %
HTTPS

72 %
IPv6

24
Domains

36
Subdomains

31
IPs

5
Countries

3216 kB
Transfer

5734 kB
Size

28
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://en.lb.ua/
Title: ENG

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_wMhlGmskE2Ue-400XjofQ
Title: LB Live

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%D0%9B%D1%96%D0%B2%D0%B8%D0%B9-%D0%91%D0%B5%D1%80%D0%B5%D0%B3-LBUA-111382865585059

Search URL Search Domain Scan URL

URL: https://twitter.com/lb_ua

Search URL Search Domain Scan URL

URL: https://t.me/lbua_official

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/LBTV_channel

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?app=desktop&v=gF_MUgXodSQ&feature=youtu.be

Search URL Search Domain Scan URL

URL: https://projects.lb.ua/heroes-economic-tanoya?utm_source=lbua&utm_medium=banner&utm_campaign=epic26

Search URL Search Domain Scan URL

URL: https://t.me/+veE48tT66I41Mjc6

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=RVy17vtKm74&t=3s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0E5gRf2TDtU&t=4s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=54oHRgSrpWA

Search URL Search Domain Scan URL

URL: https://youtube.com/watch?v=eL6knePAdJw

Search URL Search Domain Scan URL

URL: http://depositphotos.com/?utm_source=LB&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: http://irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=201297893&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D0%B2%D1%96%D0%B4%20LB.ua%3A%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%97%20%D0%BF%D0%BE%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%B5%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%96%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D1%83&utmhid=1345032121&utmr=-&utmp=%2Flb%2F&utmht=1668904586048&utmac=UA-10143123-13&utmcc=__utma%3D5405166.1661487710.1668904586.1668904586.1668904586.1%3B%2B__utmz%3D5405166.1668904586.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=424039056&utmredir=1&utmu=qBCAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893&slf_rd=1&random=51211547

Request Chain 144

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGFjOA3-cd5BZfh79e3cW4s&google_cver=1&google_push=ASkJ3FbvvrA_kI8qRT5OfyVgwpXbfLk1BDqXI0kUHX8yBow4mJqA0RXpzJ_WJ1VNL99I1S7cnlQ-tj6uFGNOVKv2OUxC9W9vxjdA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGFjOA3-cd5BZfh79e3cW4s&google_cver=1&google_push=ASkJ3FbvvrA_kI8qRT5OfyVgwpXbfLk1BDqXI0kUHX8yBow4mJqA0RXpzJ_WJ1VNL99I1S7cnlQ-tj6uFGNOVKv2OUxC9W9vxjdA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nE_f6q0CQeWBCTDcbenngg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvvrA_kI8qRT5OfyVgwpXbfLk1BDqXI0kUHX8yBow4mJqA0RXpzJ_WJ1VNL99I1S7cnlQ-tj6uFGNOVKv2OUxC9W9vxjdA

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAlkFEWGB5bB_vV7Jyc1x28&google_cver=1&google_push=ASkJ3FaEGoJO8FQj8AD_JIJz3N9eTWyD1bSMfvseTynRMjwzUF2425x_M6nPVe9cDR2iyuaUxlxoNs4lAHQKmhuH2ZiLx-Pkxmp- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NUEtMUQtN1FZSg==&google_push=ASkJ3FaEGoJO8FQj8AD_JIJz3N9eTWyD1bSMfvseTynRMjwzUF2425x_M6nPVe9cDR2iyuaUxlxoNs4lAHQKmhuH2ZiLx-Pkxmp-

Request Chain 146

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_cver=1&google_push=ASkJ3FYPs3XXxuGYlIxizAxGkNng-WPwqguVUXgYDX5lJ2DMAgyjOVJlsZ8E_YwLZ3me8Leb5tE-m4zWIjmg6xLcS1lfOfz8AO6Y HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_push=ASkJ3FYPs3XXxuGYlIxizAxGkNng-WPwqguVUXgYDX5lJ2DMAgyjOVJlsZ8E_YwLZ3me8Leb5tE-m4zWIjmg6xLcS1lfOfz8AO6Y&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3FYPs3XXxuGYlIxizAxGkNng-WPwqguVUXgYDX5lJ2DMAgyjOVJlsZ8E_YwLZ3me8Leb5tE-m4zWIjmg6xLcS1lfOfz8AO6Y

Request Chain 161

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbPowcfqrvc4clHehZuKTWIP5B8UQNATU2oMf_ygIU82vFNE_ZpoUbDdagdsw6xzz7BO0l4471dPSysaKhfry5bZeOwJatp&google_gid=CAESEMl7XMcrjOUQjmFsimlnl5I&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbPowcfqrvc4clHehZuKTWIP5B8UQNATU2oMf_ygIU82vFNE_ZpoUbDdagdsw6xzz7BO0l4471dPSysaKhfry5bZeOwJatp&google_gid=CAESEMl7XMcrjOUQjmFsimlnl5I&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMDM2MjcwMDA0MTgzMDQ2NDI3MQ%3D%3D&google_push=ASkJ3FbPowcfqrvc4clHehZuKTWIP5B8UQNATU2oMf_ygIU82vFNE_ZpoUbDdagdsw6xzz7BO0l4471dPSysaKhfry5bZeOwJatp

Request Chain 163

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOo-XwTKRH8uLxdPUp4TGYk&google_cver=1&google_push=ASkJ3FaW4Ijb24uGMi1POpT4KVQ22dDkEHn6KQX5jdfMecolzq7LhtY6EyhHwDSJttvVyLR6NXYzrahIIXKE1uSfHxarUXC3Zt1w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOo-XwTKRH8uLxdPUp4TGYk&google_cver=1&google_push=ASkJ3FaW4Ijb24uGMi1POpT4KVQ22dDkEHn6KQX5jdfMecolzq7LhtY6EyhHwDSJttvVyLR6NXYzrahIIXKE1uSfHxarUXC3Zt1w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IBw_vvHHQmGhdIYxiXJR4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaW4Ijb24uGMi1POpT4KVQ22dDkEHn6KQX5jdfMecolzq7LhtY6EyhHwDSJttvVyLR6NXYzrahIIXKE1uSfHxarUXC3Zt1w

Request Chain 164

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELabXpGaIiU5b2J-seGvz4Q&google_cver=1&google_push=ASkJ3FY6tehhYMZbnd_0nKCn8bBs2-g7UL7mv5H6HmqbPeu4DMv6VYyufAecWL-LmtvVv7PY4cReVgJnoEg4ddo_bazmfBhx5LBR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NlUtMTYtSEZGWQ==&google_push=ASkJ3FY6tehhYMZbnd_0nKCn8bBs2-g7UL7mv5H6HmqbPeu4DMv6VYyufAecWL-LmtvVv7PY4cReVgJnoEg4ddo_bazmfBhx5LBR

Request Chain 165

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_cver=1&google_push=ASkJ3Fa7Q8uQcuWIJSiuBeI-p5gjNWlC5MNx9h02MCSKuVCCa14G88uuLFnry54HElCFXMce3iIhdYSLc5bVFqtQGFhvm0w7nPT_ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_push=ASkJ3Fa7Q8uQcuWIJSiuBeI-p5gjNWlC5MNx9h02MCSKuVCCa14G88uuLFnry54HElCFXMce3iIhdYSLc5bVFqtQGFhvm0w7nPT_&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3Fa7Q8uQcuWIJSiuBeI-p5gjNWlC5MNx9h02MCSKuVCCa14G88uuLFnry54HElCFXMce3iIhdYSLc5bVFqtQGFhvm0w7nPT_

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

176 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lb.ua/
Redirect Chain

http://lb.ua/
https://lb.ua/

76 KB
19 KB

155ms
53ms

Document
text/html

2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0
Resource Hash: eb6b37e3df9edac28b44a7851c5f67488c4e8e96de183de0219fae0e8b783f8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 12
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 76cd1c7a8cd471f0-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sun, 20 Nov 2022 00:36:13 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: ARR/3.0

Redirect headers

CF-Cache-Status: EXPIRED
CF-RAY: 76cd1c791fc171d5-LHR
Cache-Control: max-age=120
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Nov 2022 00:36:25 GMT
Location: https://lb.ua/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 ptsans.woff2
lb.ua/media/1547/news/fonts/ 104 KB
104 KB 220ms
218ms Font
application/font-woff2 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/fonts/ptsans.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
etag: "70232cbbdacd81:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7b2d8171f0-LHR
content-length: 106704

GET
H2 200 ptsansb.woff2
lb.ua/media/1547/news/fonts/ 106 KB
107 KB 221ms
219ms Font
application/font-woff2 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/fonts/ptsansb.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
etag: "70232cbbdacd81:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7b2d8571f0-LHR
content-length: 109012

GET
H2 200 icons.woff2
lb.ua/media/1547/news/fonts/ 65 KB
65 KB 199ms
198ms Font
application/font-woff2 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/fonts/icons.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
etag: "70232cbbdacd81:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7b2d8671f0-LHR
content-length: 66624

GET
H2 200 style.css
lb.ua/media/1547/news/css/ 58 KB
11 KB 252ms
251ms Stylesheet
text/css 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/css/style.css
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769e443d1e12dd6d02fe7941d145a017eeedb4856373897afc1165d37fe1ae40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 09 Nov 2022 14:27:57 GMT
server: cloudflare
etag: "80d42d7647f4d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7b2d8371f0-LHR
content-length: 11058

GET
H2 200 jquery-3.1.1.min.js Show response
lb.ua/media/1547/news/js/ 85 KB
30 KB 218ms
217ms Script
application/javascript 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/js/jquery-3.1.1.min.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
etag: "02bf4abdacd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7b2d8771f0-LHR
content-length: 30164

GET
H2 200 common.js Show response
lb.ua/media/1547/news/js/ 72 KB
25 KB 253ms
252ms Script
application/javascript 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/js/common.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
etag: "1731bbbdacd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7b2d8871f0-LHR
content-length: 25171

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 213ms
88ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d603422b1f57a841c5b6d64f2d610085de7035e308aea8f0125a7631b169ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49577
x-xss-protection: 0
server: cafe
etag: 3014452014252148762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 00:36:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 182ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1397 / 702 of 1000 / last-modified: 1668812924"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 20 Nov 2022 00:36:25 GMT

GET
H2 200 logo.white.png
lb.ua/media/1547/news/img/logo/ 21 KB
21 KB 52ms
52ms Image
image/png 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1547/news/img/logo/logo.white.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1547/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1547/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:13 GMT
server: cloudflare
age: 11
etag: "db1d8abdacd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7cffab71f0-LHR
content-length: 21495

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6096932064585080&plah=lb.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 11808999958306423375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 00:36:25 GMT

GET
H2 200 sprite.png
lb.ua/media/1547/news/img/ 13 KB
13 KB 50ms
50ms Image
image/png 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1547/news/img/sprite.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1547/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1547/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
age: 11
etag: "5608bbdacd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7d2fdb71f0-LHR
content-length: 13544

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 3538 10 KB
5 KB 179ms
56ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 45827
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 11:52:38 GMT
etag: 10353107486223812946
expires: Sat, 03 Dec 2022 11:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 63787f5704b36.jpeg
i.lb.ua/089/24/ 41 KB
41 KB 382ms
243ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/089/24/63787f5704b36.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 08a0f5712347241c7101192424f48c3f7dd3be0bbc9d897a516f330e5237b0a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sat, 19 Nov 2022 07:01:43 GMT
server: Microsoft-IIS/10.0
etag: "1854d8c7e4fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 41999

GET
H2 200 62211d74032b5_200_130.jpeg
i.lb.ua/074/39/ 5 KB
5 KB 435ms
296ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/074/39/62211d74032b5_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Thu, 03 Mar 2022 19:56:36 GMT
server: Microsoft-IIS/10.0
etag: "5da632ca382fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5527

GET
H2 200 6378bd4cdba37_200_130.jpeg
i.lb.ua/075/47/ 9 KB
9 KB 436ms
297ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/075/47/6378bd4cdba37_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 431fdae328a9806b04513093bc504208128f92d059b05da41be9daa25b436db0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sat, 19 Nov 2022 11:26:05 GMT
server: Microsoft-IIS/10.0
etag: "e67065b69fcd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 8744

GET
H2 200 6378b0383c0cd_200_130.jpeg
i.lb.ua/029/02/ 12 KB
12 KB 386ms
248ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/029/02/6378b0383c0cd_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 5973a55582726d2deae77327d9014ffa30a969b13f3363e9cbb6418c9020d1b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sat, 19 Nov 2022 10:30:16 GMT
server: Microsoft-IIS/10.0
etag: "bfcb78ea1fcd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 11978

GET
H2 200 6378eb3e9d32f_200_130.jpeg
i.lb.ua/026/28/ 9 KB
9 KB 416ms
278ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/026/28/6378eb3e9d32f_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: cb8c2ebed4513ded7b3b8dad520061647d984a19080dccd3b35b0ff5011221ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sat, 19 Nov 2022 14:42:06 GMT
server: Microsoft-IIS/10.0
etag: "7d6ae81825fcd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 8848

GET
H2 200 6378e9f70d254_200_130.jpeg
i.lb.ua/080/28/ 10 KB
10 KB 433ms
295ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/080/28/6378e9f70d254_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4000f9769b5ffb5ab29c277c6fdd1e7861b978dcd748765d64fb7c6f6f3707ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sat, 19 Nov 2022 14:36:39 GMT
server: Microsoft-IIS/10.0
etag: "b23aac5524fcd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10295

GET
H2 200 6378e1b37b297.jpeg
i.lb.ua/123/10/ 76 KB
77 KB 167ms
60ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/123/10/6378e1b37b297.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: a3284398d1316e4e1cbcbf03d459df53306c748ee936d0aec94e76b660cb6da3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sat, 19 Nov 2022 14:01:23 GMT
server: Microsoft-IIS/10.0
etag: "97f09d681ffcd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 78301

GET
H2 200 637794f6bf652.jpeg
i.lb.ua/032/26/ 27 KB
27 KB 283ms
176ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/032/26/637794f6bf652.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: cd8d97873dd83f12c15807335ceaf6123fcfd7d82492d56cc260903fad53f588

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 14:21:42 GMT
server: Microsoft-IIS/10.0
etag: "3cc3e51459fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 27901

GET
H2 200 6376d2f8a67a0.jpeg
i.lb.ua/027/43/ 18 KB
18 KB 344ms
237ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/027/43/6376d2f8a67a0.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6fe017a31f623a16374d3b8e1ae3b002e178f3d80ea3e7c9cf580ff6de91239a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 00:34:00 GMT
server: Microsoft-IIS/10.0
etag: "421cff73e5fad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 18590

GET
H2 200 6376d34f353fd.jpeg
i.lb.ua/114/24/ 29 KB
29 KB 346ms
239ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/114/24/6376d34f353fd.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 713c6f8344a7978008140ca17717f1f54d9cef0c7685cfb1052ce06bf6b46ca4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 00:35:27 GMT
server: Microsoft-IIS/10.0
etag: "d62490a7e5fad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 29695

GET
H2 200 6376d25e16695.png
i.lb.ua/000/24/ 182 KB
182 KB 272ms
268ms Image
image/png 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/000/24/6376d25e16695.png
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 83a5e842b5cd049ba686f63778b0110e1f538635526eaea9a7574e181425a4dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 00:31:26 GMT
server: Microsoft-IIS/10.0
etag: "2c3bed17e5fad81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 186162

GET
H2 200 6376d21586167.png
i.lb.ua/054/57/ 119 KB
119 KB 273ms
269ms Image
image/png 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/054/57/6376d21586167.png
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f4c0196b8ebe03195774b7974e11424773a4b29ede4edc96105c1e2fb568282

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 00:30:13 GMT
server: Microsoft-IIS/10.0
etag: "c494abece4fad81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 121501

GET
H2 200 637540cb09a8e.jpeg
i.lb.ua/067/52/ 32 KB
32 KB 330ms
326ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/067/52/637540cb09a8e.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: b4e47be54d89a115bc99610487dcd03b2a26ffa9bce8ed87adb2863051610272

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Wed, 16 Nov 2022 19:58:03 GMT
server: Microsoft-IIS/10.0
etag: "221376bcf5f9d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 32535

GET
H2 200 63753f8a121e4.jpeg
i.lb.ua/000/33/ 11 KB
11 KB 330ms
327ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/000/33/63753f8a121e4.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 8632494a203fc40e760f9d9955f7f08011b606d251ffb6bac7a3036ac6712b1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Wed, 16 Nov 2022 19:52:42 GMT
server: Microsoft-IIS/10.0
etag: "8a3325fdf4f9d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 11595

GET
H2 200 637540d848815.jpeg
i.lb.ua/080/25/ 20 KB
20 KB 331ms
327ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/080/25/637540d848815.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 7f4984eb25c997955224586d3ff38cd218381eaf327e4de02f899505a351fb76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Wed, 16 Nov 2022 19:58:16 GMT
server: Microsoft-IIS/10.0
etag: "4c7c58c4f5f9d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 20243

GET
H2 200 63749a0194d0d.jpeg
i.lb.ua/041/59/ 29 KB
30 KB 332ms
328ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/041/59/63749a0194d0d.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 44d1a63e33561c609b4b66cf52c9839f44c42136605af7f5e5f4e14ef2a708af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Wed, 16 Nov 2022 08:06:25 GMT
server: Microsoft-IIS/10.0
etag: "d780cd5292f9d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 30148

GET
H2 200 6374d04c0743a.jpeg
i.lb.ua/097/17/ 12 KB
12 KB 332ms
329ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/097/17/6374d04c0743a.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 8591f84efed4c1f82c337536c27a1c2987c51a6601b065bbe6919a30a83aecae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Wed, 16 Nov 2022 11:58:04 GMT
server: Microsoft-IIS/10.0
etag: "1734e6aeb2f9d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 11992

GET
H2 200 63653c8c2d69d.jpeg
i.lb.ua/059/52/ 4 KB
4 KB 342ms
235ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/059/52/63653c8c2d69d.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 343446c56656d260051ff79b79f09f84a5b5301a4ca3039c18e91ab3f417eb25

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 04 Nov 2022 16:23:40 GMT
server: Microsoft-IIS/10.0
etag: "3c3ca2cc69f0d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 3810

GET
H2 200 60ec38aa43e83.jpeg
i.lb.ua/089/45/ 5 KB
5 KB 284ms
177ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/089/45/60ec38aa43e83.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 345696ba51b52a284240a013bf578cb92e36189fe47c6b1414ab5992cd2cbbfd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Mon, 12 Jul 2021 12:42:18 GMT
server: Microsoft-IIS/10.0
etag: "b4f4c4591b77d71:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4652

GET
H2 200 60f6d0af76d38.jpeg
i.lb.ua/057/62/ 5 KB
5 KB 333ms
329ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/057/62/60f6d0af76d38.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: ce1612e21a43ba44bd74f8c2d139e802bc61c32c547d1186ce2e49cbf224d358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Tue, 20 Jul 2021 13:33:35 GMT
server: Microsoft-IIS/10.0
etag: "a1f34bd76b7dd71:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4810

GET
H2 200 6070852c392f8.jpeg
i.lb.ua/002/07/ 4 KB
4 KB 333ms
330ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/002/07/6070852c392f8.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 47c83c11a3ae8458dbaded92c36539d2e3c1ec441c835cf888524e8315edbb48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 09 Apr 2021 16:47:40 GMT
server: Microsoft-IIS/10.0
etag: "4e20e4d602dd71:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4090

GET
H2 200 6310969795191.png
i.lb.ua/037/22/ 10 KB
10 KB 334ms
330ms Image
image/png 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/037/22/6310969795191.png
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 7b48a3e889f46f7cd65b2bb55abdbfef6d084303b5b0c30c3269aecdba1c8c28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Thu, 01 Sep 2022 11:25:11 GMT
server: Microsoft-IIS/10.0
etag: "5de8e07ff5bdd81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10297

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 178ms
56ms Script
text/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 22:50:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6331
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sun, 20 Nov 2022 00:50:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 175ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 20 Nov 2022 00:36:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WBA2quPSRVsSkumjgGaNrocjXj/1g71W0RGCch0e8J7GFATCIElfIXQde/UK8x1dtmGSjy1/F8YR1kWzek3dKg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scrolltop.png
lb.ua/media/1547/news/img/icos/ 333 B
409 B 51ms
51ms Image
image/png 2606:4700:10::6816:3f78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1547/news/img/icos/scrolltop.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1547/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1547/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:13 GMT
server: cloudflare
age: 11
etag: "7488f0abdacd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76cd1c7d984171f0-LHR
content-length: 333

GET
H2 200 6375de39eedda_200_130.jpeg
i.lb.ua/110/38/ 5 KB
5 KB 376ms
297ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/110/38/6375de39eedda_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 76e1f77e705ed3aad03d426d26676910620ec516ea8ddd928be6c5de26ed6d58

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Thu, 17 Nov 2022 07:09:46 GMT
server: Microsoft-IIS/10.0
etag: "9f9afb9253fad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4725

GET
H2 200 63733438bdbe6_200_130.jpeg
i.lb.ua/015/18/ 9 KB
9 KB 334ms
331ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/015/18/63733438bdbe6_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 91832a2dfa6bc2c14ccd174dd598aa820b181839452b5d052a41add5d2144837

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Tue, 15 Nov 2022 06:39:53 GMT
server: Microsoft-IIS/10.0
etag: "8fdf5511bdf8d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9154

GET
H2 200 6375bf44dd048_200_130.jpeg
i.lb.ua/059/40/ 10 KB
10 KB 335ms
332ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/059/40/6375bf44dd048_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 667c9f2b41cb46ee29731a770900e2c38832b11df5ae977051fa79999129dab5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Thu, 17 Nov 2022 04:57:41 GMT
server: Microsoft-IIS/10.0
etag: "2e1e501f41fad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10170

GET
H2 200 6376006e67da0_200_130.jpeg
i.lb.ua/104/36/ 7 KB
7 KB 336ms
332ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/104/36/6376006e67da0_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: a409051ecd62a64cf828b2a0a9c132ff2f426edc972b815e22f6649d85cd066e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Thu, 17 Nov 2022 09:35:42 GMT
server: Microsoft-IIS/10.0
etag: "dc3e3df667fad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7438

GET
H2 200 6375fa7ba4552_200_130.jpeg
i.lb.ua/105/06/ 11 KB
11 KB 336ms
333ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/105/06/6375fa7ba4552_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 049ae3e8897d6a15b81025034056fbf440853dd781cc4845ad943ea1fbb20eb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Thu, 17 Nov 2022 09:10:20 GMT
server: Microsoft-IIS/10.0
etag: "80a0a86a64fad81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 11046

GET
H2 200 6373dd7b686b0_200_130.jpeg
i.lb.ua/039/00/ 10 KB
10 KB 337ms
334ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/039/00/6373dd7b686b0_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f9b28965adf6949c3462bbb324cf355713d9801d69c6d32fa5a3ac56e1291491

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Tue, 15 Nov 2022 18:42:03 GMT
server: Microsoft-IIS/10.0
etag: "94b86df421f9d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10255

GET
H2 200 6377ff9f92b84_200_130.jpeg
i.lb.ua/032/17/ 9 KB
9 KB 337ms
334ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/032/17/6377ff9f92b84_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: b3bfef11746c08f9795a9c1039b231dceed81c5a7971f9ade021f4f0339d17fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 21:56:47 GMT
server: Microsoft-IIS/10.0
etag: "5dd0f5a798fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9420

GET
H2 200 62c81a7db55d8.png
i.lb.ua/110/48/ 34 KB
34 KB 338ms
335ms Image
image/png 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/110/48/62c81a7db55d8.png
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 114fe37e276e8d562fd647b75c94b7f1ab5e28cbf7a4be12508cc0ee2ad8e1c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 08 Jul 2022 11:52:29 GMT
server: Microsoft-IIS/10.0
etag: "ae8e9933c192d81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 34574

GET
H2 200 6377e49569f40_200_130.jpeg
i.lb.ua/095/17/ 7 KB
7 KB 338ms
335ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/095/17/6377e49569f40_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: ba36e0984d4ea7ed54d9430684445fbe28a7d83bf5bb4a3f2508046ea31a3f48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 20:01:25 GMT
server: Microsoft-IIS/10.0
etag: "c69f88a88fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7192

GET
H2 200 6371f499d5d69.jpeg
i.lb.ua/107/27/ 17 KB
17 KB 339ms
336ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/107/27/6371f499d5d69.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 2f92d1332322e2edca7291c0dae6ee758636e6b14ecac6dc14bb1c9842ef9fcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Mon, 14 Nov 2022 07:56:09 GMT
server: Microsoft-IIS/10.0
etag: "2baff98efef7d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16902

GET
H2 200 636e70e328c8c.jpeg
i.lb.ua/032/03/ 88 KB
88 KB 339ms
336ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/032/03/636e70e328c8c.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6874e7ca7ea1e50957efa9332fab3acc1173ff310e8fd0e03de39f63bfe41067

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 11 Nov 2022 15:57:23 GMT
server: Microsoft-IIS/10.0
etag: "f7c79049e6f5d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 90135

GET
H2 200 63774216bee92.jpeg
i.lb.ua/025/44/ 16 KB
17 KB 339ms
336ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/025/44/63774216bee92.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: c851e696f8a140968b5907d04e5672c9265ddc0793ab6327f8c7fa65c576fea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Fri, 18 Nov 2022 08:28:06 GMT
server: Microsoft-IIS/10.0
etag: "11d34af27fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16867

GET
H2 200 636785243f96d.jpeg
i.lb.ua/109/46/ 53 KB
53 KB 367ms
364ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/109/46/636785243f96d.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6d822a1e33340d071e7af54d5e40d1a2f7f6265095877941d8778efd89756d85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
last-modified: Sun, 06 Nov 2022 09:57:56 GMT
server: Microsoft-IIS/10.0
etag: "fb26a43ec6f1d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 54274

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
692 B 187ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lb.ua&callback=_gfp_s_&client=ca-pub-6096932064585080&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6096932064585080&plah=lb.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

763c9f2ef90aadc666b5b232e1effb0b3bb0196e648d9f0201ed3964fe8ece2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 185ms
67ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
63ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 93ms
91ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flb.ua%2F&tn=DIV&id=popup-donate&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C04A 77 KB
7 KB 227ms
113ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1668904573&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A16777344%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585766&bpp=11&bdt=363&idt=192&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7107775788609&frm=20&pv=2&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61b7f9e9272dd0b5571db39ba73983acc3e62a6a91dbbbe8624b334349b3d50a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 7305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:26 GMT
expires: Sun, 20 Nov 2022 00:36:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CC8 104 KB
34 KB 1095ms
990ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=1418185256&adf=1779360098&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=1200x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585777&bpp=2&bdt=375&idt=209&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wHJvjg8uB1&p=https%3A//lb.ua&dtd=211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53e1904dd0429fc810ab68450369e670d5f2879db79fd82535d4aa18e82e747e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35176
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:27 GMT
expires: Sun, 20 Nov 2022 00:36:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8BD 23 KB
10 KB 356ms
275ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1668904573&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585792&bpp=2&bdt=389&idt=216&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ttsfWapSM&p=https%3A//lb.ua&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58ab5d88e2bb952a13e91e0429a4f5c2dddb3272db5a70ddba25e97f9eb7bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9923
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:26 GMT
expires: Sun, 20 Nov 2022 00:36:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 170ms
61ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 09:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Nov 2023 09:58:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 55 B
74 B 182ms
67ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50
x-xss-protection: 0
expires: Sun, 20 Nov 2022 00:36:26 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D214 430 B
230 B 448ms
380ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&slotname=9952089888&adk=2082505381&adf=3812907723&pi=t.ma~as.9952089888&w=336&lmt=1668904573&format=336x280&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585814&bpp=7&bdt=411&idt=209&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C320x150&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YxOSqJlVDA&p=https%3A//lb.ua&dtd=212

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9218dccea3208838846ae6e41e5e802e54d2d01c2ad8ec56eaf2b02d9973a422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:26 GMT
expires: Sun, 20 Nov 2022 00:36:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 045D 99 KB
35 KB 577ms
519ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1668904573&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585822&bpp=1&bdt=419&idt=210&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=p2Fu0wgwOs&p=https%3A//lb.ua&dtd=213

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0167bdd1264c47f7a2d533e10a38378d25140aaf68e7c7d3da8bc0e28b9cd9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35737
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:26 GMT
expires: Sun, 20 Nov 2022 00:36:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=201297893&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893&slf_rd=1&random=51211547

42 B
501 B

181ms
65ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893&slf_rd=1&random=51211547

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=1661487710.1668904586&jid=424039056&_v=5.7.2&z=201297893&slf_rd=1&random=51211547
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 440471506375777 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 119ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/440471506375777?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95307c02b29989bc222247fc8ec742b548e93a39bec409e1577b5aaba4f8d00d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 20 Nov 2022 00:36:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86095
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kRGuJOSwDWOXSAkRy0bJIpUuLvAkc1xkCXGluT9cOnW4UN1hGi7Vu9KiI8rzH/g2IZ+Js3ERhdf1Q5weVYhKNQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 183ms
67ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 186ms
70ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1CA 119 KB
44 KB 620ms
619ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=416&adk=708048766&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1668870264822&w=429&lmt=1668904573&nsk=50c4104d&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x416&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=935&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600&nras=3&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NgcnnGmYxn&p=https%3A//lb.ua&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b22e582525ba97f151761f0907fc8c7d72f3b86f42f9a3f56b4f753f68c549c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45488
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:26 GMT
expires: Sun, 20 Nov 2022 00:36:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB1C 96 KB
34 KB 581ms
580ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=1761623006&pi=t.aa~a.4141678559~rp.3&daaos=1668870264822&w=429&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=934&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600%2C429x416&nras=4&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1902&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=PH1L52w9EP&p=https%3A//lb.ua&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331b751951a88a634d0a006071758a43a0cd986e7238788ac251fdb8626550af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35126
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:26 GMT
expires: Sun, 20 Nov 2022 00:36:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 171ms
55ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440471506375777&ev=PageView&dl=https%3A%2F%2Flb.ua%2F&rl=&if=false&ts=1668904586396&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668904586395.2127448525&it=1668904586058&coo=false&rqm=GET

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 20 Nov 2022 00:36:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F8BD 3 KB
1 KB 187ms
63ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1668904573&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585792&bpp=2&bdt=389&idt=216&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ttsfWapSM&p=https%3A//lb.ua&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:53:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F8BD 18 KB
8 KB 181ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8BD 154 KB
48 KB 201ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 00:36:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F8BD 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckso4inZ5Y4jHCNjC7_UPt4ibmATJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODDIAQmpAnNp6beoUrE-qAMBqgTVAU_QR6koWhisrpNeR2NCxosEECBCIc7JKU3GQXKUWS_UzHW2LymtMiDdCqJ34Wi36RleopZUxTAcIAvnf8dTNSh7Sq7r-XvqFlb4bCe2cGrmH5IofFPgnv-QKkUu_HuTIDX5k7HQLkDtJAt2lJQnOqGKHUuPKqZFJCkPtgrhxIDE7V1hgFPfek2Wj491eDhOd8yIeyFjl9Q5OTJSECTgzwhB5lxX_qrkXOddnEzgcBK5bGbwPOOTz6LJQ86IS2B7qGesjgLi4rY2u1NA0bAyoI2M3lo2GIAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02MDk2OTMyMDY0NTg1MDgwGAA&sigh=yWvjPh5nhgc&uach_m=[UACH]&cid=CAQSGwDq26N9PfSF3f6jKKEcIH356asxQSALiII6QxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1668904573&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585792&bpp=2&bdt=389&idt=216&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ttsfWapSM&p=https%3A//lb.ua&dtd=220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 00:36:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Nov 2022 00:36:26 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame F8BD 0
0 184ms
60ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k_79EqzJMMAClgGdg2ICAgAAAMkbQ1iN6R1-cIFdoJaBD64QiXZ5Y6hf-9H9gB3u7A7mABIAAA&wp=Y3l2igACI4gIu-FYAAbEN8Q9TTDGY1rC_E3Ejg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 265887
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DD05 170 KB
53 KB 280ms
140ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3l2igACI4gIu-FYAAbEN8Q9TTDGY1rC_E3Ejg&u=%7C1qoCUqSZbATmiLhtR3iHQ2sFHU7xEFHpG6qxEdEimeY%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkI1qzmMYrY2UYMl8X0aOHarqQoM6QM_MbtOEWUaNvS4hx9bMdk1yWIj-JJ3yYMG64dpQ3sE-VDVP6P17SHrfoxeRCx1785Al5siBR6ycgWMjaZ3u3iJmoNnw0ZEEhQN37PePDNIRivBrp3dUfFvh60b3NuafrutWvfRYeCFhZWwdd5vS2rEdayoU98FlyWaeNl5rSmeSUnZujZS7U_8W4xN-x7BFdNVlFl5ogcgcKnxTn7HXR6ep6BY0I4Eo-iiZJQvTOai18uxzo79mYjlluYNszudtbXE_NQYvR_fxVQu2-iPk8IRvFHUT23dUYUsk_YbGP63CZuVdNnHHr75THPhKRYVOpt1e8foNEXlJ6pzkAUunqRFx0n5CSqFTUW7YPXqGqQSWaILConSetqys7xtH5Qbk2EWP9ya56oVm1wkDgCW6_t2kKzDt9v4Tz5lZVFwCQVKjfawiQvhnB-WKR6qMzX43SCs4_3jhvkWeyeaGZp9hjKZhRpovcl-nylLmqYx0hX1QbzcPkHAhKkFcryqPfN6JQ4Brfr8wVu8CRAE89OLTuvpGL3c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQDveinZ5Y4jHCNjC7_UPt4ibmATJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODDIAQmpAnNp6beoUrE-qAMBqgTYAU_QR6koWhisrpNeR2NCxosEECBCIc7JKU3GQXKUWS_UzHW2LymtMiDdCqJ34Wi36RleopZUxTAcIAvnf8dTNSh7Sq7r-XvqFlb4bCe2cGrmH5IofFPgnv-QKkUu_HuTIDX5k7HQLkDtJAt2lJQnOqGKHUuPKqZFJCkPtgrhxIDE7V1hgFPfek2Wj491eDhOd8yIeyFjl9Q5OTJSECTgzwhB5lxX_qrkXOddnEzgcBL7bkdiu2wP3B1VV21YdsaDoXOmOAjM-jSCc27mIw8sjJUJdN4lp-SAbIAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AW-6GvHANEMyQiyC-5wcu5I069g%26client%3Dca-pub-6096932064585080%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cff62c6844dab4f7fb39f316ad8f38236e37c9a41de5a516bc10541fda33c7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jq0CluL1LAe_kVIZ0si4CSpVMa58oxpKowhrFHpl3oGpchhQd4PzGCXO5oCobXqhiu0phUmzlqVDjuCwUrTm1MugZF7YCm88IZzqJU0NhpyH4AwVcZEr4CkK9AQsf5vKwEUfDzm31kBPV4E35JVpJXiFp9Y8zSRoALfmx_HpUu_1U9fhSKqwR3M4obEyEk1M_hL2xU2DXKYGCfsiFVKXBUuuhpAK3Qy36TproxWIOfviwAApnKsT3BOqOFSlHN8d9KTi7A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74611767
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame F8BD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29de5e063d80356c804381132d7eecc1c3d59f341d41bcbc1de48d4343da8f2b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 045D 2 KB
765 B 225ms
108ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1668904573&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585822&bpp=1&bdt=419&idt=210&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=p2Fu0wgwOs&p=https%3A//lb.ua&dtd=213

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 14:22:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 045D 0
0 99ms
99ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmZxpinZ5Y8a4CNzI7_UPqdWvkAbGvfS5bYLVkdjTEJaCzYWIFhABIJX8kiVglQKgAbrhttgDyAEBqQJzaem3qFKxPqgDAcgDywSqBOoBT9CAPP_fyehZmKSHQ6V80CGQ0P7MAD0EiWr67buEkcijQJ6OshCwU-02uT7LzUYyOeNFr8rv6Uxu8x7tY2Clq4IOLCheGPhBPYRehWrETIPaNkMpeV5zkiQN_zGsU3WDtIpdiUbjqtUUKr1am2VCQFGLyvi1w-RA5PCya344l4xGU8q2bV8KdBmUoOVXxy6fVn755GDSMAXH45Y5YKTdA73BNvct0c-yA6ZTjgL9acZpBjC2Vdp0CH-tNRJM4DUZuaxdDjJRdgUZH3vR0xsX_gpXFkiyEpd61RKHXluynlIAQlnIouK4BFbtwAS0-MSkmASSBQQIBBgBkgUECAUYBKAGAoAHt7KnL6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENztBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTYwOTY5MzIwNjQ1ODUwODAYAA&sigh=clgQcVMFH30&uach_m=[UACH]&cid=CAQSGwDq26N9sszMnvocn6qXrBaaiw_4t9h7-jEFxBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1668904573&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585822&bpp=1&bdt=419&idt=210&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=p2Fu0wgwOs&p=https%3A//lb.ua&dtd=213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 00:36:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 3316240568407704684
tpc.googlesyndication.com/daca_images/simgad/ Frame 045D 23 KB
23 KB 166ms
63ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3316240568407704684?w=360&h=640

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e04db50eb39e00455f7e0515a6eca4da4a52f9aaa3c252f5dbbf0662e1f8e66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:49:58 GMT
x-content-type-options: nosniff
age: 35188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23078
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:59:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 14:49:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 045D 23 KB
9 KB 156ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 045D 3 KB
1 KB 206ms
107ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:53:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 045D 18 KB
7 KB 196ms
98ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 045D 154 KB
47 KB 175ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 00:36:26 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 045D 34 KB
14 KB 186ms
57ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 428172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 01:40:14 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DD05 2 KB
1 KB 177ms
58ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3l2igACI4gIu-FYAAbEN8Q9TTDGY1rC_E3Ejg&u=%7C1qoCUqSZbATmiLhtR3iHQ2sFHU7xEFHpG6qxEdEimeY%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkI1qzmMYrY2UYMl8X0aOHarqQoM6QM_MbtOEWUaNvS4hx9bMdk1yWIj-JJ3yYMG64dpQ3sE-VDVP6P17SHrfoxeRCx1785Al5siBR6ycgWMjaZ3u3iJmoNnw0ZEEhQN37PePDNIRivBrp3dUfFvh60b3NuafrutWvfRYeCFhZWwdd5vS2rEdayoU98FlyWaeNl5rSmeSUnZujZS7U_8W4xN-x7BFdNVlFl5ogcgcKnxTn7HXR6ep6BY0I4Eo-iiZJQvTOai18uxzo79mYjlluYNszudtbXE_NQYvR_fxVQu2-iPk8IRvFHUT23dUYUsk_YbGP63CZuVdNnHHr75THPhKRYVOpt1e8foNEXlJ6pzkAUunqRFx0n5CSqFTUW7YPXqGqQSWaILConSetqys7xtH5Qbk2EWP9ya56oVm1wkDgCW6_t2kKzDt9v4Tz5lZVFwCQVKjfawiQvhnB-WKR6qMzX43SCs4_3jhvkWeyeaGZp9hjKZhRpovcl-nylLmqYx0hX1QbzcPkHAhKkFcryqPfN6JQ4Brfr8wVu8CRAE89OLTuvpGL3c&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQDveinZ5Y4jHCNjC7_UPt4ibmATJntKxXNX24taTAcCNtwEQASAAYJUCggEXY2EtcHViLTYwOTY5MzIwNjQ1ODUwODDIAQmpAnNp6beoUrE-qAMBqgTYAU_QR6koWhisrpNeR2NCxosEECBCIc7JKU3GQXKUWS_UzHW2LymtMiDdCqJ34Wi36RleopZUxTAcIAvnf8dTNSh7Sq7r-XvqFlb4bCe2cGrmH5IofFPgnv-QKkUu_HuTIDX5k7HQLkDtJAt2lJQnOqGKHUuPKqZFJCkPtgrhxIDE7V1hgFPfek2Wj491eDhOd8yIeyFjl9Q5OTJSECTgzwhB5lxX_qrkXOddnEzgcBL7bkdiu2wP3B1VV21YdsaDoXOmOAjM-jSCc27mIw8sjJUJdN4lp-SAbIAGiYjw842givl7oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AW-6GvHANEMyQiyC-5wcu5I069g%26client%3Dca-pub-6096932064585080%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame DD05 2 KB
1 KB 176ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DD05 308 B
636 B 173ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DD05 293 B
622 B 172ms
55ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame DD05 43 B
348 B 195ms
63ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=hkKSYBpK0DyxYYApIcwzf0tcBAJ_PJ4CJBtILZ5CbLwKViG6v2UZXRF1z2aV1U6pB4lh9CS0c0pVzr6J2_ub4UO7zXvUobiDzt7mR1BlnOOBqdu1cUVwXTjFZUym_lWdCiWSqy-XTRIq5V9npfmiE3V1wO__9JJKQQVB8tco74bPPLjfos3DlWZ-QPJ41EogbzWY6l7UmDz75TySmXKn28HtMevh_eGNtQq9JOfhrLx9BbYjTSrDD6O9sXyLotht7E8zPcWRLW2OIqMiZyexGQTAeXSds9KesqPMgaUfr53WTOirjiFW0lQfA4Pn4k00LFiW-JIrH_Eu_lVjg7pT-25efajAJpknY1quaYl1oT63CRu6Q8BYYTEsPXVPsVagrJrURVnct3nJL1wBFleZ2AhVhWzXWVV08k5MuudyhriPkhB11z4Q8th-8DyMPeP5fCTvjQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1980035
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DD05 12 KB
5 KB 147ms
49ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 792733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKcKdn5e8wCnbGgAbQ5XMBk%2Fx9f5kIDjq%2B2BIDkJ03vVA2uMF2C4d9oHcgJSjUd55XKPW55eY9HqwWUfv5fo%2FY1IzgoAGI1R%2FPxtIQs3%2Bv8PcVRccqA5CT8HP59pmx12uDvR9iY8NdK3GwVfgoJfNVFg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76cd1c83dcf37539-LHR
expires: Fri, 10 Nov 2023 00:36:26 GMT

GET
H2 200 9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame DD05 58 KB
58 KB 187ms
63ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-e7e4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame DD05 56 KB
56 KB 252ms
129ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 05 Feb 2020 10:30:18 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e3a993a-de74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DD05 12 KB
6 KB 57ms
57ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 31 KB
32 KB 271ms
157ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fff7143ae-8609-4f1e-8d02-7a10e6c7e899_4616f37a-c0b5-43d2-8046-e433829762bf.jpg&v=3&w=400&s=tPjUuN3a4D7wCAheI2pvIfxG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

836415bd09d4f84910b78f75b4ddfe37b352ae607d0b21535fde13e3325f790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=492253
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31996
expires: Fri, 25 Nov 2022 17:20:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 32 KB
32 KB 172ms
58ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F8a0b234f-ad26-4419-87f4-2809cd25ecce_fc11db04-0e71-4fa6-bc99-c41fbd5868b0.jpg&v=3&w=400&s=jiMk0Siy6Du8R63lNXbaprEd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

da8d1f8585e4ecf6e4bc1cadf951986142ad3d5af28132c1e806a3235892aebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1167545
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32362
expires: Sat, 03 Dec 2022 12:55:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 23 KB
23 KB 302ms
188ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F41cf47c6-6bbc-44bd-9552-ad57e23014c0_d339c300-ec98-4070-aa04-b89702f60722.jpg&v=3&w=400&s=QzCmIz5GAt8bN-omH0rsr8wp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b6e6f52470205c39f600f36350b748db7e9e08303bc21902e22f64809f6d9fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1155058
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23568
expires: Sat, 03 Dec 2022 09:27:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 34 KB
34 KB 314ms
200ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F2e739ebe-36e6-4cc2-a5ac-831b417af5d2_9a53bf9f-37f3-456b-91e5-171bf17fd35f.jpg&v=3&w=400&s=tSYGzpUnO8L591asi7Gyh1V9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d71d6f235536c1696ed6590061e706480aa5213eeb88c9932c0e8dd8c8057258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1155093
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34500
expires: Sat, 03 Dec 2022 09:28:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 32 KB
33 KB 349ms
235ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F39a86de8-8730-4f15-bad3-b97dd38759b6_4f32ef56-eeea-4ea4-98bc-8d83e75e11cb.jpg&v=3&w=400&s=_HppnjhJ-6QW2RrQWFm5pvut&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ac6f72e73e1f013a400ca3e625ed75bf28327d3086ee553e77ed6df648e67c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2595
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33148
expires: Sun, 20 Nov 2022 01:19:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 56 KB
56 KB 328ms
215ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F250fc519-88a7-4bd0-ab19-694dc120fae6_3c5a8a7a-765b-4eee-bc79-ee1aef2f89e8.jpg&v=3&w=400&s=w8Qb7nt7CaxdQr8pjMonIwuv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

091bc0c7e63ff7362b31e89d2bebef94b5f4973850d433dab1786ce312258ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=206451
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 56928
expires: Tue, 22 Nov 2022 09:57:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 30 KB
30 KB 206ms
205ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F338a571b-3e67-4a56-b2f2-376a531f110a_b3852e81-7219-440d-8621-00438c7eb83e.jpg&v=3&w=400&s=n8M5S8Fjd-u3UwQY7AskSrZN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8d27d5f59a4f04921c725c45f98aeb43c5637a3fce34cecf15575ab0d08aa742

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=492769
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30238
expires: Fri, 25 Nov 2022 17:29:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 29 KB
29 KB 222ms
220ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Ffcd17a95-0a58-46c4-8d16-62d0e68ccaff_bc940c61-d5dc-4362-ab2b-5caae766615a.jpg&v=3&w=400&s=exk4o8VO9757mX59LD7YgWBX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f30e92a98d9b0a8b3ebed2efc24510d671a4799fcaf556ec051778a0aeb9fc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1102139
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29356
expires: Fri, 02 Dec 2022 18:45:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DD05 41 KB
42 KB 214ms
213ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F68c3bfe7-11f8-46c4-a9f2-8bb8e3ef1622_14d89306-90fe-4185-8fed-ca30d1e8ef41.jpg&v=3&w=400&s=Q_g1fpuBS8z2_6scf8tD_DN6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

95ff0aac503df6c8c6c201bb600dcbeed8922adfb3861043bc1524603c72c8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=207682
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42218
expires: Tue, 22 Nov 2022 10:17:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DD05 0
128 B 177ms
57ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=jq0CluL1LAe_kVIZ0si4CSpVMa58oxpKowhrFHpl3oGpchhQd4PzGCXO5oCobXqhiu0phUmzlqVDjuCwUrTm1MugZF7YCm88IZzqJU0NhpyH4AwVcZEr4CkK9AQsf5vKwEUfDzm31kBPV4E35JVpJXiFp9Y8zSRoALfmx_HpUu_1U9fhSKqwR3M4obEyEk1M_hL2xU2DXKYGCfsiFVKXBUuuhpAK3Qy36TproxWIOfviwAApnKsT3BOqOFSlHN8d9KTi7A&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 20 Nov 2022 00:36:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DD05 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DD05 2 KB
1 KB 56ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 00:36:26 GMT

GET
DATA 200
OK truncated
/ Frame 045D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cff7ebff4554bf7afd6b96b78c34ce178549ffc7d835edfefcca018843d44e00

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 / Show response
www.facebook.com/tr/ Frame C05B 0
18 B 111ms
54ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://lb.ua
Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://lb.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:27 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 95A6 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AB1C 6 KB
1 KB 191ms
66ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=1761623006&pi=t.aa~a.4141678559~rp.3&daaos=1668870264822&w=429&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=934&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600%2C429x416&nras=4&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1902&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=PH1L52w9EP&p=https%3A//lb.ua&dtd=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 00:34:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AB1C 2 KB
765 B 57ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 14:22:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame AB1C 23 KB
9 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AB1C 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:53:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AB1C 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwFwminZ5Y7irGb-69u8PkoWNuA_GvfS5bernlNjTEJaCzYWIFhABIJX8kiVglQKgAbrhttgDyAEJqQJzaem3qFKxPqgDAcgDywSqBN4BT9Anf9uREXwdDoUmflFerKUdeKrYLo1WY-W3j12Grbc3HMGxXI2O8Rwe5aIorHIRR9LuYqeXQjFeH6991VAswV9QQJVm5FtbHhvbCnK1vkbIIhbDcZ6lveIZLTJfkurw1ddwgB48iBKxSGjJLAKE_MEcIjoh7G14J_AfukAie8FQCuIHEmKmDrZcAc7QhiGdEzvXTRVrplYVhYD9fu-wPAYF0xwpDNNetiNoZ3pNU-2yvv8rW7oGFkdw1b2aswGaRxQwip9r1smYa4cTJ-vDvxS0__mcX0imc84_aBNdwAT8vMakmASSBQQIBBgBkgUECAUYBKAGLoAHt7KnL6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO3GFtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi02MDk2OTMyMDY0NTg1MDgwGAA&sigh=-KxnZlnJMjE&uach_m=[UACH]&cid=CAQSOwDq26N9O9-g3SffMk_8LMac47SAolvSJRH4l0RuzqeQbRUeEjnBV6LuT1GCgsIUOXTn0z8tQ133aHfvGAEgEw&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=1761623006&pi=t.aa~a.4141678559~rp.3&daaos=1668870264822&w=429&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=934&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600%2C429x416&nras=4&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1902&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=PH1L52w9EP&p=https%3A//lb.ua&dtd=30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 00:36:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AB1C 18 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AB1C 0
0 173ms
61ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCUjrrFu6Gcsdiyzl-URiavxr4eWUhebVljGqt21q0XwzQe6kyz2PU7FK7Cwu_p6YytowNG9-c34V-tZyKe2HEAKHGSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=1761623006&pi=t.aa~a.4141678559~rp.3&daaos=1668870264822&w=429&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=934&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600%2C429x416&nras=4&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1902&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=PH1L52w9EP&p=https%3A//lb.ua&dtd=30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB1C 154 KB
47 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame AB1C 34 KB
14 KB 172ms
57ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 20:57:33 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6861616422411008110/ Frame AB1C 2 KB
2 KB 72ms
71ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6861616422411008110/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00c2f6f71af570c619a4188e7298bbbb08064450b631b6ce11b14976501b2c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:36:10 GMT
x-content-type-options: nosniff
age: 277217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1645
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:12:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Nov 2023 19:36:10 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12853780242073307855/ Frame AB1C 14 KB
14 KB 59ms
58ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12853780242073307855/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056d2571223a6b9049f5e5f26fd66adf1dac013805b721dd4f02e53c561f7940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:31:07 GMT
x-content-type-options: nosniff
age: 126320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14421
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:33:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 13:31:07 GMT

GET
DATA 200
OK truncated
/ Frame AB1C 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame F1CA 8 KB
789 B 160ms
68ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=416&adk=708048766&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1668870264822&w=429&lmt=1668904573&nsk=50c4104d&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x416&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=935&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600&nras=3&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NgcnnGmYxn&p=https%3A//lb.ua&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 00:36:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F1CA 8 KB
789 B 158ms
67ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 00:08:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F1CA 35 KB
14 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 17:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 17:09:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1CA 154 KB
47 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame F1CA 23 KB
9 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F1CA 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:53:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F1CA 18 KB
7 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1A35 1 KB
643 B 59ms
57ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 10:02:15 GMT
etag: 48472445140208031
expires: Sun, 20 Nov 2022 10:02:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 8CC8 8 KB
968 B 69ms
68ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=1418185256&adf=1779360098&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=1200x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585777&bpp=2&bdt=375&idt=209&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wHJvjg8uB1&p=https%3A//lb.ua&dtd=211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Nov 2022 22:44:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8CC8 2 KB
765 B 57ms
56ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 14:22:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8CC8 23 KB
9 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8CC8 3 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:53:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:53:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8CC8 18 KB
7 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 10:02:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CC8 154 KB
47 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 8CC8 34 KB
14 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 20:57:33 GMT

GET
DATA 200
OK truncated
/ Frame AB1C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 081d7e5024e08d15ceef53249ef49815f86e7f65214f9a12ded4ddc67741a63d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8CC8 0
0 98ms
98ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHyu2inZ5Y-bCCIi99u8P9qG8iAHGvfS5bcrWkdjTEGQQASCV_JIlYJUCoAG64bbYA8gBCakCc2npt6hSsT6oAwHIA8sEqgTfAU_QZUrMuKaOOSsrPVY0RlTv_rzD4Ww0DgFYQgPnHV6TDg2sbIBGr1Ppy1XdJOABz50AC4TJpHFqFlEUlPfweXyIos51oKXMc-GolrfZCK7ZNrx0-IGHv_Qn_Ji2N4hpO64GrieQvdDCFqZ2BGOkfGQOKqkAxvTD1NDfLCNg71Bk-SxUMcgX2cjaWpMPYrKnUM_DD0a9k_2oxkf2lmrW49xfSu5eMJ62qXyiwI5ANShMpl2v2yhSeUhgz8C_QmMv9jvuWaW6oSWoFAY96WKDwRo5zCKKfN_pPtRNs8cqMUjABLT4xKSYBJIFBAgEGAGSBQQIBRgEoAYugAe3sqcvqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvqA10ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItNjA5NjkzMjA2NDU4NTA4MBgA&sigh=399AhFdhYdc&uach_m=[UACH]&cid=CAQSGwDq26N9Iq8r9UTvq_7gRQfLvVO8AQWh4D6ISRgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=1418185256&adf=1779360098&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=1200x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585777&bpp=2&bdt=375&idt=209&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wHJvjg8uB1&p=https%3A//lb.ua&dtd=211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 00:36:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4384844700058414550/ Frame 8CC8 34 KB
34 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4384844700058414550/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1d9ee66d16e480a03b0cda557323d07a4a5c900254690a70ddd7c0491757ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:12:56 GMT
x-content-type-options: nosniff
age: 77011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34919
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 12:55:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Nov 2023 03:12:56 GMT

GET
DATA 200
OK truncated
/ Frame 8CC8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8CC8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB1C 15 KB
16 KB 182ms
56ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 156418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 05:09:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB1C 15 KB
15 KB 260ms
136ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 101647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 20:22:20 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1A35 35 B
464 B 188ms
60ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK9KH_fx16HSu_TIm3mNvng&google_cver=1&google_push=ASkJ3FZm1rbOsxaVmQJXNfN0cATSUw0aD0jFrvU8SEr332GOKzxDhf_MnDcl4qUmUNrJjOK8Iaxo4zXmO-n6pytF1JOHSxdFxmXZ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 1A35 43 B
356 B 189ms
64ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGLuyUJmnosxPzof_oKRBi8&google_push=ASkJ3FaNIlaXeRYTRcYZ_cqIFGjZ2ksBV96fGQetvuqkDJKBwy1wE9BUjKlpRqS9_k1QTCAV_ohadQ8sR_emX23qqfbg2RFYA1n1&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=1761623006&pi=t.aa~a.4141678559~rp.3&daaos=1668870264822&w=429&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=934&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600%2C429x416&nras=4&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1902&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=PH1L52w9EP&p=https%3A//lb.ua&dtd=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1A35 43 B
350 B 181ms
61ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJDVscnn3AmwrIpL9_thusc&google_cver=1&google_push=ASkJ3FYTbcP4JlNOUR937Vw53poaCcYSd7mz_fDefjauJDuD7lqiKx50kTueNo7ceyVzXNTnTsuXUTY4HNgcsfHIyGDzxGmVO40
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&adk=177455135&adf=1761623006&pi=t.aa~a.4141678559~rp.3&daaos=1668870264822&w=429&fwrn=4&fwrnh=100&lmt=1668904573&rafmt=1&to=qs&pwprc=1459918002&format=429x280&url=https%3A%2F%2Flb.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=934&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600%2C429x416&nras=4&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1902&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=PH1L52w9EP&p=https%3A//lb.ua&dtd=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: io9pah0id9lqi9am66u1bta61ere19qp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A35
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nE_f6q0CQeWBCTDcbenngg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

131ms
66ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nE_f6q0CQeWBCTDcbenngg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvvrA_kI8qRT5OfyVgwpXbfLk1BDqXI0kUHX8yBow4mJqA0RXpzJ_WJ1VNL99I1S7cnlQ-tj6uFGNOVKv2OUxC9W9vxjdA

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nE_f6q0CQeWBCTDcbenngg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvvrA_kI8qRT5OfyVgwpXbfLk1BDqXI0kUHX8yBow4mJqA0RXpzJ_WJ1VNL99I1S7cnlQ-tj6uFGNOVKv2OUxC9W9vxjdA
date: Sun, 20 Nov 2022 00:36:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A35
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAlkFEWGB5bB_vV7Jyc1x28&google_cver=1&google_push=ASkJ3FaEGoJO8FQj8AD_JIJz3N9eTWyD1bSMfvseTynRMjwzUF2425x_M6nPVe9cDR2iyuaUxlx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NUEtMUQtN1FZSg==&google_push=ASkJ3FaEGoJO8FQj8AD_JIJz3N9eTWyD1bSMfvseTynRMjwzUF2425x_M6nPVe9cDR2iyuaUxlxoNs4lAHQKmhuH2ZiLx-Pkxmp-

170 B
188 B

176ms
67ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NUEtMUQtN1FZSg==&google_push=ASkJ3FaEGoJO8FQj8AD_JIJz3N9eTWyD1bSMfvseTynRMjwzUF2425x_M6nPVe9cDR2iyuaUxlxoNs4lAHQKmhuH2ZiLx-Pkxmp-

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NUEtMUQtN1FZSg==&google_push=ASkJ3FaEGoJO8FQj8AD_JIJz3N9eTWyD1bSMfvseTynRMjwzUF2425x_M6nPVe9cDR2iyuaUxlxoNs4lAHQKmhuH2ZiLx-Pkxmp-
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A35
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3FYPs3XXxuGYlIxizAxGkNng-WPwqguVU...

170 B
188 B

82ms
68ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3FYPs3XXxuGYlIxizAxGkNng-WPwqguVUXgYDX5lJ2DMAgyjOVJlsZ8E_YwLZ3me8Leb5tE-m4zWIjmg6xLcS1lfOfz8AO6Y

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilvb%2BAbFl6INZq0EbfDip5j2yNaUONFVDGFWFx9JpSimlDHN2lsw8%2Be0NYu1EKhw6%2FnV2IqrGN5EaQHKUBUFL%2BU64vJVjNl3iZTzk9iM%2FD9S81cq%2Bok6KCi5yeg2hSgwyjCWCoCM5mQubQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPLeqYk3qKOxmnwj7PSh6N4&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3FYPs3XXxuGYlIxizAxGkNng-WPwqguVUXgYDX5lJ2DMAgyjOVJlsZ8E_YwLZ3me8Leb5tE-m4zWIjmg6xLcS1lfOfz8AO6Y
cache-control: no-cache
cf-ray: 76cd1c87be1d72f4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 1A35 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1A35 0
49 B 201ms
65ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEoFSCbSXAf3pqUkITTw99DcJCjpqDNhKGvNTpzdr6mAfL__XCR5MGaM87Nkv-Nk3IFWby0Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10364821484458959038/ Frame F1CA 18 KB
19 KB 96ms
95ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10364821484458959038/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAMQ4AEYASABLQAAAD8wrAM44AFFAACAPw&rs=AOga4qlklU4NtaWD-XitN3aLirQj7kp7Ug

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ca05c81489ac73781d4079dc541fd14fe5f23481c9ae3b4f743040f1d6cc50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18938
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 16:27:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 20 Nov 2023 00:36:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F1CA 0
0 102ms
101ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjeXRinZ5Y9CkGdSK7_UPovSJsAmmlP2nbdWb5KjPEJiS-IezAhABIJX8kiVglQKgAc3Sj98DyAEGqQJzaem3qFKxPqgDAcgDywSqBOMBT9AIRF7hJkynmMmQRFGRjuJgE5lDKY-ecgBGMhZGcsTmeUXnZTj4zS29Jwd5_Omf2e2WyRlHRq1vlHk1n_7EjNFGYRvMSqlM4IF7gicH1cIDlvYzX9WbxSNIMH_aHgTcPZzo_sUytE6fdwcKgpwH0CLNktCZzSShdyX45DpIsEpk08tMq2xlf1lJ0CngiWEuOhGPEKfWuPE4GengEZrI4VNmfDnWa3ZMq7UqbDMh_Gq_L8C_QzgueStxVSOSjLjoQUxaEs2LZJ7LpAJ0lNdU2a3drjVXdRFVWgKQCtsepHPXZnvABJWG9LSTBJIFBAgEGAGSBQQIBRgEoAY3gAebrfAgqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQsPs30ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNjA5NjkzMjA2NDU4NTA4MBgA&sigh=ojNFuEVzJLA&uach_m=[UACH]&cid=CAQSOwDq26N9lsiiDM1KRMRPVWwb9GgZAAWrK4huFgkCbs6Yl9AIOPSKsMAuy_HCU05V-Uj1mq3j58Ypslj9GAEgEw&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=416&adk=708048766&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1668870264822&w=429&lmt=1668904573&nsk=50c4104d&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x416&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=935&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600&nras=3&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NgcnnGmYxn&p=https%3A//lb.ua&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 00:36:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC5D 143 B
166 B 55ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=416&adk=708048766&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1668870264822&w=429&lmt=1668904573&nsk=50c4104d&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x416&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=935&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600&nras=3&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NgcnnGmYxn&p=https%3A//lb.ua&dtd=27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 23:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 576D 1 KB
643 B 57ms
56ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 10:02:15 GMT
etag: 48472445140208031
expires: Sun, 20 Nov 2022 10:02:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F1CA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e9ecd9b9450ead84c8958036c4b559dfd68ebb3a6a487e4382401c8ce82032d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F1CA 10 KB
10 KB 252ms
173ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 01:24:30 GMT
x-content-type-options: nosniff
age: 256317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:24:30 GMT

GET
DATA 200
OK truncated
/ Frame 8CC8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec03f62ab0bd310edaac4018262c550e1d1756f1bc636b574613bac638cf70fa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8CC8 28 KB
28 KB 101ms
71ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 09:03:51 GMT
x-content-type-options: nosniff
age: 315156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 09:03:51 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiIUvaYr.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8CC8 14 KB
14 KB 184ms
155ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiIUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7027d4f4817e4725bc3aaa07b3ce4b9275cc51e51303570fe5df3818116c0acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 22:43:23 GMT
x-content-type-options: nosniff
age: 265984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14240
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 22:43:23 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D5C 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 576D 35 B
463 B 68ms
61ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH-L6JviPnisMKFhBMNszcA&google_cver=1&google_push=ASkJ3Fa9O1c0Qoh-BHg9uz8tqeNl0ra_znNYjrbOOcT9aB1eyHp0fDLBIa5hI3Sf8SF95t7NyhSL2OLYciAgoNL7U2tV6_SkWix5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 576D 0
98 B 190ms
63ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FbEpKwptQ7NA3jurQWFAFxgvDHps03wEi43s1S91RXbyaaTqsQQIUPMBkLe8RqSJHFzHO97F2ToW7s4enc0XqwTfE3uqneN&google_gid=CAESENiguBnG3fx_FToMeQ6Rdu0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=416&adk=708048766&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1668870264822&w=429&lmt=1668904573&nsk=50c4104d&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x416&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=935&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600&nras=3&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NgcnnGmYxn&p=https%3A//lb.ua&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 576D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbPowcf...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbPowcf...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMDM2MjcwMDA0MTgzMDQ2NDI3MQ%3D%3D&google_push=ASkJ3FbPowcfqrvc4clHehZuKTWIP5B8UQNATU2oMf_ygIU82vFNE_ZpoUbDdagdsw6xzz...

170 B
188 B

66ms
65ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMDM2MjcwMDA0MTgzMDQ2NDI3MQ%3D%3D&google_push=ASkJ3FbPowcfqrvc4clHehZuKTWIP5B8UQNATU2oMf_ygIU82vFNE_ZpoUbDdagdsw6xzz7BO0l4471dPSysaKhfry5bZeOwJatp

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMDM2MjcwMDA0MTgzMDQ2NDI3MQ%3D%3D&google_push=ASkJ3FbPowcfqrvc4clHehZuKTWIP5B8UQNATU2oMf_ygIU82vFNE_ZpoUbDdagdsw6xzz7BO0l4471dPSysaKhfry5bZeOwJatp
pragma: no-cache
date: Sun, 20 Nov 2022 00:36:28 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 20 Nov 2022 00:36:28 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 576D 43 B
134 B 65ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEN3XeVqo3L8Uhm1Zh3MS6Ts&google_cver=1&google_push=ASkJ3Fa7SWb8ZR2KaNxsyt9xmYpjtaZk6JIDS8uwp7hhxNkbsdutxuKidbHzXHR9q2hWxmSBFe6RD57mY9tAOjos90Amac16SV0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=416&adk=708048766&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1668870264822&w=429&lmt=1668904573&nsk=50c4104d&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x416&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904586337&bpp=1&bdt=935&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32abb74bab08de07-22d2e96e3ccf0011%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww&gpic=UID%3D00000b8428a2bd57%3AT%3D1668904586%3ART%3D1668904586%3AS%3DALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA&prev_fmts=0x0%2C1200x280%2C320x150%2C336x280%2C300x600&nras=3&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NgcnnGmYxn&p=https%3A//lb.ua&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bqfgcaft8hl12e24jartqdtbrr7k2cen

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 576D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IBw_vvHHQmGhdIYxiXJR4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

129ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IBw_vvHHQmGhdIYxiXJR4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaW4Ijb24uGMi1POpT4KVQ22dDkEHn6KQX5jdfMecolzq7LhtY6EyhHwDSJttvVyLR6NXYzrahIIXKE1uSfHxarUXC3Zt1w

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IBw_vvHHQmGhdIYxiXJR4w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaW4Ijb24uGMi1POpT4KVQ22dDkEHn6KQX5jdfMecolzq7LhtY6EyhHwDSJttvVyLR6NXYzrahIIXKE1uSfHxarUXC3Zt1w
date: Sun, 20 Nov 2022 00:36:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 576D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELabXpGaIiU5b2J-seGvz4Q&google_cver=1&google_push=ASkJ3FY6tehhYMZbnd_0nKCn8bBs2-g7UL7mv5H6HmqbPeu4DMv6VYyufAecWL-LmtvVv7PY4cR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NlUtMTYtSEZGWQ==&google_push=ASkJ3FY6tehhYMZbnd_0nKCn8bBs2-g7UL7mv5H6HmqbPeu4DMv6VYyufAecWL-LmtvVv7PY4cReVgJnoEg4ddo_bazmfBhx5LBR

170 B
188 B

120ms
67ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NlUtMTYtSEZGWQ==&google_push=ASkJ3FY6tehhYMZbnd_0nKCn8bBs2-g7UL7mv5H6HmqbPeu4DMv6VYyufAecWL-LmtvVv7PY4cReVgJnoEg4ddo_bazmfBhx5LBR

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTVA5NlUtMTYtSEZGWQ==&google_push=ASkJ3FY6tehhYMZbnd_0nKCn8bBs2-g7UL7mv5H6HmqbPeu4DMv6VYyufAecWL-LmtvVv7PY4cReVgJnoEg4ddo_bazmfBhx5LBR
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 576D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3Fa7Q8uQcuWIJSiuBeI-p5gjNWlC5MNx9...

170 B
188 B

81ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3Fa7Q8uQcuWIJSiuBeI-p5gjNWlC5MNx9h02MCSKuVCCa14G88uuLFnry54HElCFXMce3iIhdYSLc5bVFqtQGFhvm0w7nPT_

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z63EsvUyl9V0i5QFn68PorbJsk7ZwAA5hYl23vK5S2J5f9oeOqQUm6sZ0OMrQGnJLIrZovic928OK%2BcHbzh9CByj%2F9O99oeC9iXMDjVcIU2N1yx2Owmf4Qa5ZGIQcB551FiIvToMTINl9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOWdnIgIi4TWCXEhvU7l1xM&google_hm=Y3l2i4SEVuath4RrUluYUQAAAroAAAAB&google_nid=index&google_push=ASkJ3Fa7Q8uQcuWIJSiuBeI-p5gjNWlC5MNx9h02MCSKuVCCa14G88uuLFnry54HElCFXMce3iIhdYSLc5bVFqtQGFhvm0w7nPT_
cache-control: no-cache
cf-ray: 76cd1c87be1e72f4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 576D 0
232 B 80ms
64ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KuajS-70RGBBK5IcGD2HdGcqBfb9ju_eS4Pqie6x5VK3dMMQe0AnzGt3O7K5yjk2FMdnRR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DC5D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

91ms
91ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:27 GMT
expires: Sun, 20 Nov 2022 00:36:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A86 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 190ms
75ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9ed9c0563530c72bec500e1bd72dad05a9a559011e3642c6155063b8bdc0c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11270
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6064 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 00:36:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FDC5 13 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 23:36:23 GMT
expires: Sun, 19 Nov 2023 23:36:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97F8 783 B
536 B 103ms
102ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b678325b17ef02560db7aee278e523970aa2d0492e7ab2a30bfaddbe3d43a24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JA56YTXsOQjyw25vqLoyIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-JA56YTXsOQjyw25vqLoyIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:36:27 GMT
expires: Sun, 20 Nov 2022 00:36:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame FDC5 36 KB
16 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 97F8 0
0 91ms
90ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2210230456836934&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FDC5 0
12 B 57ms
56ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GaYlPA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CC8 42 B
64 B 94ms
94ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqxTvcuBE3U56XzZKPtwIc6gthrx2N0rUVg3YXT_E6XZ50i-sKg-ffQqtTfA_GOKV0pOTPtWUqkuTJZc9OzNkFRQPv1K0n2Hs5jvWmuziA2E_y2rDIcAvIa-f2WSRXUxQQvMvKjA&sai=AMfl-YTu2M5Xod4r1XrPer1b-2pGlKc84ignuoRVVoRXit8SGBh1Df0kVq-BWgebpDext0YbtfrPIRt4rL9PK4c&sig=Cg0ArKJSzC0hlq3KRuL1EAE&cid=CAQSGwDq26N9Iq8r9UTvq_7gRQfLvVO8AQWh4D6ISRgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1418185256&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668904585990&rpt=1296&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:36:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
93ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2210230456836934&bg=!srGlsfXNAAbvMpMzzzI7ACkAdvg8WpTg1ER-AIuHOrZGjqiBuremhsExA94foIZzLslet8cXovwQSAIAAACYUgAAAANoAQcKAAht7-YB4xNwYZkCk6r2t1O2bSAcfjsgCEp1IqgUsBwCCgNe-_uY7vgo8-ijbNNkClj1GD_jhfN_cRu0e8sWQDSTttjU1T9KTe919L4iOlAMEaQM0OHZdl22gnB_MHyrwXCY-mVXMuuJzkJliZqjlH0KyvEb5pAE6hHpcIVhDdKWQeou7dHJnAwuFBbKnxvCmmo3UrzM_R-1eZsSn0eb1Pia3grfNIoyxUbj-4WRepqmdyWQacdttBMDrxhpw0THF4335O3KzZYC09esrt_uvYdY-3eM7a3o2buW-8DQ_7nptFoM60b2Ar-03azo-WWZ4jBwZyr5li39gONlbdOeQfIwacZHF0bgak2rYQUicXxzn-j7mLUQj2tp1EiBu1N0cGd6btsOJkb3VTU8pNjLbyTVsCMmyk2UP0q_Oy_EebmOjw3UGPWl4Y01FAL4fIw0zXS3zaOAGlyKFm86CJYxpPfQ7iKdBkq3haX_IiQk2BAS5-qw7BcVxG9HK-HvR-EcPmOPdu9gUt7sC05f--zLbd_T1nAJ4pdCwcbb5nagpAfXApTN9UPSaS9CSbxWwW-dLqwR_hw1YwTaxVQFz9JP5M3M8kSYjpLp0auipaLkdMESTnA99l_HTxKwjCri3LxqKaeZWtK9E21VPrdszcoeDAGI-oNe1CJ3y67A_4OdBcz41ua9TlRetdktIgLV0nBrpcLIsvuAThUQkaHqsODY6ObgI7dVkaixnWYHBWvz29wv3wLd_p20VSn8kJioxJ6h_HRsrq_kWF2pagKZfYKqw-0CEeGK0yG5CFSd7mqcAyNCP-M-ZX5QC-2_MSpSgbkPrQRmocu9TCYn7Ocz6GPC5EfCbICeFvzz2XnoIRyu50thLIWuzby0te6J2TknN2Ad
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 6319b231b22c9.jpeg
i.lb.ua/027/49/ 21 KB
21 KB 60ms
60ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/027/49/6319b231b22c9.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4c7f4a331bbce912cc40e9aefe4059339f14669b1b3ffebf1b93d62939c699a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:30 GMT
last-modified: Thu, 08 Sep 2022 09:13:21 GMT
server: Microsoft-IIS/10.0
etag: "271c163e63c3d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21352

GET
H2 200 6349a69e23b1c.jpeg
i.lb.ua/050/29/ 62 KB
62 KB 60ms
59ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/050/29/6349a69e23b1c.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: e4e9a755dc37f97e0fcfe8d13c682caddfb324422a09c6ce6b86862fd5f5b8f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:30 GMT
last-modified: Fri, 14 Oct 2022 18:12:46 GMT
server: Microsoft-IIS/10.0
etag: "c679b88ff8dfd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 63234

GET
H2 200 6377f725dc71d_200_130.jpeg
i.lb.ua/021/49/ 8 KB
8 KB 59ms
59ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/021/49/6377f725dc71d_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: fc1e96eda94fe216934f29844f7a76e742d0584436ee5c6ff80a9fe83c0f800f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:30 GMT
last-modified: Fri, 18 Nov 2022 21:20:38 GMT
server: Microsoft-IIS/10.0
etag: "7d4fc39a93fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 8221

GET
H2 200 6377f8b8b2296_200_130.jpeg
i.lb.ua/043/49/ 7 KB
7 KB 60ms
59ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/043/49/6377f8b8b2296_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 3562a4c8eadcae224e188982b00f90ebe24c8f65ff06f79fc716ec8536909970

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:36:30 GMT
last-modified: Fri, 18 Nov 2022 21:27:21 GMT
server: Microsoft-IIS/10.0
etag: "9667d38a94fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7019

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEA4BKFtf6VVGjTrNiLL8Jmw&google_cver=1&google_push=ASkJ3FaeU9iNSJ2AaNKahy_1fSwdOTzI9PMjMIK9oeGOQt_Z5NYVHJZQMn49auUmdLWnxq5-5X3tqN1X0HW3nyjseAmbu7VxsO7cHA

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lb.ua/	1969-12-31 23:59:59	Name: __utmc Value: 5405166
.lb.ua/	1970-01-20 11:57:52	Name: __utmz Value: 5405166.1668904586.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.lb.ua/	1970-01-20 07:35:05	Name: __utmt Value: 1
.lb.ua/	1970-01-20 17:11:04	Name: __utma Value: 5405166.1661487710.1668904586.1668904586.1668904586.1
.lb.ua/	1970-01-20 07:35:06	Name: __utmb Value: 5405166.1.10.1668904586
.lb.ua/	1970-01-20 16:56:40	Name: __gads Value: ID=32abb74bab08de07-22d2e96e3ccf0011:T=1668904586:RT=1668904586:S=ALNI_MbBWKpME_hM0Ucgmt1YCc338j6Dww
.lb.ua/	1970-01-20 16:56:40	Name: __gpi Value: UID=00000b8428a2bd57:T=1668904586:RT=1668904586:S=ALNI_MZlwhV33-vziDb1IgXO8-V8uyZWLA
.lb.ua/	1970-01-20 09:44:40	Name: _fbp Value: fb.1.1668904586395.2127448525
.doubleclick.net/	1970-01-20 16:56:40	Name: IDE Value: AHWqTUnRuiof6sPW3lk5qpbvfAMbG6aG4gOSUUddRdsKVyhwNjxpIKKCUAq1-B5IoJU
.doubleclick.net/	1970-01-20 07:35:05	Name: test_cookie Value: CheckForPermission
.pubmatic.com/	1970-01-20 07:36:30	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 09:44:40	Name: d Value: EHABCQHPJ4EA
.quantserve.com/	1970-01-20 17:05:18	Name: mc Value: 6379768b-5543c-e83ed-5bc11
.casalemedia.com/	1970-01-20 16:20:40	Name: CMID Value: Y3l2i4SEVuath4RrUluYUQAA
.casalemedia.com/	1970-01-20 09:44:40	Name: CMPS Value: 698
.casalemedia.com/	1970-01-20 09:44:40	Name: CMPRO Value: 698
.pubmatic.com/	1970-01-20 09:44:40	Name: KADUSERCOOKIE Value: 201C3FBE-F1C7-4261-A174-8631897251E3
.doubleclick.net/	1970-01-20 07:35:08	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 09:44:40	Name: CMTS Value: 4553
.e.dlx.addthis.com/	1970-01-20 17:05:18	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:05:18	Name: na_id Value: 2022112000362700041830464271
.addthis.com/	1970-01-20 17:05:18	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:05:18	Name: uid Value: 6379768babb7141c
.addthis.com/	1970-01-20 17:05:18	Name: ouid Value: 6379768b00017315a18311411c85a42c08ecce6f9b4afea41b10
.dlx.addthis.com/	1970-01-20 08:18:16	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:18:16	Name: na_sr Value: 20221120
.dlx.addthis.com/	1970-01-20 07:35:04	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:18:16	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=2102047288&pi=t.ma~as.4850579085&w=320&lmt=1668904573&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668904585792&bpp=2&bdt=389&idt=216&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7107775788609&frm=20&pv=1&ga_vid=1661487710.1668904586&ga_sid=1668904586&ga_hid=1345032121&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44770881&oid=2&pvsid=2210230456836934&tmod=289806516&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2ttsfWapSM&p=https%3A//lb.ua&dtd=220 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEA4BKFtf6VVGjTrNiLL8Jmw&google_cver=1&google_push=ASkJ3FaeU9iNSJ2AaNKahy_1fSwdOTzI9PMjMIK9oeGOQt_Z5NYVHJZQMn49auUmdLWnxq5-5X3tqN1X0HW3nyjseAmbu7VxsO7cHA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FbEpKwptQ7NA3jurQWFAFxgvDHps03wEi43s1S91RXbyaaTqsQQIUPMBkLe8RqSJHFzHO97F2ToW7s4enc0XqwTfE3uqneN&google_gid=CAESENiguBnG3fx_FToMeQ6Rdu0&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.lb.ua
id.rlcdn.com
image6.pubmatic.com
lb.ua
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.nl.eu.criteo.com
rtb.openx.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.111.215.191
142.250.185.98
157.90.133.197
172.64.154.237
178.250.0.160
185.64.190.78
2606:4700:10::6816:3e78
2606:4700:10::6816:3f78
2606:4700::6811:190e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2003
2a00:1450:4001:803::2001
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9a
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::8
2a02:2638::3
2a02:2638::b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.98.67.61
35.227.252.103
35.244.174.68
69.173.144.139
00c2f6f71af570c619a4188e7298bbbb08064450b631b6ce11b14976501b2c53
01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227
0167bdd1264c47f7a2d533e10a38378d25140aaf68e7c7d3da8bc0e28b9cd9af
049ae3e8897d6a15b81025034056fbf440853dd781cc4845ad943ea1fbb20eb3
056d2571223a6b9049f5e5f26fd66adf1dac013805b721dd4f02e53c561f7940
081d7e5024e08d15ceef53249ef49815f86e7f65214f9a12ded4ddc67741a63d
08a0f5712347241c7101192424f48c3f7dd3be0bbc9d897a516f330e5237b0a0
091bc0c7e63ff7362b31e89d2bebef94b5f4973850d433dab1786ce312258ec6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d603422b1f57a841c5b6d64f2d610085de7035e308aea8f0125a7631b169ac5
114fe37e276e8d562fd647b75c94b7f1ab5e28cbf7a4be12508cc0ee2ad8e1c0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e9ecd9b9450ead84c8958036c4b559dfd68ebb3a6a487e4382401c8ce82032d
1f4c0196b8ebe03195774b7974e11424773a4b29ede4edc96105c1e2fb568282
29de5e063d80356c804381132d7eecc1c3d59f341d41bcbc1de48d4343da8f2b
2f92d1332322e2edca7291c0dae6ee758636e6b14ecac6dc14bb1c9842ef9fcb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331b751951a88a634d0a006071758a43a0cd986e7238788ac251fdb8626550af
343446c56656d260051ff79b79f09f84a5b5301a4ca3039c18e91ab3f417eb25
345696ba51b52a284240a013bf578cb92e36189fe47c6b1414ab5992cd2cbbfd
3562a4c8eadcae224e188982b00f90ebe24c8f65ff06f79fc716ec8536909970
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
4000f9769b5ffb5ab29c277c6fdd1e7861b978dcd748765d64fb7c6f6f3707ee
4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62
431fdae328a9806b04513093bc504208128f92d059b05da41be9daa25b436db0
44d1a63e33561c609b4b66cf52c9839f44c42136605af7f5e5f4e14ef2a708af
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47c83c11a3ae8458dbaded92c36539d2e3c1ec441c835cf888524e8315edbb48
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c7f4a331bbce912cc40e9aefe4059339f14669b1b3ffebf1b93d62939c699a0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53e1904dd0429fc810ab68450369e670d5f2879db79fd82535d4aa18e82e747e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58ab5d88e2bb952a13e91e0429a4f5c2dddb3272db5a70ddba25e97f9eb7bccc
5973a55582726d2deae77327d9014ffa30a969b13f3363e9cbb6418c9020d1b9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61b7f9e9272dd0b5571db39ba73983acc3e62a6a91dbbbe8624b334349b3d50a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
667c9f2b41cb46ee29731a770900e2c38832b11df5ae977051fa79999129dab5
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6874e7ca7ea1e50957efa9332fab3acc1173ff310e8fd0e03de39f63bfe41067
6d822a1e33340d071e7af54d5e40d1a2f7f6265095877941d8778efd89756d85
6fe017a31f623a16374d3b8e1ae3b002e178f3d80ea3e7c9cf580ff6de91239a
7027d4f4817e4725bc3aaa07b3ce4b9275cc51e51303570fe5df3818116c0acb
713c6f8344a7978008140ca17717f1f54d9cef0c7685cfb1052ce06bf6b46ca4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
763c9f2ef90aadc666b5b232e1effb0b3bb0196e648d9f0201ed3964fe8ece2f
769e443d1e12dd6d02fe7941d145a017eeedb4856373897afc1165d37fe1ae40
76e1f77e705ed3aad03d426d26676910620ec516ea8ddd928be6c5de26ed6d58
783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7b48a3e889f46f7cd65b2bb55abdbfef6d084303b5b0c30c3269aecdba1c8c28
7f4984eb25c997955224586d3ff38cd218381eaf327e4de02f899505a351fb76
836415bd09d4f84910b78f75b4ddfe37b352ae607d0b21535fde13e3325f790c
83a5e842b5cd049ba686f63778b0110e1f538635526eaea9a7574e181425a4dd
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8591f84efed4c1f82c337536c27a1c2987c51a6601b065bbe6919a30a83aecae
8632494a203fc40e760f9d9955f7f08011b606d251ffb6bac7a3036ac6712b1a
8b678325b17ef02560db7aee278e523970aa2d0492e7ab2a30bfaddbe3d43a24
8ca05c81489ac73781d4079dc541fd14fe5f23481c9ae3b4f743040f1d6cc50c
8d27d5f59a4f04921c725c45f98aeb43c5637a3fce34cecf15575ab0d08aa742
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91832a2dfa6bc2c14ccd174dd598aa820b181839452b5d052a41add5d2144837
9218dccea3208838846ae6e41e5e802e54d2d01c2ad8ec56eaf2b02d9973a422
95307c02b29989bc222247fc8ec742b548e93a39bec409e1577b5aaba4f8d00d
95ff0aac503df6c8c6c201bb600dcbeed8922adfb3861043bc1524603c72c8ba
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3284398d1316e4e1cbcbf03d459df53306c748ee936d0aec94e76b660cb6da3
a409051ecd62a64cf828b2a0a9c132ff2f426edc972b815e22f6649d85cd066e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac6f72e73e1f013a400ca3e625ed75bf28327d3086ee553e77ed6df648e67c86
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d
b22e582525ba97f151761f0907fc8c7d72f3b86f42f9a3f56b4f753f68c549c4
b3bfef11746c08f9795a9c1039b231dceed81c5a7971f9ade021f4f0339d17fe
b4e47be54d89a115bc99610487dcd03b2a26ffa9bce8ed87adb2863051610272
b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd
b6e6f52470205c39f600f36350b748db7e9e08303bc21902e22f64809f6d9fcd
b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6
ba36e0984d4ea7ed54d9430684445fbe28a7d83bf5bb4a3f2508046ea31a3f48
c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678
c851e696f8a140968b5907d04e5672c9265ddc0793ab6327f8c7fa65c576fea5
c9ed9c0563530c72bec500e1bd72dad05a9a559011e3642c6155063b8bdc0c54
cb8c2ebed4513ded7b3b8dad520061647d984a19080dccd3b35b0ff5011221ab
cd8d97873dd83f12c15807335ceaf6123fcfd7d82492d56cc260903fad53f588
ce1612e21a43ba44bd74f8c2d139e802bc61c32c547d1186ce2e49cbf224d358
cff62c6844dab4f7fb39f316ad8f38236e37c9a41de5a516bc10541fda33c7f8
cff7ebff4554bf7afd6b96b78c34ce178549ffc7d835edfefcca018843d44e00
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d1d9ee66d16e480a03b0cda557323d07a4a5c900254690a70ddd7c0491757ffd
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d71d6f235536c1696ed6590061e706480aa5213eeb88c9932c0e8dd8c8057258
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da8d1f8585e4ecf6e4bc1cadf951986142ad3d5af28132c1e806a3235892aebb
e04db50eb39e00455f7e0515a6eca4da4a52f9aaa3c252f5dbbf0662e1f8e66b
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e9a755dc37f97e0fcfe8d13c682caddfb324422a09c6ce6b86862fd5f5b8f2
eb6b37e3df9edac28b44a7851c5f67488c4e8e96de183de0219fae0e8b783f8a
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ec03f62ab0bd310edaac4018262c550e1d1756f1bc636b574613bac638cf70fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30e92a98d9b0a8b3ebed2efc24510d671a4799fcaf556ec051778a0aeb9fc62
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0
f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9b28965adf6949c3462bbb324cf355713d9801d69c6d32fa5a3ac56e1291491
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fc1e96eda94fe216934f29844f7a76e742d0584436ee5c6ff80a9fe83c0f800f
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

lb.ua Open in urlscan Pro 2606:4700:10::6816:3f78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

95 %HTTPS

72 %IPv6

24 Domains

36 Subdomains

31 IPs

5 Countries

3216 kBTransfer

5734 kBSize

28 Cookies

15 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lb.ua Open in urlscan Pro
2606:4700:10::6816:3f78 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

95 %
HTTPS

72 %
IPv6

24
Domains

36
Subdomains

31
IPs

5
Countries

3216 kB
Transfer

5734 kB
Size

28
Cookies

176 HTTP transactions
8 data transactions