lb.ua Open in urlscan Pro
2606:4700:10::6816:3e78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lb.ua/
Effective URL:
https://lb.ua/
Submission: On November 24 via api (November 24th 2022, 12:36:53 am UTC) from GB — Scanned from GB

Summary HTTP 183 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 24 domains to perform 183 HTTP transactions. The main IP is 2606:4700:10::6816:3e78, located in United States and belongs to CLOUDFLARENET, US. The main domain is lb.ua. The Cisco Umbrella rank of the primary domain is 371173.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2022. Valid for: a year.

This is the only time lb.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:3f78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:10:... 2606:4700:10::6816:3e78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
41	157.90.133.197 157.90.133.197	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
20	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
25	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:21f... 2600:9000:21f3:1600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
6 6	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
6 6	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.157.182.139 35.157.182.139	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:72a2:2127:6a05:29c2	16509 (AMAZON-02) (AMAZON-02)
183	31

1 2606:4700:10::6816:3f78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6816:3e78 (United States)

ASN13335 (CLOUDFLARENET, US)

lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 157.90.133.197 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.133.90.157.clients.your-server.de

i.lb.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.78 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.33.19 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.182.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:72a2:2127:6a05:29c2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	lb.ua 1 redirects lb.ua — Cisco Umbrella Rank: 371173 i.lb.ua — Cisco Umbrella Rank: 613079	2 MB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	450 KB
36	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 94 cm.g.doubleclick.net — Cisco Umbrella Rank: 207	349 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 601 pix.eu.criteo.net — Cisco Umbrella Rank: 6719 csm.eu.criteo.net — Cisco Umbrella Rank: 6774	45 KB
8	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	6 KB
6	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450	6 KB
6	pubmatic.com 6 redirects image6.pubmatic.com — Cisco Umbrella Rank: 681	3 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	72 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	237 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 314	1 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1486	620 B
3	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 932	568 B
3	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 649	1 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12553 ads.eu.criteo.com — Cisco Umbrella Rank: 6648 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8266	51 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5405 adservice.google.de — Cisco Umbrella Rank: 7898	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	112 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 339	17 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1473	296 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 587	761 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 566	98 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1426	752 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	692 B
183	24

	Domain	Requested by
41	i.lb.ua	lb.ua
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	lb.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	cm.g.doubleclick.net	lb.ua googleads.g.doubleclick.net
11	lb.ua	1 redirects lb.ua
7	static.criteo.net	ads.eu.criteo.com
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	ssum-sec.casalemedia.com	6 redirects
6	image6.pubmatic.com	6 redirects
6	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	pix.eu.criteo.net	ads.eu.criteo.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	pixel.rubiconproject.com	3 redirects
3	rtb.openx.net	googleads.g.doubleclick.net
3	odr.mookie1.com	googleads.g.doubleclick.net
3	cms.quantserve.com	googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	lb.ua securepubads.g.doubleclick.net
2	www.facebook.com	lb.ua
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	lb.ua connect.facebook.net
2	ssl.google-analytics.com	1 redirects lb.ua
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	lb.ua
1	stats.g.doubleclick.net	1 redirects
183	36

This site contains links to these domains. Also see Links.

Domain
en.lb.ua
www.youtube.com
www.facebook.com
twitter.com
t.me
youtube.com
depositphotos.com
irf.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.lb.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-07` - `2023-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-02` - `2022-12-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://lb.ua/
Frame ID: EEA691EF773465732A233A960765B50A
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 5C8CADC9017BC79A175127EC5C8EC065
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1669250193&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A16777344%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206671&bpp=5&bdt=341&idt=197&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5253954939014&frm=20&pv=2&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: FDCCD135016FDF1F106BE28A3390DE21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1669250193&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206676&bpp=1&bdt=345&idt=236&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=72u3lLikPs&p=https%3A//lb.ua&dtd=241
Frame ID: 235801DF1F4F533E8CCB119AF2118F56
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&slotname=9952089888&adk=2082505381&adf=3812907723&pi=t.ma~as.9952089888&w=336&lmt=1669250193&format=336x280&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206677&bpp=1&bdt=346&idt=266&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OIEjptBstJ&p=https%3A//lb.ua&dtd=269
Frame ID: A6CF891D27C3B84551BBC8B80092B046
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1669250193&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206678&bpp=1&bdt=348&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PPvPV25oRd&p=https%3A//lb.ua&dtd=290
Frame ID: 688ECBA3852F795D5C54EA728FC3D543
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37
Frame ID: 5769DE4246CF0D2A3C5AC8739578AB67
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40
Frame ID: C24A48E66B24E195EE8BEC5BE6DCFCFE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43
Frame ID: 50B526204E28DFFCF186EFD79CB3F0F8
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 179F7D28D21F9320D53CA6D6064DE844
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y368nwAA8CEKd7gYAAm8_V8UJrn1qwKLwDliGg&u=%7CHeVaUTOEtx3CFHyXhrdebkFFXKA6KHPgCpD1B5tivxg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zttQDCaFjc2pDW6MOoh1ZQ7WLK4BPH2dEIxfcdX9T49MZYtmdmECF-XkCF1lu4PJawA4u5piNi1JJHWPmGzKRMoE2se220X0sdDaqPP5r_Gpp0_5umTOmDdn-oBkK4mb6xF4IwOH1Qk7gG_izi5lzNrqQWu-lGioNb07Cf0_hal7-h05Fpc_em3YS6VqBzBv-cHICjybQBiqg3YjGb8m-GQGEB1DsDNHKprzYi7RsdrUeW8JByZGqTQVmnF23c47gtSjdRmQ7lpIKoYKiZJDFcp3wsxBK-qKIeF9X7ERacn0e4suRmiEHTSYOCp0EhAUZDSVTSHyJExx_6-OjK5x6z9j7VwXV2ZAEhtl338v74F46ZhNIc7wl4ocieF6Bxx68wvj1tZHempnkJK5VVOzapaPhaB6br-adsI7an8Bs5tjNBnIRU0CEdJ40qXP6rt30CEPYMzo6IBPSBeF5uRbllhq-2p52YCAxTapMmMyuMwQC6BX15JwM-bwnpKcM9QeLRGlfOQ-4okfa3pwVIW1hO16M5DA6PBgKtdIe7dNzjSX3Db8riwH95w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNsgn7x-Y6HgA5jw3gP9-abABsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MDk2OTMyMDY0NTg1MDgwyAEJqQKB7LC4UXGxPqgDAaoE2AFP0DeGVgMtlKMW8HzlqYKgMXbEWq5yXU98A3s5B3Z6206N0yE9IPL7U9uk7qsE-zQ1-ymVdoOAKcevZCkP4_cx1SgCTdYNp5Al46UNTr_P0i3dkn6mxZT3_D692H3hVElp03YLEcRgdO7y7qmra3wz3rO5XQMPb8p96MuYdUYBHKWtuNni09IKPKP4PXRAVaJ7GI_tCTqXysJSWR-LqSDqKUFBqaFEwalb_NKxUG8ag_fTbGry_aML6VeZ3Z_95c8gyuBL-L9nhylYD3tKZj7iM90cK__-rgmABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hyolKdd5AmjRvF7kMuH543IgE-Q%26client%3Dca-pub-6096932064585080%26adurl%3D
Frame ID: 7EBDA4DA21AF88C0275177E9F587EC33
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: BE51AF231B365859A7CEC144CA48A956
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F2AFA947B93C6F937979852B87F215F8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80CF7FE2FA407B7D8E02BA4E0FDD8415
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5809662A075E5624B6099E650D5AC9D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CF0BEDE001B2347F5DBA230C54349078
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: A73134AEC7F90CD3BD003E682DFB2511
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F1168C1A50AF2B127C9D2F9CA47F477F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BCA5D935956D12E83005687F06DC3315
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 8ACECC637777D031F25C4C40F5DE3B56
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: F325770A7515F14F8E244C72CE4AF6B1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AC9A75610B69788F495D097873FDB70
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC56D0C007869585600509F945E994CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України від LB.ua: оперативна аналітика української політики, економіки, новини культури та спорту

Page URL History Show full URLs

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

183
Requests

94 %
HTTPS

72 %
IPv6

24
Domains

36
Subdomains

31
IPs

7
Countries

2924 kB
Transfer

5480 kB
Size

21
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://en.lb.ua/
Title: ENG

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_wMhlGmskE2Ue-400XjofQ
Title: LB Live

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%D0%9B%D1%96%D0%B2%D0%B8%D0%B9-%D0%91%D0%B5%D1%80%D0%B5%D0%B3-LBUA-111382865585059

Search URL Search Domain Scan URL

URL: https://twitter.com/lb_ua

Search URL Search Domain Scan URL

URL: https://t.me/lbua_official

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/LBTV_channel

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?app=desktop&v=gF_MUgXodSQ&feature=youtu.be

Search URL Search Domain Scan URL

URL: https://t.me/+veE48tT66I41Mjc6

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=54oHRgSrpWA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0E5gRf2TDtU&t=4s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=xF_kG4FTnJU&t=603s

Search URL Search Domain Scan URL

URL: https://youtube.com/watch?v=eL6knePAdJw

Search URL Search Domain Scan URL

URL: http://depositphotos.com/?utm_source=LB&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: http://irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lb.ua/ HTTP 301
https://lb.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1557394734&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D0%B2%D1%96%D0%B4%20LB.ua%3A%20%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D0%B0%20%D0%B0%D0%BD%D0%B0%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%97%20%D0%BF%D0%BE%D0%BB%D1%96%D1%82%D0%B8%D0%BA%D0%B8%2C%20%D0%B5%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%96%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D1%83%D1%80%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D1%83&utmhid=1346098499&utmr=-&utmp=%2Flb%2F&utmht=1669250206702&utmac=UA-10143123-13&utmcc=__utma%3D5405166.80024744.1669250207.1669250207.1669250207.1%3B%2B__utmz%3D5405166.1669250207.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=460557952&utmredir=1&utmu=qBCAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734&slf_rd=1&random=701146237

Request Chain 144

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJmL94yM1uoo089h1OqzDs8&google_cver=1&google_push=ASkJ3FaN3d9Mv6fgW1p8QC6IZTUeTREV08_YXQtz0LQF7j-VVNaHRCroRJ6gUt3E7k56y5gF47RTYMD3FhxNF3pbKXLlnIF0B2AAnQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJmL94yM1uoo089h1OqzDs8&google_cver=1&google_push=ASkJ3FaN3d9Mv6fgW1p8QC6IZTUeTREV08_YXQtz0LQF7j-VVNaHRCroRJ6gUt3E7k56y5gF47RTYMD3FhxNF3pbKXLlnIF0B2AAnQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g7bdJo4pTha8tlp-CDfPqg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaN3d9Mv6fgW1p8QC6IZTUeTREV08_YXQtz0LQF7j-VVNaHRCroRJ6gUt3E7k56y5gF47RTYMD3FhxNF3pbKXLlnIF0B2AAnQ

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKty0JTlHXwEzPdJwP9gfiw&google_cver=1&google_push=ASkJ3FY9HPY_u0PlouFF9dLrtrm9Ca_A1G-ZTOvTS01D-tuDxW8MbICVSZCw2R3nwPc4OhWZjSemvkjZZRD9C2pabi2czkam0tZfpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0gzWk8tMUQtQkRXNg==&google_push=ASkJ3FY9HPY_u0PlouFF9dLrtrm9Ca_A1G-ZTOvTS01D-tuDxW8MbICVSZCw2R3nwPc4OhWZjSemvkjZZRD9C2pabi2czkam0tZfpw

Request Chain 146

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_cver=1&google_push=ASkJ3FbMePGpxHUkT5WeKdVaeJrUfiOD3FUxNIoD7FSQXMAvGnAodH7ucZ-vF3JpUtK7CmNvTsNqMmhMq0h8bSmnjrc7v_ebk72V6A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_push=ASkJ3FbMePGpxHUkT5WeKdVaeJrUfiOD3FUxNIoD7FSQXMAvGnAodH7ucZ-vF3JpUtK7CmNvTsNqMmhMq0h8bSmnjrc7v_ebk72V6A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3FbMePGpxHUkT5WeKdVaeJrUfiOD3FUxNIoD7FSQXMAvGnAodH7ucZ-vF3JpUtK7CmNvTsNqMmhMq0h8bSmnjrc7v_ebk72V6A

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://d.agkn.com/pixel/2175/?google_gid=CAESEIOWn215BvZe0Uu8q5Z1Cz8&google_cver=1&google_push=ASkJ3FYpQHbWJ7StzyCqWApvxVKortCq2l_pI5qavu0VWDGE0iIYSZ6RI--U3e-1RcZ54pgVMXcT2u5HvZyIlT-c_mhNAaAMScQ_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYpQHbWJ7StzyCqWApvxVKortCq2l_pI5qavu0VWDGE0iIYSZ6RI--U3e-1RcZ54pgVMXcT2u5HvZyIlT-c_mhNAaAMScQ_&google_hm=Q0FFU0VJT1duMjE1QnZaZTBVdThxNVoxQ3o4

Request Chain 158

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEv0e_lQxGymhCWS8z3Rrfs&google_cver=1&google_push=ASkJ3FaDqxR3p0Cp1YxGaXTWZIodtRyuMQQMgaG1VyRiMCid-yjUxxbaCaiyu-pJF4kz9zGwp-TeMvVqBrHAGyDO4zV4aFQwIOtz HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEv0e_lQxGymhCWS8z3Rrfs&google_cver=1&google_push=ASkJ3FaDqxR3p0Cp1YxGaXTWZIodtRyuMQQMgaG1VyRiMCid-yjUxxbaCaiyu-pJF4kz9zGwp-TeMvVqBrHAGyDO4zV4aFQwIOtz&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_FPhi7WBTzueHCbxyUfZ0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaDqxR3p0Cp1YxGaXTWZIodtRyuMQQMgaG1VyRiMCid-yjUxxbaCaiyu-pJF4kz9zGwp-TeMvVqBrHAGyDO4zV4aFQwIOtz

Request Chain 159

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL-OW9-biRSiMvOHBMC6bTM&google_cver=1&google_push=ASkJ3FaS36B2HYkTNOoCOi-hDsz7N65TMMv3NzIWKtb4swiQKCoNfiqFT6CeYuzjk7j5ONIMmv5T3YGUrPDq7x7KAIHmGCKGQiKs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MFUtMjEtNVQxWQ==&google_push=ASkJ3FaS36B2HYkTNOoCOi-hDsz7N65TMMv3NzIWKtb4swiQKCoNfiqFT6CeYuzjk7j5ONIMmv5T3YGUrPDq7x7KAIHmGCKGQiKs

Request Chain 160

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_cver=1&google_push=ASkJ3Fbee4HzzoNaF5UHBsaq4U_Z3B2U2xJmMkNvgNAQV3PuAp1f-S8OcZYqjlJO1Ai30vGumV7C7h-rXVJX5h0PKdTYrhQ61sk HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_push=ASkJ3Fbee4HzzoNaF5UHBsaq4U_Z3B2U2xJmMkNvgNAQV3PuAp1f-S8OcZYqjlJO1Ai30vGumV7C7h-rXVJX5h0PKdTYrhQ61sk&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3Fbee4HzzoNaF5UHBsaq4U_Z3B2U2xJmMkNvgNAQV3PuAp1f-S8OcZYqjlJO1Ai30vGumV7C7h-rXVJX5h0PKdTYrhQ61sk

Request Chain 164

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 169

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED4fnT6ZCqJfEv3TB0anXbI&google_cver=1&google_push=ASkJ3Falv_1m5AezHXH25XWf9nd3PcJq0xzjDDpJYpT7c-2h63IrXU2FHRXx7zP1ykasreY3eNyWENcx6b3spKYcWSRYuW_Rn-KE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED4fnT6ZCqJfEv3TB0anXbI&google_cver=1&google_push=ASkJ3Falv_1m5AezHXH25XWf9nd3PcJq0xzjDDpJYpT7c-2h63IrXU2FHRXx7zP1ykasreY3eNyWENcx6b3spKYcWSRYuW_Rn-KE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=163IJEN1Siunk8Q0IEMX_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Falv_1m5AezHXH25XWf9nd3PcJq0xzjDDpJYpT7c-2h63IrXU2FHRXx7zP1ykasreY3eNyWENcx6b3spKYcWSRYuW_Rn-KE

Request Chain 170

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP_vqpb1bXgSfWrrzp0oGAI&google_cver=1&google_push=ASkJ3FY0MpzSuF4vn30VeZrrxed9xnE062oiRF_GuJTCsYjKMAuS8SlvAyv0kF0khkzCGnqWnQUFnMIiSGt4nEuHUDztm3AXhUff HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MUUtMjgtOVVNNQ==&google_push=ASkJ3FY0MpzSuF4vn30VeZrrxed9xnE062oiRF_GuJTCsYjKMAuS8SlvAyv0kF0khkzCGnqWnQUFnMIiSGt4nEuHUDztm3AXhUff

Request Chain 171

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_cver=1&google_push=ASkJ3FaVn72H8-GDtdl7QwLO3AIFZY-SpoMPiHqHMpggRu1VV5HMAOSOG9zpdhYsw8LDkSudkvN1xPKXd3a1JpplJnUlNbomHbyK HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_push=ASkJ3FaVn72H8-GDtdl7QwLO3AIFZY-SpoMPiHqHMpggRu1VV5HMAOSOG9zpdhYsw8LDkSudkvN1xPKXd3a1JpplJnUlNbomHbyK&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_hm=Y368oOHcY9UsMkAHy0qQygAAAskAAAIB&google_nid=index&google_push=ASkJ3FaVn72H8-GDtdl7QwLO3AIFZY-SpoMPiHqHMpggRu1VV5HMAOSOG9zpdhYsw8LDkSudkvN1xPKXd3a1JpplJnUlNbomHbyK

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

183 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lb.ua/
Redirect Chain

http://lb.ua/
https://lb.ua/

79 KB
19 KB

146ms
53ms

Document
text/html

2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0
Resource Hash: 7f93ae7e79e92e67a458b49e57691f2c0bb17aeff22f588cb5df37a4a04a5580

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 13
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 76ee127d59968895-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Thu, 24 Nov 2022 00:36:33 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: ARR/3.0

Redirect headers

CF-Cache-Status: EXPIRED
CF-RAY: 76ee127bf974dd5c-LHR
Cache-Control: max-age=120
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Nov 2022 00:36:46 GMT
Location: https://lb.ua/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 ptsans.woff2
lb.ua/media/1547/news/fonts/ 104 KB
104 KB 52ms
50ms Font
application/font-woff2 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/fonts/ptsans.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
age: 12
etag: "70232cbbdacd81:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127dda088895-LHR
content-length: 106704

GET
H2 200 ptsansb.woff2
lb.ua/media/1547/news/fonts/ 106 KB
107 KB 72ms
71ms Font
application/font-woff2 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/fonts/ptsansb.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
age: 12
etag: "70232cbbdacd81:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127dda0b8895-LHR
content-length: 109012

GET
H2 200 icons.woff2
lb.ua/media/1547/news/fonts/ 65 KB
65 KB 71ms
69ms Font
application/font-woff2 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/fonts/icons.woff2
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://lb.ua/
Origin: https://lb.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
age: 12
etag: "70232cbbdacd81:0"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127dda0c8895-LHR
content-length: 66624

GET
H2 200 style.css
lb.ua/media/1547/news/css/ 58 KB
15 KB 71ms
70ms Stylesheet
text/css 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/css/style.css
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769e443d1e12dd6d02fe7941d145a017eeedb4856373897afc1165d37fe1ae40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 09 Nov 2022 14:27:57 GMT
server: cloudflare
age: 12
etag: "4fd3a67647f4d81:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127dda0a8895-LHR
content-length: 15701

GET
H2 200 jquery-3.1.1.min.js Show response
lb.ua/media/1547/news/js/ 85 KB
30 KB 71ms
70ms Script
application/javascript 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/js/jquery-3.1.1.min.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
age: 12
etag: "02bf4abdacd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127dda0d8895-LHR
content-length: 30164

GET
H2 200 common.js Show response
lb.ua/media/1547/news/js/ 72 KB
19 KB 70ms
70ms Script
application/javascript 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.ua/media/1547/news/js/common.js
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
age: 12
etag: "02bf4abdacd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127dda0e8895-LHR
content-length: 19042

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 223ms
100ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18ecaccf7bb1497f3a0fbf75c6d5318623b43b145abc42dd7efb2aa82e85383a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49675
x-xss-protection: 0
server: cafe
etag: 6637013834833950238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 00:36:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 186ms
65ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1401 / 166 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Nov 2022 00:36:46 GMT

GET
H2 200 logo.white.png
lb.ua/media/1547/news/img/logo/ 21 KB
21 KB 61ms
60ms Image
image/png 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1547/news/img/logo/logo.white.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1547/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1547/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:13 GMT
server: cloudflare
age: 12
etag: "db1d8abdacd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127e9ac28895-LHR
content-length: 21495

GET
H2 200 sprite.png
lb.ua/media/1547/news/img/ 13 KB
13 KB 52ms
52ms Image
image/png 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1547/news/img/sprite.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1547/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1547/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:14 GMT
server: cloudflare
age: 12
etag: "5608bbdacd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127eaadb8895-LHR
content-length: 13544

GET
H2 200 637e4db919fde.jpeg
i.lb.ua/111/37/ 77 KB
78 KB 466ms
299ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/111/37/637e4db919fde.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d1d94446ecd93e19b278ea24b175d0e9a777793d2e22ec563aa2ba2090b28b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 16:43:37 GMT
server: Microsoft-IIS/10.0
etag: "4a79eabb5affd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 79332

GET
H2 200 637e4dca169ad.jpeg
i.lb.ua/001/23/ 84 KB
84 KB 467ms
301ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/001/23/637e4dca169ad.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4d7bcfdb0bda759f1238d1c6a70f8c45a618229722f20d59f5cc22ed01d4df0c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 16:43:54 GMT
server: Microsoft-IIS/10.0
etag: "628812c65affd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 85548

GET
H2 200 62211d74032b5_200_130.jpeg
i.lb.ua/074/39/ 5 KB
5 KB 407ms
241ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/074/39/62211d74032b5_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Thu, 03 Mar 2022 19:56:36 GMT
server: Microsoft-IIS/10.0
etag: "5da632ca382fd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5527

GET
H2 200 637ea1f8d544a_200_130.jpeg
i.lb.ua/088/62/ 6 KB
6 KB 515ms
349ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/088/62/637ea1f8d544a_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 89ff723d234c9777329556a085f4b52bd3a283525773c6c1ef8c77961160cb79

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 22:43:05 GMT
server: Microsoft-IIS/10.0
etag: "115667f38cffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5967

GET
H2 200 637e5b9d0bd14_200_130.jpeg
i.lb.ua/111/11/ 7 KB
7 KB 515ms
350ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/111/11/637e5b9d0bd14_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 69b7dd1aee6432df156ba312cf76b50b95ea23b09a9cec18605beb5d6be08862

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 17:42:53 GMT
server: Microsoft-IIS/10.0
etag: "f8aa7f363ffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7599

GET
H2 200 637e8baabf7d9_200_130.jpeg
i.lb.ua/093/35/ 8 KB
8 KB 522ms
357ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/093/35/637e8baabf7d9_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 7ad691c74c06f85c961bca790b97221efb4587066fba72fe6c0b9c7e36359e9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 21:07:55 GMT
server: Microsoft-IIS/10.0
etag: "45fdf2a77fffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 8422

GET
H2 200 637e7e5035a92_200_130.jpeg
i.lb.ua/104/15/ 7 KB
7 KB 201ms
66ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/104/15/637e7e5035a92_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 051e7afd33d9455b6a77348dc4ace92eb8f3c633f5fe0b5a940418b3cba89f8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 20:10:56 GMT
server: Microsoft-IIS/10.0
etag: "3aec49b277ffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7368

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Nov 2022 22:50:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6352
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 24 Nov 2022 00:50:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 159ms
52ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Nov 2022 00:36:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 4ItpgEriUlEfW8OVloKEg9dYpQjAWT3bwCI3/HM6MLXD+Ju/UgB7eIzfxVTSmMVRUBZzSiwLN+E0L+JeRufbgw==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scrolltop.png
lb.ua/media/1547/news/img/icos/ 333 B
409 B 51ms
50ms Image
image/png 2606:4700:10::6816:3e78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lb.ua/media/1547/news/img/icos/scrolltop.png
Requested by: Host: lb.ua
URL: https://lb.ua/media/1547/news/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/media/1547/news/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 13:28:13 GMT
server: cloudflare
age: 12
etag: "7488f0abdacd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 76ee127ecaf78895-LHR
content-length: 333

GET
H2 200 637d38dbc95f5_200_130.jpeg
i.lb.ua/099/05/ 6 KB
6 KB 227ms
174ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/099/05/637d38dbc95f5_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4bd0584d66bed09bf2b25306f0ae6094ed049b659c5a647d0520efa17e873fd9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 22 Nov 2022 21:02:20 GMT
server: Microsoft-IIS/10.0
etag: "4b95e8b5b5fed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6504

GET
H2 200 637c8f181136b.png
i.lb.ua/074/39/ 42 KB
42 KB 362ms
359ms Image
image/png 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/074/39/637c8f181136b.png
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 06730f71edb2823ab78f1668f0508e5686ccf4714ed27f936a3fb1b25207ff4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 22 Nov 2022 08:58:00 GMT
server: Microsoft-IIS/10.0
etag: "3aa8bb8550fed81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 42598

GET
H2 200 637d6a4929f1f_200_130.jpeg
i.lb.ua/053/36/ 9 KB
9 KB 362ms
360ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/053/36/637d6a4929f1f_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 71edc3edb39499f40634c5836431b15240382dbca10c6372e9d89b004d2dec4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 00:33:13 GMT
server: Microsoft-IIS/10.0
etag: "57dd2bd3fed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 8743

GET
H2 200 637e355576579.jpeg
i.lb.ua/090/51/ 31 KB
31 KB 296ms
243ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/090/51/637e355576579.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: d91d510f3c93bf425d89437e1d18c99fac8319384cab35ab8027d8d6bdfa88a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 14:59:33 GMT
server: Microsoft-IIS/10.0
etag: "7d286e324cffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 32030

GET
H2 200 637de74b163f2.jpeg
i.lb.ua/051/15/ 27 KB
27 KB 412ms
359ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/051/15/637de74b163f2.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 1343fe7c02e3a3331fb711c186c554f0719f9c94842f8befc0cd04ad1a745642

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 09:26:35 GMT
server: Microsoft-IIS/10.0
etag: "8c5c61ae1dffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 27512

GET
H2 200 637de6becb6fd.jpeg
i.lb.ua/037/14/ 35 KB
35 KB 178ms
124ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/037/14/637de6becb6fd.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: ebade2ac5bbd5fbaf1d63ff98ae10fa938cb13d0d4a225ad395e3d93e2fdacae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 09:24:14 GMT
server: Microsoft-IIS/10.0
etag: "1f34c85a1dffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 35959

GET
H2 200 637de73271e8f.jpeg
i.lb.ua/026/30/ 7 KB
7 KB 412ms
358ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/026/30/637de73271e8f.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: a2065e197884ce25cd9ebeac75b08cd90e7db0e20f5bb953dc5744bdb3b3d5c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 23 Nov 2022 09:26:10 GMT
server: Microsoft-IIS/10.0
etag: "54ebb29f1dffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7520

GET
H2 200 637d42e4c0b27.jpeg
i.lb.ua/001/03/ 14 KB
14 KB 363ms
360ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/001/03/637d42e4c0b27.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: eea62f038032b0eeb198317b91cc807297a6eb1bd370bac2dc0b6f41cc6fbeeb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 22 Nov 2022 21:45:08 GMT
server: Microsoft-IIS/10.0
etag: "4a90f8b0bbfed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 14190

GET
H2 200 637cb28984ee1.jpeg
i.lb.ua/003/26/ 27 KB
27 KB 234ms
231ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/003/26/637cb28984ee1.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 0b30f1d4a704499d462fa476e91847581bcf700d870930122d4a7cbf5ea80227

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 22 Nov 2022 11:29:13 GMT
server: Microsoft-IIS/10.0
etag: "aaf1eca565fed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 27445

GET
H2 200 637c7add0e705.jpeg
i.lb.ua/102/34/ 20 KB
20 KB 363ms
361ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/102/34/637c7add0e705.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 06bb817b29df78051363578fec56951aad59c5122053db9ce1ed25a5f0191330

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 22 Nov 2022 07:31:41 GMT
server: Microsoft-IIS/10.0
etag: "c521cb7644fed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 20234

GET
H2 200 637cb313ac4f9.jpeg
i.lb.ua/014/18/ 24 KB
24 KB 364ms
361ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/014/18/637cb313ac4f9.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 373f27096c030f3e55e2455c6f85559f17708606c040211b2b9181f524841dd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 22 Nov 2022 11:31:31 GMT
server: Microsoft-IIS/10.0
etag: "bb245f865fed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 24211

GET
H2 200 637cb266b6ba3.jpeg
i.lb.ua/095/09/ 13 KB
13 KB 243ms
241ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/095/09/637cb266b6ba3.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e0767a5363399aeeb02d1111596dec7d6b18f6f66d5eb98491ac41f98a5713b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 22 Nov 2022 11:28:38 GMT
server: Microsoft-IIS/10.0
etag: "27503a9165fed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 12890

GET
H2 200 637b6cd99323f.jpeg
i.lb.ua/066/16/ 23 KB
23 KB 244ms
241ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/066/16/637b6cd99323f.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: bea328dcf0c82c98c0ce46181cacac43dfe68f0ee4b0a41a8aee0cf7b69c5c74

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Mon, 21 Nov 2022 12:19:37 GMT
server: Microsoft-IIS/10.0
etag: "5e2fd85a3fdd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 23941

GET
H2 200 637b6cc79e104.jpeg
i.lb.ua/048/53/ 30 KB
30 KB 364ms
362ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/048/53/637b6cc79e104.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6aaa79cf906df06c6d5045c6489330af4c2119f1a0177d8c2d904540bc4ca89c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Mon, 21 Nov 2022 12:19:19 GMT
server: Microsoft-IIS/10.0
etag: "765a4a7ba3fdd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 30307

GET
H2 200 63774216bee92.jpeg
i.lb.ua/025/44/ 16 KB
17 KB 184ms
182ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/025/44/63774216bee92.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: c851e696f8a140968b5907d04e5672c9265ddc0793ab6327f8c7fa65c576fea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Fri, 18 Nov 2022 08:28:06 GMT
server: Microsoft-IIS/10.0
etag: "11d34af27fbd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 16867

GET
H2 200 63653c8c2d69d.jpeg
i.lb.ua/059/52/ 4 KB
4 KB 296ms
242ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/059/52/63653c8c2d69d.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 343446c56656d260051ff79b79f09f84a5b5301a4ca3039c18e91ab3f417eb25

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Fri, 04 Nov 2022 16:23:40 GMT
server: Microsoft-IIS/10.0
etag: "3c3ca2cc69f0d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 3810

GET
H2 200 542be17fa9b12.jpeg
i.lb.ua/024/35/ 4 KB
5 KB 412ms
359ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/024/35/542be17fa9b12.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 5c648f86bb8be9cdc13191689a39adf2bb4bc7db598dedac8ed5f18eaebc717e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 01 Oct 2014 11:11:37 GMT
server: Microsoft-IIS/10.0
etag: "80ba9a7768ddcf1:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4565

GET
H2 200 60d4538a5f02b.jpeg
i.lb.ua/015/52/ 4 KB
4 KB 411ms
358ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/015/52/60d4538a5f02b.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: bc172828a6c179f7dbf8412af220f532bdddeb5fc4b8e0bd2a902ab26cafefcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Thu, 24 Jun 2021 09:42:34 GMT
server: Microsoft-IIS/10.0
etag: "38cb542dd68d71:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4020

GET
H2 200 637b5b623967e.jpeg
i.lb.ua/040/27/ 4 KB
4 KB 365ms
363ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/040/27/637b5b623967e.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d16d8c8a681cc33ca41ec6dcb3a1898dc515cadab70167b7d8a3b366feb64fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Mon, 21 Nov 2022 11:05:06 GMT
server: Microsoft-IIS/10.0
etag: "c798d61c99fdd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4081

GET
H2 200 6204cbbb46818.jpeg
i.lb.ua/123/27/ 5 KB
5 KB 366ms
363ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/123/27/6204cbbb46818.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f23e1498708c53c1cb17cac923419077b69eb6eed60cdd24bfd8bbf189ff6e01

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Thu, 10 Feb 2022 08:24:27 GMT
server: Microsoft-IIS/10.0
etag: "cf95679e571ed81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5130

GET
H2 200 6347bd7b0ce1e.jpeg
i.lb.ua/053/21/ 38 KB
38 KB 367ms
364ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/053/21/6347bd7b0ce1e.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: d4123026ffdacc6cf1d33449aa52952dab7ada93e667d54e25125d17bbbba5f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Thu, 13 Oct 2022 07:25:47 GMT
server: Microsoft-IIS/10.0
etag: "e899403d5ded81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 38883

GET
H2 200 5c751b327ac50_200_130.jpeg
i.lb.ua/038/43/ 7 KB
7 KB 185ms
183ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/038/43/5c751b327ac50_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: f6fcf69eaea919957c31b5334a776c871f44e582871329c3481ec2817805288e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Tue, 26 Feb 2019 10:55:45 GMT
server: Microsoft-IIS/10.0
etag: "eab0ed3c1cdd41:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7227

GET
H2 200 63750f562975d_200_130.jpeg
i.lb.ua/106/58/ 5 KB
5 KB 367ms
365ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/106/58/63750f562975d_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 9721f47104316ebafbf76cdcbf55cf3213d2be00a0f0647619528cdaf5b3f49a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Wed, 16 Nov 2022 16:27:02 GMT
server: Microsoft-IIS/10.0
etag: "6be8e42d8f9d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4890

GET
H2 200 6379407435425_200_130.jpeg
i.lb.ua/123/42/ 14 KB
14 KB 407ms
405ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/123/42/6379407435425_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: c08ef9ca69ace773a306b41f35d2635af40f0f5c261e515ffd446bbde0edc451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Sat, 19 Nov 2022 20:45:40 GMT
server: Microsoft-IIS/10.0
etag: "f63dee257fcd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 14354

GET
H2 200 637b96170f8bf_200_130.jpeg
i.lb.ua/083/18/ 10 KB
10 KB 408ms
406ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/083/18/637b96170f8bf_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 112f783b4034aa20d4d4705782d7ac925efe3bce8f267dc36f7a3ffab6a87347

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Mon, 21 Nov 2022 15:15:35 GMT
server: Microsoft-IIS/10.0
etag: "866e21abcfdd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 9808

GET
H2 200 637a8066b8d17_200_130.jpeg
i.lb.ua/114/44/ 10 KB
10 KB 408ms
406ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/114/44/637a8066b8d17_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: dad64e411c3ff250c15b64b7cb2a14370daf7af5df366f76a062f12176a41b32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Sun, 20 Nov 2022 19:30:47 GMT
server: Microsoft-IIS/10.0
etag: "31e29716fdd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 10562

GET
H2 200 637952a08c5af_200_130.jpeg
i.lb.ua/076/59/ 6 KB
6 KB 409ms
407ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/076/59/637952a08c5af_200_130.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 84b9ec7bad298e139002ca216fef4e7c70fbb4b5a12c705d0adabd986defc389

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Sat, 19 Nov 2022 22:03:12 GMT
server: Microsoft-IIS/10.0
etag: "e289ddb762fcd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 5776

GET
H2 200 6368fb546ac3a.jpeg
i.lb.ua/016/13/ 22 KB
23 KB 344ms
291ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/016/13/6368fb546ac3a.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 36813b909dc440acf61639450320921eae3d26dbd95a91d42642531069f8e92f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Mon, 07 Nov 2022 12:34:28 GMT
server: Microsoft-IIS/10.0
etag: "24d82f47a5f2d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 23004

GET
H2 200 636785243f96d.jpeg
i.lb.ua/109/46/ 53 KB
53 KB 409ms
407ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/109/46/636785243f96d.jpeg
Requested by: Host: lb.ua
URL: https://lb.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 6d822a1e33340d071e7af54d5e40d1a2f7f6265095877941d8778efd89756d85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
last-modified: Sun, 06 Nov 2022 09:57:56 GMT
server: Microsoft-IIS/10.0
etag: "fb26a43ec6f1d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 54274

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6096932064585080&plah=lb.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b59c18f706c25c7240c71bc90f4caca15d1cb3b44cebdbf90b3db5d80a16484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119597
x-xss-protection: 0
server: cafe
etag: 3397820284481236663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Nov 2022 00:36:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 5C8C 10 KB
5 KB 178ms
56ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 42976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 12:40:30 GMT
etag: 10353107486223812946
expires: Wed, 07 Dec 2022 12:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1557394734&utmhn=lb.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734&slf_rd=1&random=701146237

42 B
501 B

189ms
67ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734&slf_rd=1&random=701146237

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10143123-13&cid=80024744.1669250207&jid=460557952&_v=5.7.2&z=1557394734&slf_rd=1&random=701146237
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 19:27:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 55 B
74 B 182ms
65ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lb.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50
x-xss-protection: 0
expires: Thu, 24 Nov 2022 00:36:46 GMT

GET
H2 200 440471506375777 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/440471506375777?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95307c02b29989bc222247fc8ec742b548e93a39bec409e1577b5aaba4f8d00d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Nov 2022 00:36:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86095
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 1zR6ICTqgFxHjKBLp7Z50gt9Rn1h2jHMGSdEIt5PjsG5SRmP0BfU5xtgiIRn4pblXG8ZoqRiHq+zVeAZpx9pZg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
692 B 216ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lb.ua&callback=_gfp_s_&client=ca-pub-6096932064585080&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6096932064585080&plah=lb.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

611654c045a36d9d48d10164db1ea38a5436aa9aacdff3b0b76aa2cf2c0c1360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 183ms
67ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 181ms
65ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flb.ua%2F&tn=DIV&id=popup-donate&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDCC 75 KB
8 KB 233ms
115ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&adk=1812271804&adf=3025194257&lmt=1669250193&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2%2C6%3A2%2C7%3A2&plat=1%3A16777344%2C2%3A128%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Flb.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206671&bpp=5&bdt=341&idt=197&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5253954939014&frm=20&pv=2&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923cf619e2013cdf995ebe8d3076c1ba744c4045eb2e185d4f21c2d56ba871b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 7841
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Thu, 24 Nov 2022 00:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2358 98 KB
34 KB 564ms
470ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1669250193&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206676&bpp=1&bdt=345&idt=236&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=72u3lLikPs&p=https%3A//lb.ua&dtd=241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cb0b3ca35760a01c7b08a7f555aef232da20480a9ada0d7f39092aebdaf97a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34472
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Thu, 24 Nov 2022 00:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 175ms
58ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=440471506375777&ev=PageView&dl=https%3A%2F%2Flb.ua%2F&rl=&if=false&ts=1669250206935&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669250206933.378640447&it=1669250206732&coo=false&rqm=GET

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Nov 2022 00:36:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A6CF 430 B
229 B 495ms
430ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=280&slotname=9952089888&adk=2082505381&adf=3812907723&pi=t.ma~as.9952089888&w=336&lmt=1669250193&format=336x280&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206677&bpp=1&bdt=346&idt=266&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OIEjptBstJ&p=https%3A//lb.ua&dtd=269

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e809c6b6bb6de60e7092e922cae2ab2ba3c7c86ef462821ed99fe0051d3ffe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Thu, 24 Nov 2022 00:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 688E 23 KB
10 KB 512ms
468ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1669250193&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206678&bpp=1&bdt=348&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PPvPV25oRd&p=https%3A//lb.ua&dtd=290

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

818016b9c5af68f8e40293b123feeadbaed400efe54d33e76784ec624b42643d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9913
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Thu, 24 Nov 2022 00:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 177ms
67ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 172ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lb.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5769 120 KB
45 KB 739ms
738ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7a289690f533d74394d01d37ad271db9e7976caa036fe30a879fbdb58a82bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45771
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Thu, 24 Nov 2022 00:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C24A 118 KB
44 KB 371ms
371ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33e4022f00f484e5d4c74bf0bd5e6f57658363c53915e3ff4b4122ccedc3267a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45249
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Thu, 24 Nov 2022 00:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50B5 118 KB
44 KB 415ms
415ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc3e9bc1d300fff9c6034d7df4d23378854e6383b4fcf30b07130357fa299e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45239
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Thu, 24 Nov 2022 00:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 179F 0
18 B 118ms
58ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://lb.ua
Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://lb.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 688E 3 KB
1 KB 231ms
112ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1669250193&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206678&bpp=1&bdt=348&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PPvPV25oRd&p=https%3A//lb.ua&dtd=290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 22:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 22:28:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 688E 18 KB
8 KB 174ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 688E 154 KB
48 KB 189ms
67ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2358 8 KB
1 KB 190ms
67ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1669250193&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206676&bpp=1&bdt=345&idt=236&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=72u3lLikPs&p=https%3A//lb.ua&dtd=241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 23:23:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 688E 0
0 98ms
98ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci-lcn7x-Y6HgA5jw3gP9-abABsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MDk2OTMyMDY0NTg1MDgwyAEJqQKB7LC4UXGxPqgDAaoE1QFP0DeGVgMtlKMW8HzlqYKgMXbEWq5yXU98A3s5B3Z6206N0yE9IPL7U9uk7qsE-zQ1-ymVdoOAKcevZCkP4_cx1SgCTdYNp5Al46UNTr_P0i3dkn6mxZT3_D692H3hVElp03YLEcRgdO7y7qmra3wz3rO5XQMPb8p96MuYdUYBHKWtuNni09IKPKP4PXRAVaJ7GI_tCTqXysJSWR-LqSDqKUFBqaFEwalb_NKxUG8awfXy_u19YbC0dUM6DaJbHcY0wFZB1qflM-FlqYn1eBL6tneYOECABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTYwOTY5MzIwNjQ1ODUwODAYAA&sigh=yoWH7FLQRwY&uach_m=[UACH]&cid=CAQSGwDq26N986umZ3YgFDNFZoWKAlZFPuA8CpOW1BgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1669250193&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206678&bpp=1&bdt=348&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PPvPV25oRd&p=https%3A//lb.ua&dtd=290
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Nov 2022 00:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 688E 0
0 217ms
66ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFN-BMKwC2ASdg2ICAgAAAHfRb8ftwke4cIFdoJaBD64Qnrx-Y5JGLHdK9fDrUI1AABIAAA&wp=Y368nwAA8CEKd7gYAAm8_V8UJrn1qwKLwDliGg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 264686
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7EBD 170 KB
51 KB 262ms
143ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y368nwAA8CEKd7gYAAm8_V8UJrn1qwKLwDliGg&u=%7CHeVaUTOEtx3CFHyXhrdebkFFXKA6KHPgCpD1B5tivxg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zttQDCaFjc2pDW6MOoh1ZQ7WLK4BPH2dEIxfcdX9T49MZYtmdmECF-XkCF1lu4PJawA4u5piNi1JJHWPmGzKRMoE2se220X0sdDaqPP5r_Gpp0_5umTOmDdn-oBkK4mb6xF4IwOH1Qk7gG_izi5lzNrqQWu-lGioNb07Cf0_hal7-h05Fpc_em3YS6VqBzBv-cHICjybQBiqg3YjGb8m-GQGEB1DsDNHKprzYi7RsdrUeW8JByZGqTQVmnF23c47gtSjdRmQ7lpIKoYKiZJDFcp3wsxBK-qKIeF9X7ERacn0e4suRmiEHTSYOCp0EhAUZDSVTSHyJExx_6-OjK5x6z9j7VwXV2ZAEhtl338v74F46ZhNIc7wl4ocieF6Bxx68wvj1tZHempnkJK5VVOzapaPhaB6br-adsI7an8Bs5tjNBnIRU0CEdJ40qXP6rt30CEPYMzo6IBPSBeF5uRbllhq-2p52YCAxTapMmMyuMwQC6BX15JwM-bwnpKcM9QeLRGlfOQ-4okfa3pwVIW1hO16M5DA6PBgKtdIe7dNzjSX3Db8riwH95w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNsgn7x-Y6HgA5jw3gP9-abABsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MDk2OTMyMDY0NTg1MDgwyAEJqQKB7LC4UXGxPqgDAaoE2AFP0DeGVgMtlKMW8HzlqYKgMXbEWq5yXU98A3s5B3Z6206N0yE9IPL7U9uk7qsE-zQ1-ymVdoOAKcevZCkP4_cx1SgCTdYNp5Al46UNTr_P0i3dkn6mxZT3_D692H3hVElp03YLEcRgdO7y7qmra3wz3rO5XQMPb8p96MuYdUYBHKWtuNni09IKPKP4PXRAVaJ7GI_tCTqXysJSWR-LqSDqKUFBqaFEwalb_NKxUG8ag_fTbGry_aML6VeZ3Z_95c8gyuBL-L9nhylYD3tKZj7iM90cK__-rgmABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hyolKdd5AmjRvF7kMuH543IgE-Q%26client%3Dca-pub-6096932064585080%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b406ca1451c51df193697d62b1ffb60a15c95f8a1ee3fb0a2631814aa18ca0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gL8o1qzeVHhS_GWCcRraLEtxbVCtgyZprEvzSOfrU1d48CK96_8hbvMFvzpEpBNWpY5942I3LlekW4ojiXL06L67zdM4YBGdFsy2eGzvn21EEKpOBwfHav4WvtQpOjl4pYl1Jvv_E_xAZq8QahcH7mYJkFggX88W2sKLe5pdPwUoHegKk7PtWuYumToxu46AEJY0w59szPP2ldGyKIQUvCK3gh-YwYtShihsmFZJeSoRFtW9S4tW6DSJgdPemiZEzW2qYcNmtKQ2rI9z"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 87532151
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2358 2 KB
818 B 211ms
114ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2358 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdA-Fn7x-Y7qCBMqSjuwP-dO16ATtvcC-bY7H-_reEMmQv9qeNxABIJX8kiVglQKgAdr0ve0DyAEJqQIlQa1jl2exPqgDAcgDywSqBOQBT9AClrzXE68Dm1Bm7aX2I3oXkj3zyk9JbQEFrygZ8itZQrBEz7KagPOKcHlFmWEi4UiZXp22ncHX_SP2Vg3FKzoVDe3a96Oj-k2Y8D5wqMcgqlcs3qB3p_KRsYvFvtAuMODZqRhNKsjRmo_QjEc7rr3h7_KUyDqGAkR8yFqUiopbp1wuKFES__2WSOeHFxQK-5ppukXwKKQAIcbUgwbo0P1V87RsMhwluHejfFK_-06P315r36A5bkTTXgRumRfsbhINTwc4KTxzs-13uV6C-Rek80ScVGMGzmC1q2NHpD1hEaJjwASKwcKlogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHjovCEqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELnRBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTYwOTY5MzIwNjQ1ODUwODAYAA&sigh=Ui-TsSNFAz0&uach_m=[UACH]&cid=CAQSGwDq26N9RpvAtBBupzCekdQLkOVcQsAHbHqbrxgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=150&slotname=4850579085&adk=1491093915&adf=1410787377&pi=t.ma~as.4850579085&w=320&lmt=1669250193&format=320x150&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206676&bpp=1&bdt=345&idt=236&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=226&ady=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=72u3lLikPs&p=https%3A//lb.ua&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Nov 2022 00:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17132373557538608712/ Frame 2358 6 KB
6 KB 205ms
115ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17132373557538608712/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15b8238beefa098ed25654a9ec61e8432ba300e43c877ef8656bb1e50b445bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 19:52:11 GMT
x-content-type-options: nosniff
age: 276276
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 08:30:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 20 Nov 2023 19:52:11 GMT

GET
DATA 200
OK truncated
/ Frame 2358 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2358 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2358 23 KB
9 KB 143ms
61ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:28:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2358 3 KB
1 KB 193ms
113ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 22:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 22:28:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2358 18 KB
7 KB 151ms
71ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2358 154 KB
47 KB 228ms
144ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H2 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 2358 34 KB
14 KB 175ms
53ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 11:55:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C24A 8 KB
789 B 68ms
66ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 00:36:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C24A 8 KB
766 B 70ms
68ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 00:36:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C24A 35 KB
14 KB 214ms
98ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 19:52:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C24A 154 KB
47 KB 176ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
DATA 200
OK truncated
/ Frame 688E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79ef71b1c1ca55a14324abf23ca7f9f6fcdf48ac0d41a721754b0fed74c06548

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C24A 23 KB
9 KB 160ms
60ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:28:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C24A 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 22:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 22:28:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C24A 18 KB
7 KB 156ms
57ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 50B5 8 KB
716 B 179ms
69ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 00:36:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 50B5 8 KB
716 B 174ms
65ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 00:33:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 50B5 35 KB
14 KB 186ms
113ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 19:52:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50B5 154 KB
47 KB 157ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 00:36:47 GMT

GET
DATA 200
OK truncated
/ Frame 2358 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a369754f6103abcd6ac3556067fe1e8a60bd72cecab10e97c1ea1228d828b6a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 50B5 23 KB
9 KB 128ms
69ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:28:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 50B5 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 22:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 22:28:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 50B5 18 KB
7 KB 145ms
86ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 50B5 0
0 182ms
64ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfDzwu6GmJtBm3-AsL_gnB4DrKHLZu7aVDJLBrn6IyuGxu7R_fgUvRavJtQqV2MRfM27CyjUp6X60BVm-500pIHK1R3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7EBD 2 KB
1 KB 227ms
110ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y368nwAA8CEKd7gYAAm8_V8UJrn1qwKLwDliGg&u=%7CHeVaUTOEtx3CFHyXhrdebkFFXKA6KHPgCpD1B5tivxg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zttQDCaFjc2pDW6MOoh1ZQ7WLK4BPH2dEIxfcdX9T49MZYtmdmECF-XkCF1lu4PJawA4u5piNi1JJHWPmGzKRMoE2se220X0sdDaqPP5r_Gpp0_5umTOmDdn-oBkK4mb6xF4IwOH1Qk7gG_izi5lzNrqQWu-lGioNb07Cf0_hal7-h05Fpc_em3YS6VqBzBv-cHICjybQBiqg3YjGb8m-GQGEB1DsDNHKprzYi7RsdrUeW8JByZGqTQVmnF23c47gtSjdRmQ7lpIKoYKiZJDFcp3wsxBK-qKIeF9X7ERacn0e4suRmiEHTSYOCp0EhAUZDSVTSHyJExx_6-OjK5x6z9j7VwXV2ZAEhtl338v74F46ZhNIc7wl4ocieF6Bxx68wvj1tZHempnkJK5VVOzapaPhaB6br-adsI7an8Bs5tjNBnIRU0CEdJ40qXP6rt30CEPYMzo6IBPSBeF5uRbllhq-2p52YCAxTapMmMyuMwQC6BX15JwM-bwnpKcM9QeLRGlfOQ-4okfa3pwVIW1hO16M5DA6PBgKtdIe7dNzjSX3Db8riwH95w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNsgn7x-Y6HgA5jw3gP9-abABsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MDk2OTMyMDY0NTg1MDgwyAEJqQKB7LC4UXGxPqgDAaoE2AFP0DeGVgMtlKMW8HzlqYKgMXbEWq5yXU98A3s5B3Z6206N0yE9IPL7U9uk7qsE-zQ1-ymVdoOAKcevZCkP4_cx1SgCTdYNp5Al46UNTr_P0i3dkn6mxZT3_D692H3hVElp03YLEcRgdO7y7qmra3wz3rO5XQMPb8p96MuYdUYBHKWtuNni09IKPKP4PXRAVaJ7GI_tCTqXysJSWR-LqSDqKUFBqaFEwalb_NKxUG8ag_fTbGry_aML6VeZ3Z_95c8gyuBL-L9nhylYD3tKZj7iM90cK__-rgmABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hyolKdd5AmjRvF7kMuH543IgE-Q%26client%3Dca-pub-6096932064585080%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Nov 2023 00:36:47 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7EBD 2 KB
1 KB 174ms
58ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Nov 2023 00:36:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7EBD 308 B
636 B 151ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 19 Nov 2023 00:36:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7EBD 293 B
621 B 151ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 19 Nov 2023 00:36:47 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 7EBD 43 B
348 B 157ms
52ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Brj4X24c52HcVGq-6IpcKAf7NMCkmwBG9JODdnPPtsWt7F5cpQqNYBKxNTCai4snwpF8bVZgeXNhmhF5XdPXVytjb6gxDAlO81IvbApkjU7Sl22g82MsR2hQYR_2tuSSde2RJyUnIhiIxPptIud4emokxG1i8hgwhAH-mjO_6ydffR3tMpAxCfGHD8ct0VHTYOeOJUiPgVYsywIxral0xS33nuPq_qu_yoFVEtzo9Wgu31LFmtbzns7PHrMHkpb34z0tlYryPKuSW2OE0yZCLTek-roIUq2fQpdf7CrteRaJSkVjP0y1vpCuhdXIzFLEdRBns-SH3yCscDv8BFDZewBDxEfk5NL4attJZslMKVSTZ7PJU1sBW2lfSg-PbvVJL4iEaLab3scJI8P7t3Zd-KFG_-PTwKTeF8D_tD2HlAWQV2_p_Wr0l2qiZWMovJt50hd44g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3280713
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7EBD 44 B
752 B 319ms
164ms Image
image/gif 2600:9000:21f3:1600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1669250206
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y368nwAA8CEKd7gYAAm8_V8UJrn1qwKLwDliGg&u=%7CHeVaUTOEtx3CFHyXhrdebkFFXKA6KHPgCpD1B5tivxg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zttQDCaFjc2pDW6MOoh1ZQ7WLK4BPH2dEIxfcdX9T49MZYtmdmECF-XkCF1lu4PJawA4u5piNi1JJHWPmGzKRMoE2se220X0sdDaqPP5r_Gpp0_5umTOmDdn-oBkK4mb6xF4IwOH1Qk7gG_izi5lzNrqQWu-lGioNb07Cf0_hal7-h05Fpc_em3YS6VqBzBv-cHICjybQBiqg3YjGb8m-GQGEB1DsDNHKprzYi7RsdrUeW8JByZGqTQVmnF23c47gtSjdRmQ7lpIKoYKiZJDFcp3wsxBK-qKIeF9X7ERacn0e4suRmiEHTSYOCp0EhAUZDSVTSHyJExx_6-OjK5x6z9j7VwXV2ZAEhtl338v74F46ZhNIc7wl4ocieF6Bxx68wvj1tZHempnkJK5VVOzapaPhaB6br-adsI7an8Bs5tjNBnIRU0CEdJ40qXP6rt30CEPYMzo6IBPSBeF5uRbllhq-2p52YCAxTapMmMyuMwQC6BX15JwM-bwnpKcM9QeLRGlfOQ-4okfa3pwVIW1hO16M5DA6PBgKtdIe7dNzjSX3Db8riwH95w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSNsgn7x-Y6HgA5jw3gP9-abABsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi02MDk2OTMyMDY0NTg1MDgwyAEJqQKB7LC4UXGxPqgDAaoE2AFP0DeGVgMtlKMW8HzlqYKgMXbEWq5yXU98A3s5B3Z6206N0yE9IPL7U9uk7qsE-zQ1-ymVdoOAKcevZCkP4_cx1SgCTdYNp5Al46UNTr_P0i3dkn6mxZT3_D692H3hVElp03YLEcRgdO7y7qmra3wz3rO5XQMPb8p96MuYdUYBHKWtuNni09IKPKP4PXRAVaJ7GI_tCTqXysJSWR-LqSDqKUFBqaFEwalb_NKxUG8ag_fTbGry_aML6VeZ3Z_95c8gyuBL-L9nhylYD3tKZj7iM90cK__-rgmABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hyolKdd5AmjRvF7kMuH543IgE-Q%26client%3Dca-pub-6096932064585080%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: B_e9F2HfYuK--aY7nVsQ3vY1gYMyccO8lhF_YZFgEJgAbkrV6pCWmA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 2358 28 KB
28 KB 178ms
57ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 529267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:35:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7EBD 12 KB
6 KB 115ms
58ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Nov 2023 00:36:47 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame BE51 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 10:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:56:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EBD 22 KB
22 KB 179ms
56ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=uz5746XqY2TJmw3Lkv-ynyH7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

6e9eda5dc74a1c770c667f5ae3110bb5ac7158fd79f277676f66b9e44385f353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30012873
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22116
expires: Mon, 06 Nov 2023 09:31:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EBD 3 KB
3 KB 235ms
113ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FH%2FlogoHenkel-AG-Co-KGaA-28132DE.gif%3Feb%3D1&v=3&w=800&s=8aF-BKEibo339m5_sOb1DchG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8c4b067752355f89f765d00190e02a73ac32b3197f2c9cd354a06e97dbf31aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2584
expires: Thu, 24 Nov 2022 00:36:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EBD 3 KB
3 KB 234ms
112ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoMercedes-Benz-Mobility-AG-174167DE-2202081311.gif%3Feb%3D1&v=3&w=800&s=QZAEVBHK9oAKX2QGLNO5vVbC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8da5b66025007652edd6a88c75c3f29c3cc1c2b1d12364aca6e64d4b99e5e0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1848348
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3024
expires: Thu, 15 Dec 2022 10:02:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EBD 2 KB
2 KB 249ms
127ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMalteser-Hilfsdienst-e-V-770DE.gif%3Feb%3D1&v=3&w=800&s=pWzkCXUVABbK7t2G7BcDSL96&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2540838
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2288
expires: Fri, 23 Dec 2022 10:24:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7EBD 2 KB
2 KB 241ms
119ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoTrading-Hub-Europe-GmbH-78427DE-2106171018.gif%3Feb%3D1&v=3&w=800&s=d3UsciYJOptR6rSy5unmwJ0s&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8507da21d0e2a655a81642e4472b55515bf86b3e533ab9cc8c17176cacc3499f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1517187
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2030
expires: Sun, 11 Dec 2022 14:03:15 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7EBD 0
128 B 217ms
65ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=gL8o1qzeVHhS_GWCcRraLEtxbVCtgyZprEvzSOfrU1d48CK96_8hbvMFvzpEpBNWpY5942I3LlekW4ojiXL06L67zdM4YBGdFsy2eGzvn21EEKpOBwfHav4WvtQpOjl4pYl1Jvv_E_xAZq8QahcH7mYJkFggX88W2sKLe5pdPwUoHegKk7PtWuYumToxu46AEJY0w59szPP2ldGyKIQUvCK3gh-YwYtShihsmFZJeSoRFtW9S4tW6DSJgdPemiZEzW2qYcNmtKQ2rI9z&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Nov 2022 00:36:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7EBD 2 KB
1 KB 78ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Nov 2023 00:36:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7EBD 2 KB
1 KB 56ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 19 Nov 2023 00:36:48 GMT

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/4845660027161488081/ Frame C24A 23 KB
23 KB 120ms
120ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4845660027161488081/2728354180183721846?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqwMQ4AEYASABLQAAAD8wrAM44AFFAACAPw&rs=AOga4qnqMsp8PLrGamlNJej37ke41puVAw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85cdc1c98059029a7fc7090fa02c4d43d2a01c92bb529038442156a52d1c83cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23715
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 12:08:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 00:36:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C24A 0
0 110ms
110ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CirZUn7x-Y873FMjM3wP0u47AC-29wL5tnsX7-t4Q2eHE3Z43EAEglfySJWCVAqAB2vS97QPIAQapAiVBrWOXZ7E-qAMByAPLBKoE3gFP0PvNAObdY7I4pcTncafQloHCBl33LsJIH6t8B1JJfATx3U37uGj9p9EpNgtGUlLKCE8zPxUpDgl5-Xsu6rEONjhFLE4UfrOsd_wssH4aDe6u_AoRpsNkNphLgf1TRvdXaDpikZTv5RwhpADkciofW8pYNEjuMKKln1poAq_lQMOH9XYdyeALjoR6z9oteCHhUwBi8XlBsBVrvuJmd0x6z0MmjtuL48HBh1UXFTK75sxf2xGGqVQSJVLJAFva7uALaY7_QQCBiwn63emdEHTBCBSS2WPWKq2Ck86t39XABJq_wqWiBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAeOi8ISqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQyrcf0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNjA5NjkzMjA2NDU4NTA4MBgA&sigh=C0srOUwKRVk&uach_m=[UACH]&cid=CAQSOwDq26N9ix0rc7NIDJMa9K_-OgLChji09H4sADWvAK3WFLLg7nQxWjBEUXKwp8t1WOKjWgsiHLjsRhx0GAEgEw&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Nov 2022 00:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C24A 10 KB
10 KB 168ms
119ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 11:52:14 GMT
x-content-type-options: nosniff
age: 477874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 11:52:14 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17132373557538608712/ Frame 50B5 5 KB
5 KB 91ms
91ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17132373557538608712/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIhwEQRxgBIAEtAAAAPzCIAThHRQAAgD8&rs=AOga4qmQC4-mm38SlnmaNkWzh14Wl45ceg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0919deeaa1d1fbb101ac05ac7de11850215a14a46673c51422844ff03854e208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5131
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 08:30:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 00:36:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50B5 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAEwDn7x-Y8KRFbuLjuwPuaSJyAXtvcC-bZ7F-_reENnhxN2eNxABIJX8kiVglQKgAdr0ve0DyAEGqQIlQa1jl2exPqgDAcgDywSqBN4BT9Dc1J9l3ioJQWllJeScqH4aMd8nUx84jFB-5A0CjhvWXlXvxs2owZs7Xir5nVJmc1BVsSajKKs0gMmV7Sq04swbIO9RShktwlbFvWZMPtzEAuv_YicsU2On2SOW1y4icoRoG6tyQBvEO74osly9jl2d0LjX22MDGUK1xUsJ6N2oroXy0oGGIsYgdUMA5UEbG1EELSTHG1sx5MgEdsMFakBXQcudLne9_csO0AkkNDn6ZgyRwWBs0FCxbfRI4v2GSkPQvzuy5KLSWt_CcBxp2x4M0B4PB3TP7ssNmNZYwASav8KlogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHjovCEqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIKhKNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTYwOTY5MzIwNjQ1ODUwODAYAA&sigh=VRjGSI16SJo&uach_m=[UACH]&cid=CAQSOwDq26N9_iUeuhiIXld9dJzYRZ0DES8x44_5H5z2960Azaz_7ptZTByl1SCbNtmyeQf30h6zSXyZvQRcGAEgEw&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Nov 2022 00:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 50B5 10 KB
10 KB 110ms
109ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 11:52:14 GMT
x-content-type-options: nosniff
age: 477874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 11:52:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2AF 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 23:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 80CF 1 KB
643 B 57ms
56ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 49962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Thu, 24 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 5769 8 KB
716 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 00:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 00:36:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 00:36:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5769 8 KB
716 B 67ms
65ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Nov 2022 00:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 00:36:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Nov 2022 00:36:48 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5769 35 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 19:52:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5769 154 KB
47 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 00:36:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 5769 23 KB
9 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:28:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5769 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 22:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 22:28:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5769 18 KB
7 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5809 143 B
166 B 56ms
54ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 23:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CF0B 1 KB
643 B 60ms
59ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 49962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Thu, 24 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C24A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cc6b8b1f05929e1df11b9308af7128b38513cdf257899e2c522995e9778ca52

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 50B5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b9940a5a389e37238dba70536306bd8df18deca76c420e28b58a3702c84d2bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 80CF 35 B
464 B 200ms
62ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ9Hp6nW66qZYBpkNk8eNZ0&google_cver=1&google_push=ASkJ3FZlw6lQvWxkb0C9Pk1nOfdLdR5xnRZQeuzpIHWDO-N1Bk7CUd7b_9JSQXswbEOonG6SrL3NnCkX0mlXryySq9f69LGaMO3uRg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 80CF 0
98 B 186ms
67ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3Fbtcp4GrZFKEDsnGCDS5JYtG7l9Ys3OLKH1A9xGsHdC5YxsXRvW160DTOlJBxopOGpC9ZiAXA-XqNeCCMXMGPgBH3zFWNEz&google_gid=CAESEEdv86WI1ALUBSw1oWTN-s0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 80CF 43 B
106 B 198ms
67ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEP6zBz2DQkezpp08fQeU6c4&google_push=ASkJ3Fac-W5lB1iVRZsG9ri2vuswKx1F6NfpJcZ24xGqbXYodH8zBwjfVRW8Nc33vbXZwpb7w9IEsYSrC4vxxfEOeYlNOgfb2ofJ0g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 80CF 43 B
351 B 183ms
65ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHqWRjbUVKimvrOl3r5QDs4&google_cver=1&google_push=ASkJ3FYsJp7aewbq_q0RrB3sMEUAQnN8q-AFmif9-8GaLWotZ1OZnpTpS97_NxuvNcMGeujPRTDyg7OC4YgdLuKwDH66rOwXWOYq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=3036670882&adf=2100838203&pi=t.aa~a.4141672183~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=48385726&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427&nras=3&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uZntiUoQHn&p=https%3A//lb.ua&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bhmgem2thj7gjsa3i3uvg4nmksjbopu5

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80CF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g7bdJo4pTha8tlp-CDfPqg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

135ms
73ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g7bdJo4pTha8tlp-CDfPqg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaN3d9Mv6fgW1p8QC6IZTUeTREV08_YXQtz0LQF7j-VVNaHRCroRJ6gUt3E7k56y5gF47RTYMD3FhxNF3pbKXLlnIF0B2AAnQ

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g7bdJo4pTha8tlp-CDfPqg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaN3d9Mv6fgW1p8QC6IZTUeTREV08_YXQtz0LQF7j-VVNaHRCroRJ6gUt3E7k56y5gF47RTYMD3FhxNF3pbKXLlnIF0B2AAnQ
date: Thu, 24 Nov 2022 00:36:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80CF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKty0JTlHXwEzPdJwP9gfiw&google_cver=1&google_push=ASkJ3FY9HPY_u0PlouFF9dLrtrm9Ca_A1G-ZTOvTS01D-tuDxW8MbICVSZCw2R3nwPc4OhWZjSe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0gzWk8tMUQtQkRXNg==&google_push=ASkJ3FY9HPY_u0PlouFF9dLrtrm9Ca_A1G-ZTOvTS01D-tuDxW8MbICVSZCw2R3nwPc4OhWZjSemvkjZZRD9C2pabi2czkam0tZfpw

170 B
188 B

188ms
72ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0gzWk8tMUQtQkRXNg==&google_push=ASkJ3FY9HPY_u0PlouFF9dLrtrm9Ca_A1G-ZTOvTS01D-tuDxW8MbICVSZCw2R3nwPc4OhWZjSemvkjZZRD9C2pabi2czkam0tZfpw

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0gzWk8tMUQtQkRXNg==&google_push=ASkJ3FY9HPY_u0PlouFF9dLrtrm9Ca_A1G-ZTOvTS01D-tuDxW8MbICVSZCw2R3nwPc4OhWZjSemvkjZZRD9C2pabi2czkam0tZfpw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80CF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3FbMePGpxHUkT5WeKdVaeJrUfiOD3FUxN...

170 B
188 B

120ms
72ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3FbMePGpxHUkT5WeKdVaeJrUfiOD3FUxNIoD7FSQXMAvGnAodH7ucZ-vF3JpUtK7CmNvTsNqMmhMq0h8bSmnjrc7v_ebk72V6A

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7fwVtSACH81MGtoc8x9JkhU5qGGtw%2FbDGKRkuWT%2B09yntxK5nQi23iC0VG7ry0QkBgCgLgo%2FRi2%2BIBoKu238SWqrgq5Kn0nmfDNgX%2FBla%2FZA2x7QnoF1ZmBqGHmrsJXoCDuKbgVunt5DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKblnXZynpHkBw0K-rTMrvc&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3FbMePGpxHUkT5WeKdVaeJrUfiOD3FUxNIoD7FSQXMAvGnAodH7ucZ-vF3JpUtK7CmNvTsNqMmhMq0h8bSmnjrc7v_ebk72V6A
cache-control: no-cache
cf-ray: 76ee128aaa97dd17-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 80CF 0
232 B 185ms
62ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-lMaqQFCXAmA1chE2yE5TJ4DJd9HHtsh59-9-lpRLW3cl1AzBMZEjc_uYE1K8cHInTXN-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F2AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
61ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:48 GMT
expires: Thu, 24 Nov 2022 00:36:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame A731 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 10:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:56:10 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4628837470237599938/ Frame 5769 25 KB
25 KB 130ms
129ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4628837470237599938/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAMQ4AEYASABLQAAAD8wrAM44AFFAACAPw&rs=AOga4qkXWJmK2R3hTBEwDgwfbs-PQW_gBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13b1cd32e7b9c30863cca26804d84a21b8aeba1b44fac8c22cf793253e5258b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25512
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:33:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 00:36:48 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5769 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsjkGn7x-Y5TwFIbx3gOX6rjAB8a99LltkuiU2NMQloLNhYgWEAEglfySJWCVAqABuuG22APIAQapAiVBrWOXZ7E-qAMByAPLBKoE3gFP0B7OiRHKFuwykzbNGRaVm63hP9qpNqYx6CZcENMzNjLWlxKVaDMRa-3klp7t7rDNwI6zmuED3ujKjXQ6Mo4y2I-wPAD1SFPxl2Yvom39lEmOYcrIlSX9EdBWUHMByK9wwU3mGa4nRFw4N960lAzzPMA9lLubRqrabLIqvRnuSDUaxhuYCjgVD9JgG_Wc4pky0DIZwjsciNdFQoU1dMsBCLKyb4BJiLI93AZRKY1FzrRJT4OtvBwMqtVpCCdZEh1iNZrJcqgbjMB4vqsQyokwoFItFsnu_2JrZOBg8CTABPy8xqSYBJIFBAgEGAGSBQQIBRgEoAY3gAe3sqcvqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQr_nWAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTYwOTY5MzIwNjQ1ODUwODAYAA&sigh=nM2PiIzVfYc&uach_m=[UACH]&cid=CAQSOwDq26N9PfEO_tRxF0q1mVrvN5t_BTYJ67-V9EG4YTDrPNh9mog-ZJJ-cy19j716sDZUrNfVDQcLMxw-GAEgEw&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Nov 2022 00:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F116 143 B
166 B 55ms
53ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 23:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BCA5 1 KB
643 B 57ms
57ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 49962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Thu, 24 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame CF0B 35 B
463 B 136ms
64ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKlvqrLsAnJXLAu2NXCIIG4&google_cver=1&google_push=ASkJ3FaLrLmHtuZzqysJGw-XllgP1mqE7fTuIETp2mUCdr-6W7ITAXM4AmcMPVBS4kuS-u1SWirksQ6bkAhGozstjTB_PMq0uHzP

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF0B
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIOWn215BvZe0Uu8q5Z1Cz8&google_cver=1&google_push=ASkJ3FYpQHbWJ7StzyCqWApvxVKortCq2l_pI5qavu0VWDGE0iIYSZ6RI--U3e-1RcZ54pgVMXcT2u5HvZyIlT-c_mhNAaAMScQ_
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYpQHbWJ7StzyCqWApvxVKortCq2l_pI5qavu0VWDGE0iIYSZ6RI--U3e-1RcZ54pgVMXcT2u5HvZyIlT-c_mhNAaAMScQ_&google_hm=Q0FFU0VJT1duMjE1QnZaZ...

170 B
188 B

100ms
67ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYpQHbWJ7StzyCqWApvxVKortCq2l_pI5qavu0VWDGE0iIYSZ6RI--U3e-1RcZ54pgVMXcT2u5HvZyIlT-c_mhNAaAMScQ_&google_hm=Q0FFU0VJT1duMjE1QnZaZTBVdThxNVoxQ3o4

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 24 Nov 2022 00:36:48 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYpQHbWJ7StzyCqWApvxVKortCq2l_pI5qavu0VWDGE0iIYSZ6RI--U3e-1RcZ54pgVMXcT2u5HvZyIlT-c_mhNAaAMScQ_&google_hm=Q0FFU0VJT1duMjE1QnZaZTBVdThxNVoxQ3o4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame CF0B 43 B
356 B 131ms
66ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHGogvRRfY4_9OV688G42HE&google_push=ASkJ3FbMDkiy6zL80m52RED-agrbAx3JtvDi-7IEzpIO1m-PpJDze14P2YXXJoCkeEf5fqV43LsbeRC-SMHolcA9_0HYXsuSt24&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame CF0B 43 B
135 B 119ms
66ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJtlpZoufWcDQNCRNGQYy9o&google_cver=1&google_push=ASkJ3FZZaZH6NcKfOewtS57yLm8E6R-_uJqEUC4DcM9ZFo127CZhleCjE3G61NH5cG4oAqs_YGK7HI3e9rS5-hQ_cFliCknmV_M
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=168&adk=352419716&adf=555703402&pi=t.aa~a.2453268089~rp.4&daaos=1669215985228&w=342&lmt=1669250193&nsk=76125ada&rafmt=11&pwprc=1459918002&ad_type=text_image&format=342x168&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=1&bdt=922&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600%2C429x427%2C429x427&nras=4&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1051&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XY8RGGHGa8&p=https%3A//lb.ua&dtd=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: saf1l2nkqj6ah1gcm8cnqkvitbe4dvhp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF0B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_FPhi7WBTzueHCbxyUfZ0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

133ms
72ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_FPhi7WBTzueHCbxyUfZ0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaDqxR3p0Cp1YxGaXTWZIodtRyuMQQMgaG1VyRiMCid-yjUxxbaCaiyu-pJF4kz9zGwp-TeMvVqBrHAGyDO4zV4aFQwIOtz

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_FPhi7WBTzueHCbxyUfZ0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaDqxR3p0Cp1YxGaXTWZIodtRyuMQQMgaG1VyRiMCid-yjUxxbaCaiyu-pJF4kz9zGwp-TeMvVqBrHAGyDO4zV4aFQwIOtz
date: Thu, 24 Nov 2022 00:36:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF0B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL-OW9-biRSiMvOHBMC6bTM&google_cver=1&google_push=ASkJ3FaS36B2HYkTNOoCOi-hDsz7N65TMMv3NzIWKtb4swiQKCoNfiqFT6CeYuzjk7j5ONIMmv5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MFUtMjEtNVQxWQ==&google_push=ASkJ3FaS36B2HYkTNOoCOi-hDsz7N65TMMv3NzIWKtb4swiQKCoNfiqFT6CeYuzjk7j5ONIMmv5T3YGUrPDq7x7KAIHmGCKGQiKs

170 B
188 B

156ms
76ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MFUtMjEtNVQxWQ==&google_push=ASkJ3FaS36B2HYkTNOoCOi-hDsz7N65TMMv3NzIWKtb4swiQKCoNfiqFT6CeYuzjk7j5ONIMmv5T3YGUrPDq7x7KAIHmGCKGQiKs

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MFUtMjEtNVQxWQ==&google_push=ASkJ3FaS36B2HYkTNOoCOi-hDsz7N65TMMv3NzIWKtb4swiQKCoNfiqFT6CeYuzjk7j5ONIMmv5T3YGUrPDq7x7KAIHmGCKGQiKs
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF0B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3Fbee4HzzoNaF5UHBsaq4U_Z3B2U2xJmM...

170 B
188 B

121ms
72ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3Fbee4HzzoNaF5UHBsaq4U_Z3B2U2xJmMkNvgNAQV3PuAp1f-S8OcZYqjlJO1Ai30vGumV7C7h-rXVJX5h0PKdTYrhQ61sk

Requested by

Host: lb.ua
URL: https://lb.ua/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGxCLBC8dcJ3jjH0R%2Bw0HOeYCiZMthnCLGoLWlnqoVAjGzlZRU1GbcfXXkcZBH%2BnE4yXTP%2F8HKkLHdgWi680g4G8j83PhLCYltyEkBvF7jObSa6gyLctNVzx%2BvWfao%2BCKfwFhn%2BAeIruug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAgezp5sK9cIIglIMuVIFTI&google_hm=Y368oCCLujMd1FYsfV5BnwAABz0AAAAB&google_nid=index&google_push=ASkJ3Fbee4HzzoNaF5UHBsaq4U_Z3B2U2xJmMkNvgNAQV3PuAp1f-S8OcZYqjlJO1Ai30vGumV7C7h-rXVJX5h0PKdTYrhQ61sk
cache-control: no-cache
cf-ray: 76ee128aaa98dd17-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CF0B 0
40 B 121ms
63ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeHJ74ACFc5iFbMRhEePFbu54t4KWQse_IEyT1bUvN0EK_1SOIT5fF8Ibsd-Nj4rpiypBU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 5769 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1709154c127fb87373f9e6dcd45e924a42ba33e5093432e1f59be1bd8b20268f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5769 10 KB
10 KB 172ms
57ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 11:52:14 GMT
x-content-type-options: nosniff
age: 477874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 11:52:14 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5809
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
64ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:48 GMT
expires: Thu, 24 Nov 2022 00:36:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8ACE 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 10:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:56:10 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame BCA5 35 B
463 B 63ms
60ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAre3MdbqDU0b3EhjoNCXko&google_cver=1&google_push=ASkJ3FbcJc64zaCZUWKcMzRZ-i1W8nwf0ZFYQyqyLJjxS_Zc_nS1iUhb2-45-S3cCMWReHbjSu2tR9ekckOisfFTc6U_gI7MGSYS

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame BCA5 43 B
106 B 69ms
66ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENEssouMBMWJkI41fxbA2ys&google_push=ASkJ3FbPtwfScrsE-2VEhUE-eyO1xPr_jTVQqBJEtZtLGGW7lJY72tys15aHMj4MU_axz4lYkL9JJk6117rXtr3J3DPZGm7_CpeK&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame BCA5 43 B
134 B 68ms
65ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDufN1HYxOTEf9fLKeYPU1U&google_cver=1&google_push=ASkJ3FYhaYs0TWULPYjXOn3WlXGcKXPw90wq-UG23OBIriaBQpMO8NLzpaJtpCqVzMvLNyJJIQrkxmbHmZYES7NxjLTQmkiPW7zZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 701bvk64qn9f6d5eclgmop1288rrbh6c

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCA5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=163IJEN1Siunk8Q0IEMX_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

135ms
73ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=163IJEN1Siunk8Q0IEMX_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Falv_1m5AezHXH25XWf9nd3PcJq0xzjDDpJYpT7c-2h63IrXU2FHRXx7zP1ykasreY3eNyWENcx6b3spKYcWSRYuW_Rn-KE

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=163IJEN1Siunk8Q0IEMX_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Falv_1m5AezHXH25XWf9nd3PcJq0xzjDDpJYpT7c-2h63IrXU2FHRXx7zP1ykasreY3eNyWENcx6b3spKYcWSRYuW_Rn-KE
date: Thu, 24 Nov 2022 00:36:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCA5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP_vqpb1bXgSfWrrzp0oGAI&google_cver=1&google_push=ASkJ3FY0MpzSuF4vn30VeZrrxed9xnE062oiRF_GuJTCsYjKMAuS8SlvAyv0kF0khkzCGnqWnQU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MUUtMjgtOVVNNQ==&google_push=ASkJ3FY0MpzSuF4vn30VeZrrxed9xnE062oiRF_GuJTCsYjKMAuS8SlvAyv0kF0khkzCGnqWnQUFnMIiSGt4nEuHUDztm3AXhUff

170 B
188 B

133ms
73ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MUUtMjgtOVVNNQ==&google_push=ASkJ3FY0MpzSuF4vn30VeZrrxed9xnE062oiRF_GuJTCsYjKMAuS8SlvAyv0kF0khkzCGnqWnQUFnMIiSGt4nEuHUDztm3AXhUff

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFVQ0g0MUUtMjgtOVVNNQ==&google_push=ASkJ3FY0MpzSuF4vn30VeZrrxed9xnE062oiRF_GuJTCsYjKMAuS8SlvAyv0kF0khkzCGnqWnQUFnMIiSGt4nEuHUDztm3AXhUff
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCA5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_hm=Y368oOHcY9UsMkAHy0qQygAAAskAAAIB&google_nid=index&google_push=ASkJ3FaVn72H8-GDtdl7QwLO3AIFZY-SpoMPi...

170 B
188 B

68ms
67ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_hm=Y368oOHcY9UsMkAHy0qQygAAAskAAAIB&google_nid=index&google_push=ASkJ3FaVn72H8-GDtdl7QwLO3AIFZY-SpoMPiHqHMpggRu1VV5HMAOSOG9zpdhYsw8LDkSudkvN1xPKXd3a1JpplJnUlNbomHbyK

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DA9i16U%2B8Y40VxFS5MJB%2B1IO1LLzYaDlz%2BZd4kFFJX94uU6SZzgSSNHqr1SsVKjXaCB0iOdS7OLD4Bmvw%2FGLXsqA%2F7hxJiTXzf4I4JRKt8Pned8ZiOX8S5%2BM%2B9ShnRVengkZ038PtqaWXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOJGEhQhc8kQyUHLNyAf8RQ&google_hm=Y368oOHcY9UsMkAHy0qQygAAAskAAAIB&google_nid=index&google_push=ASkJ3FaVn72H8-GDtdl7QwLO3AIFZY-SpoMPiHqHMpggRu1VV5HMAOSOG9zpdhYsw8LDkSudkvN1xPKXd3a1JpplJnUlNbomHbyK
cache-control: no-cache
cf-ray: 76ee128aeb3add17-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame BCA5 43 B
296 B 274ms
45ms Image
image/gif 2a05:d01c:1d8:8102:72a2:2127:6a05:29c2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOHvsvtkWyUKmuTIGX5HCcM&google_cver=1&google_push=ASkJ3FZ76ClDLEwKya9NRxhdUhi_RMKireJx-Gzv81BCAPinK7p8nL75hG5vc_wcBq3nGmoeDOisoHtubwLtYlEN6jsNnedzFShm
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=427&adk=2130953439&adf=1337155442&pi=t.aa~a.1878394478~rp.4&daaos=1669215985228&w=429&lmt=1669250193&nsk=74648323&rafmt=11&pwprc=1459918002&ad_type=text_image&format=429x427&url=https%3A%2F%2Flb.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250207253&bpp=2&bdt=923&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3756fa7834efc362-22f7799781d70088%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw&gpic=UID%3D00000b866d0c2e7f%3AT%3D1669250207%3ART%3D1669250207%3AS%3DALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA&prev_fmts=0x0%2C320x150%2C336x280%2C300x600&nras=2&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=593&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1280&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7kyP3xGT4p&p=https%3A//lb.ua&dtd=37
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:72a2:2127:6a05:29c2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 24 Nov 2022 00:36:48 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BCA5 0
40 B 63ms
61ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KurNdsYMe6AXcLac88MHcx_1T0vz6sMPEeqc3RycsdyDVyOg7Pp7Zu0xUzfFr7c5BOyXJW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F116
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
64ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:48 GMT
expires: Thu, 24 Nov 2022 00:36:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 189ms
74ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5fe9009b2e89d7c0b6503082bb464307b025620e5631192cd08c6043909663b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11161
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame F325 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 10:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:56:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 00:36:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AC9 13 KB
5 KB 57ms
57ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 7661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 22:29:07 GMT
expires: Thu, 23 Nov 2023 22:29:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FC56 783 B
535 B 67ms
67ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da9b1b79b2cfbd26133badd6810d47c34b923fa2170eba809f7fd61f1535666b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p85DRPvo_W5fn5NrJ9F-0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lb.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-p85DRPvo_W5fn5NrJ9F-0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 00:36:48 GMT
expires: Thu, 24 Nov 2022 00:36:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AC9 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 10:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:56:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FC56 0
0 91ms
91ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1852989241089506&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6AC9 0
10 B 57ms
56ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PAF8CQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1852989241089506&bg=!ICOlI2fNAAbvMpMzzzI7ACkAdvg8WgvlIAbfmkD8tn8KKs8X44waTXT7KtyA_yxTRW39quQAjd-iUgIAAAB3UgAAAANoAQcKAO1zcOtXPUEx8CUEitbmehTUo-LBZSMGsWJDQyklcttcOgCy17BZD3gev2j6MUJZNpk5zejK5_rWAnQQqDrLLzoK1YyjoysNx2CmFQgqbxbcIrNBE0b6ICV7OkD-si2KYeozV4y52ejM7fyGv9UiuQy5EUADlP50DpoRQELN2zrUe73Bt4IcPVqYJTrYebTKayjRmMNEmDS9VcchjZkDV2UL_T3HBk9IrArmOh0hI8dzZ6FTE-g7mwdfVGFQA-CWi4Qp2AtOTkLVSG3HaWdvoYv8BYDrQjJUS80n3sIq1wgxkE6CQSS6SR1qSpPdlaOZAqUYL5uISKmN7Cqz-Z-jZ1I_Py5uVPb3fGEp3ldeBQ81qZclZ-0eElXWPxgHT0-nMqUabHNZaRzzYU3Rh2YIrbIAo1cCp82eoLWf3cZWrRHh0yjBEpyGszWcaTQk5OCrUVeg1gcAKGDLtvTN9xMA35DgumEJUFFjL_AYZ0OhEg4XfzztKl2bGc2kRexLaU5zqFCKwxWYe20-GHWkxnDRcvFRmuStTZkNFtEo7wtzPemyZrXW7f5SuJ7gHn4tVjK7KSdfES4yLEjSAwEfmkLUxxoO8MgPzCbkA2AiPg6AK3vZy6ZiMYwDO0_KNOnv7GojlHCdw8BF5jmYjwnwPwE0ZK9TlMb5j5m3zSJ0-lSD8B-QKmSy34nmg8nfReNlXcZWmbGBQGXR7-yF8w8GU82awil3GWq_rmWV23F6ewRyp4V7CFUFC3JImq6QGnJfvA5G0tJGcHRnnKuWkj4YQ0zNzlwEaNDeVmLkg9N2XHGfq1w4ukqYR2KCPFIHn4Kx0yAqKDRU6T0K3q0RqIXspNPm6U4Gh5rIGMlrEkbLkn-MUt_YuCbPd2XB4m0x3O5nrUw3FHKAEyp-hHPCq6krLOltG0NqaOxbFvM9wRlgTnkXrvqMtsQ9QFA488h0vQ9keeWROqSfL7hXBMP8wRuxSUputmbiQ8aRrqGWvhc-ixrOGmJ8mu7VU9kfDCRPhQjODIuIDuVnd1twIiABxwEWQjLmEWa9LyVcm7YaPZsdudpAtGfuDTEahIH3VE8QA9RyAefUn8-SpcHiiWwlFn2m3l1gXPb_EReu_O2P9Wg2HXeeuxFHFyk2Xk7D7I8jd-wbA1b1DJY6AbEUw0nIhq9FplYqJk1KYxEFzMIzu5ip8ZlDNSFnDuTHUzkoFTxeM_orvxhzV2DLHZOuuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 6319b231b22c9.jpeg
i.lb.ua/027/49/ 21 KB
21 KB 60ms
60ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/027/49/6319b231b22c9.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 4c7f4a331bbce912cc40e9aefe4059339f14669b1b3ffebf1b93d62939c699a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:50 GMT
last-modified: Thu, 08 Sep 2022 09:13:21 GMT
server: Microsoft-IIS/10.0
etag: "271c163e63c3d81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 21352

GET
H2 200 637e161fad357_200_130.jpeg
i.lb.ua/101/48/ 4 KB
5 KB 61ms
59ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/101/48/637e161fad357_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: fb8fc67d65bf73fc3d1321512c7a523b912252b21f00a2962bcd81c6f2ef9f43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:50 GMT
last-modified: Wed, 23 Nov 2022 12:46:24 GMT
server: Microsoft-IIS/10.0
etag: "6984409839ffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 4556

GET
H2 200 636e2e4f9ae2f.png
i.lb.ua/006/29/ 438 KB
438 KB 61ms
60ms Image
image/png 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/006/29/636e2e4f9ae2f.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 7b9025332a39d5ac0e06e78fd63c9fc1c2f5890e623fe9c038bc5876f1295173

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:50 GMT
last-modified: Fri, 11 Nov 2022 11:13:19 GMT
server: Microsoft-IIS/10.0
etag: "74e0e39abef5d81:0"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 448068

GET
H2 200 637df63566a2b_200_130.jpeg
i.lb.ua/059/41/ 7 KB
7 KB 60ms
59ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/059/41/637df63566a2b_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: 9bf42327fd6d6b916de5fe1bde1886e0773ec6604fd20b2934f7f920986bb012

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:50 GMT
last-modified: Wed, 23 Nov 2022 10:30:13 GMT
server: Microsoft-IIS/10.0
etag: "aa11659226ffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7259

GET
H2 200 637dcec328d70_200_130.jpeg
i.lb.ua/121/10/ 7 KB
7 KB 59ms
59ms Image
image/jpeg 157.90.133.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.lb.ua/121/10/637dcec328d70_200_130.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.133.197 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.133.90.157.clients.your-server.de
Software: Microsoft-IIS/10.0 /
Resource Hash: aaf428ae13bae734a4329acf785a6fa3e3426cbd7d1c825d88328a36d6294355

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://lb.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 00:36:50 GMT
last-modified: Wed, 23 Nov 2022 07:41:55 GMT
server: Microsoft-IIS/10.0
etag: "8155cffffd81:0"
content-type: image/jpeg
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 6841

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lb.ua/	1970-01-20 17:16:50	Name: __utma Value: 5405166.80024744.1669250207.1669250207.1669250207.1
.lb.ua/	1969-12-31 23:59:59	Name: __utmc Value: 5405166
.lb.ua/	1970-01-20 12:03:38	Name: __utmz Value: 5405166.1669250207.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.lb.ua/	1970-01-20 07:40:50	Name: __utmt Value: 1
.lb.ua/	1970-01-20 07:40:52	Name: __utmb Value: 5405166.1.10.1669250207
.lb.ua/	1970-01-20 09:50:26	Name: _fbp Value: fb.1.1669250206933.378640447
.lb.ua/	1970-01-20 17:02:26	Name: __gads Value: ID=3756fa7834efc362-22f7799781d70088:T=1669250207:RT=1669250207:S=ALNI_Ma-VfcLLcjEsqIDtsrfyET7i2QYyw
.lb.ua/	1970-01-20 17:02:26	Name: __gpi Value: UID=00000b866d0c2e7f:T=1669250207:RT=1669250207:S=ALNI_MbIc2EvhZ4beEzNAYWnTgq4l-dwhA
.doubleclick.net/	1970-01-20 17:02:26	Name: IDE Value: AHWqTUlGVgP0Ir8dHwJdpMX5Oe0faMqcYHsAj3P3nyk7iF6hV6dEU6_5RjStcEJcxyA
.doubleclick.net/	1970-01-20 07:40:53	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 09:50:26	Name: d Value: EGwBCQHTJ4EA
.pubmatic.com/	1970-01-20 07:42:16	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 17:11:04	Name: mc Value: 637ebca0-58124-27b12-1cee3
.casalemedia.com/	1970-01-20 09:50:26	Name: CMPS Value: 713
.pubmatic.com/	1970-01-20 09:50:26	Name: KADUSERCOOKIE Value: FC53E18B-B581-4F3B-9E1C-26F1C947D9D0
.agkn.com/	1970-01-20 16:26:26	Name: ab Value: 0001%3AHnf7pWoK0NrYByRg%2BQHxfx6WCpZu9Cdg
.agkn.com/	1970-01-20 16:26:26	Name: u Value: C\|0CEArEXkgKxF5IAAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 16:26:26	Name: CMID Value: Y368oOHcY9UsMkAHy0qQygAA
.casalemedia.com/	1970-01-20 09:50:26	Name: CMTS Value: 4501
.casalemedia.com/	1970-01-20 09:50:26	Name: CMPRO Value: 713
.innovid.com/	1970-01-20 09:50:26	Name: uuid Value: 450b37f1-16cc-4eea-b0e7-6c707f8186e0-20221123 19:36:48

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6096932064585080&output=html&h=600&slotname=8605697088&adk=1381437064&adf=322431305&pi=t.ma~as.8605697088&w=300&lmt=1669250193&format=300x600&url=https%3A%2F%2Flb.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669250206678&bpp=1&bdt=348&idt=286&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x150%2C336x280&nras=1&correlator=5253954939014&frm=20&pv=1&ga_vid=80024744.1669250207&ga_sid=1669250207&ga_hid=1346098499&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1041&ady=2281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070762%2C44770881&oid=2&pvsid=1852989241089506&tmod=2003525514&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=PPvPV25oRd&p=https%3A//lb.ua&dtd=290 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3Fbtcp4GrZFKEDsnGCDS5JYtG7l9Ys3OLKH1A9xGsHdC5YxsXRvW160DTOlJBxopOGpC9ZiAXA-XqNeCCMXMGPgBH3zFWNEz&google_gid=CAESEEdv86WI1ALUBSw1oWTN-s0&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
cat.nl.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.lb.ua
id.rlcdn.com
image6.pubmatic.com
lb.ua
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
104.18.33.19
142.250.186.130
157.90.133.197
178.250.2.148
185.64.190.78
2600:9000:21f3:1600:1e:a43d:b640:93a1
2606:4700:10::6816:3e78
2606:4700:10::6816:3f78
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:801::2002
2a00:1450:4001:803::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9d
2a02:2638:1::4
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::c
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8102:72a2:2127:6a05:29c2
34.98.67.61
35.157.182.139
35.186.253.211
35.244.174.68
69.173.144.138
01348caaa16ac38ef521784b90368092bd215861903db0f52473e4d502494227
051e7afd33d9455b6a77348dc4ace92eb8f3c633f5fe0b5a940418b3cba89f8d
06730f71edb2823ab78f1668f0508e5686ccf4714ed27f936a3fb1b25207ff4a
06bb817b29df78051363578fec56951aad59c5122053db9ce1ed25a5f0191330
0919deeaa1d1fbb101ac05ac7de11850215a14a46673c51422844ff03854e208
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b30f1d4a704499d462fa476e91847581bcf700d870930122d4a7cbf5ea80227
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
112f783b4034aa20d4d4705782d7ac925efe3bce8f267dc36f7a3ffab6a87347
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1343fe7c02e3a3331fb711c186c554f0719f9c94842f8befc0cd04ad1a745642
15b8238beefa098ed25654a9ec61e8432ba300e43c877ef8656bb1e50b445bdd
1709154c127fb87373f9e6dcd45e924a42ba33e5093432e1f59be1bd8b20268f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ecaccf7bb1497f3a0fbf75c6d5318623b43b145abc42dd7efb2aa82e85383a
1b9940a5a389e37238dba70536306bd8df18deca76c420e28b58a3702c84d2bc
1e809c6b6bb6de60e7092e922cae2ab2ba3c7c86ef462821ed99fe0051d3ffe3
2a369754f6103abcd6ac3556067fe1e8a60bd72cecab10e97c1ea1228d828b6a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33e4022f00f484e5d4c74bf0bd5e6f57658363c53915e3ff4b4122ccedc3267a
343446c56656d260051ff79b79f09f84a5b5301a4ca3039c18e91ab3f417eb25
36813b909dc440acf61639450320921eae3d26dbd95a91d42642531069f8e92f
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
373f27096c030f3e55e2455c6f85559f17708606c040211b2b9181f524841dd5
4184605cff7ec3a09e238ad9a8c297305abe1613cb3af988a7dd33b5c0600f62
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4bd0584d66bed09bf2b25306f0ae6094ed049b659c5a647d0520efa17e873fd9
4c7f4a331bbce912cc40e9aefe4059339f14669b1b3ffebf1b93d62939c699a0
4d7bcfdb0bda759f1238d1c6a70f8c45a618229722f20d59f5cc22ed01d4df0c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c648f86bb8be9cdc13191689a39adf2bb4bc7db598dedac8ed5f18eaebc717e
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
611654c045a36d9d48d10164db1ea38a5436aa9aacdff3b0b76aa2cf2c0c1360
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69b7dd1aee6432df156ba312cf76b50b95ea23b09a9cec18605beb5d6be08862
6aaa79cf906df06c6d5045c6489330af4c2119f1a0177d8c2d904540bc4ca89c
6cc6b8b1f05929e1df11b9308af7128b38513cdf257899e2c522995e9778ca52
6d822a1e33340d071e7af54d5e40d1a2f7f6265095877941d8778efd89756d85
6e9eda5dc74a1c770c667f5ae3110bb5ac7158fd79f277676f66b9e44385f353
71edc3edb39499f40634c5836431b15240382dbca10c6372e9d89b004d2dec4a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
769e443d1e12dd6d02fe7941d145a017eeedb4856373897afc1165d37fe1ae40
783a5b4f4d208130f4fb3bc0c6415517bbb88783a3702efb7668da0159eff99c
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79ef71b1c1ca55a14324abf23ca7f9f6fcdf48ac0d41a721754b0fed74c06548
7ad691c74c06f85c961bca790b97221efb4587066fba72fe6c0b9c7e36359e9d
7b406ca1451c51df193697d62b1ffb60a15c95f8a1ee3fb0a2631814aa18ca0d
7b59c18f706c25c7240c71bc90f4caca15d1cb3b44cebdbf90b3db5d80a16484
7b9025332a39d5ac0e06e78fd63c9fc1c2f5890e623fe9c038bc5876f1295173
7e0767a5363399aeeb02d1111596dec7d6b18f6f66d5eb98491ac41f98a5713b
7f93ae7e79e92e67a458b49e57691f2c0bb17aeff22f588cb5df37a4a04a5580
818016b9c5af68f8e40293b123feeadbaed400efe54d33e76784ec624b42643d
84b9ec7bad298e139002ca216fef4e7c70fbb4b5a12c705d0adabd986defc389
8507da21d0e2a655a81642e4472b55515bf86b3e533ab9cc8c17176cacc3499f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85cdc1c98059029a7fc7090fa02c4d43d2a01c92bb529038442156a52d1c83cc
89ff723d234c9777329556a085f4b52bd3a283525773c6c1ef8c77961160cb79
8c4b067752355f89f765d00190e02a73ac32b3197f2c9cd354a06e97dbf31aa6
8d16d8c8a681cc33ca41ec6dcb3a1898dc515cadab70167b7d8a3b366feb64fa
8d1d94446ecd93e19b278ea24b175d0e9a777793d2e22ec563aa2ba2090b28b9
8da5b66025007652edd6a88c75c3f29c3cc1c2b1d12364aca6e64d4b99e5e0d4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836
923cf619e2013cdf995ebe8d3076c1ba744c4045eb2e185d4f21c2d56ba871b2
95307c02b29989bc222247fc8ec742b548e93a39bec409e1577b5aaba4f8d00d
9721f47104316ebafbf76cdcbf55cf3213d2be00a0f0647619528cdaf5b3f49a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf42327fd6d6b916de5fe1bde1886e0773ec6604fd20b2934f7f920986bb012
9cb0b3ca35760a01c7b08a7f555aef232da20480a9ada0d7f39092aebdaf97a2
9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a13b1cd32e7b9c30863cca26804d84a21b8aeba1b44fac8c22cf793253e5258b
a2065e197884ce25cd9ebeac75b08cd90e7db0e20f5bb953dc5744bdb3b3d5c0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5fe9009b2e89d7c0b6503082bb464307b025620e5631192cd08c6043909663b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aaf428ae13bae734a4329acf785a6fa3e3426cbd7d1c825d88328a36d6294355
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ae7a289690f533d74394d01d37ad271db9e7976caa036fe30a879fbdb58a82bf
b00d32d226e40d8ac2eb0a6851388d6682f0196e8c1ce46db8e06d6571cf5a0d
b50b0db1df4e80d8cda87e483a7cc03cf70e93f0259b8285ec04e2e5e1246abd
b83ab38fc8da5b3ba70b481cea94134b0a8f4e826aee07c0d39833f20437cbe6
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bc172828a6c179f7dbf8412af220f532bdddeb5fc4b8e0bd2a902ab26cafefcb
bea328dcf0c82c98c0ce46181cacac43dfe68f0ee4b0a41a8aee0cf7b69c5c74
c08ef9ca69ace773a306b41f35d2635af40f0f5c261e515ffd446bbde0edc451
c4d00d0c5c8ab1c7a96c4795bd90fb9e4bb8b2cc36144254f01201b2e70f1678
c851e696f8a140968b5907d04e5672c9265ddc0793ab6327f8c7fa65c576fea5
cc3e9bc1d300fff9c6034d7df4d23378854e6383b4fcf30b07130357fa299e34
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d4123026ffdacc6cf1d33449aa52952dab7ada93e667d54e25125d17bbbba5f6
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d91d510f3c93bf425d89437e1d18c99fac8319384cab35ab8027d8d6bdfa88a4
da9b1b79b2cfbd26133badd6810d47c34b923fa2170eba809f7fd61f1535666b
dad64e411c3ff250c15b64b7cb2a14370daf7af5df366f76a062f12176a41b32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebade2ac5bbd5fbaf1d63ff98ae10fa938cb13d0d4a225ad395e3d93e2fdacae
eea62f038032b0eeb198317b91cc807297a6eb1bd370bac2dc0b6f41cc6fbeeb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23e1498708c53c1cb17cac923419077b69eb6eed60cdd24bfd8bbf189ff6e01
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6f6baa5fa4616c905fa7630360ca8c6828ae91723ec822b1915203a1744b4b5
f6fcf69eaea919957c31b5334a776c871f44e582871329c3481ec2817805288e
fb8fc67d65bf73fc3d1321512c7a523b912252b21f00a2962bcd81c6f2ef9f43
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

lb.ua Open in urlscan Pro 2606:4700:10::6816:3e78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

94 %HTTPS

72 %IPv6

24 Domains

36 Subdomains

31 IPs

7 Countries

2924 kBTransfer

5480 kBSize

21 Cookies

14 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lb.ua Open in urlscan Pro
2606:4700:10::6816:3e78 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

94 %
HTTPS

72 %
IPv6

24
Domains

36
Subdomains

31
IPs

7
Countries

2924 kB
Transfer

5480 kB
Size

21
Cookies

183 HTTP transactions
7 data transactions