www.ahelp.ua Open in urlscan Pro
2a01:4f8:222:1791::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ahelp.ua/vin.html
Submission: On December 24 via api (December 24th 2023, 11:53:12 am UTC) from US — Scanned from DE

Summary HTTP 172 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 32 domains to perform 172 HTTP transactions. The main IP is 2a01:4f8:222:1791::1, located in Ehingen, Germany and belongs to HETZNER-AS, DE. The main domain is www.ahelp.ua.
TLS certificate: Issued by R3 on December 4th 2023. Valid for: 3 months.

This is the only time www.ahelp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	2a01:4f8:222:... 2a01:4f8:222:1791::1	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1 12	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2606:4700::68... 2606:4700::6812:109c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
3 3	52.28.181.94 52.28.181.94	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.195.61.190 18.195.61.190	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1 2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2600:9000:264... 2600:9000:2644:c200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:fd6c:63e6:cf75:41c6	16509 (AMAZON-02) (AMAZON-02)
172	33

57 2a01:4f8:222:1791::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

www.ahelp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:109c (United States)

ASN13335 (CLOUDFLARENET, US)

bank.gov.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.181.94 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-181-94.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.61.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2644:c200:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:fd6c:63e6:cf75:41c6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	ahelp.ua www.ahelp.ua	675 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	325 KB
21	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	69 KB
15	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	79 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	139 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
5	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 3061 d.adroll.com — Cisco Umbrella Rank: 1380	27 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	3 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 818	3 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	71 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	19 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13930	1 KB
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	1013 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	129 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 587	17 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	40 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 97477	549 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	327 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	387 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	173 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	540 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	bank.gov.ua bank.gov.ua — Cisco Umbrella Rank: 323078	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
172	32

	Domain	Requested by
57	www.ahelp.ua	www.ahelp.ua
15	www.google.com	1 redirects www.ahelp.ua www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	pagead2.googlesyndication.com	www.ahelp.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	www.gstatic.com	www.google.com googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	mc.yandex.com	3 redirects www.ahelp.ua
4	s.adroll.com	1 redirects www.ahelp.ua s.adroll.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	fonts.gstatic.com	fonts.googleapis.com
3	pm.w55c.net	3 redirects
3	mc.yandex.ru	1 redirects www.ahelp.ua
3	www.googleadservices.com	www.ahelp.ua
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	x.bidswitch.net	googleads.g.doubleclick.net
2	gcm.ctnsnet.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	www.ahelp.ua googleads.g.doubleclick.net
2	ssl.google-analytics.com	www.ahelp.ua
2	cdn.jsdelivr.net	www.ahelp.ua
1	d.adroll.com	s.adroll.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.google.de	www.ahelp.ua
1	bank.gov.ua	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	www.ahelp.ua
172	42

This site contains links to these domains. Also see Links.

Domain
ukrainiansworld.com
www.facebook.com

Subject Issuer	Validity	Valid
www.ahelp.ua R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
bank.gov.ua GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.ahelp.ua/vin.html
Frame ID: 164CAE1B1B0BA202D520E7C23628D23C
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: C04EFBA20A54C8D5EF906EFEF8EDF551
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=hxor6tgqgts
Frame ID: 2E9EC232AF59E7DA06C886A2B6B0BF7D
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=v3a09chgjsyb
Frame ID: 867358E971A071A4A4C9BA7E622E5D45
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&adk=1812271804&adf=3025194257&lmt=1674960907&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786549&bpp=4&bdt=424&idt=254&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5095755069611&frm=20&pv=2&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: C4FB18E9AC2AAE15C318431B81CB041C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344
Frame ID: C29FCDC05A163856378EDF4F367322CE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=100&slotname=3927190693&adk=1678171744&adf=2979842561&pi=t.ma~as.3927190693&w=320&lmt=1674960907&format=320x100&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=368&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=381
Frame ID: 5C96D5CB382BBC89854B7C9012965666
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=280&slotname=5788200972&adk=3945262639&adf=1251252648&pi=t.ma~as.5788200972&w=408&fwrn=4&fwrnh=100&lmt=1674960907&rafmt=1&format=408x280&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=396&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Frame ID: DB0981FC5375CBE48F3155890D932A2F
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe
Frame ID: FE457CD5BE9F2650EB8CAC96D16F5E11
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j5sm341xr0astdvchwpp4zechk35mbjc38adbkc31ajfefe4tsnrsgkmaa26vep781jjmm6enj9kwva7xz3grsw677k8mh7daftyq4rv61hnq8wgcgeassnxm99a1r6r3vmbktaamr7ajwcsarkmht6s6qdnh6jzkfvhqwdetp6xxhk7z2zv35y1vvjmdz5bwzc4eqftp2wx3etr13hjqvtswa5dthnthzvg1pmmv10zpj03jn6zv4gh50zvacatmwxfykvvj0h8jet0srkzcmtgnc08qrtvj51em6dpn32hgk6pr23gt0fsy1e1frrbyr3xyhw4pxxf7xr31tbvs6yx575ggrhh7c9zwstjwq9fnd7ng5yx737gj64j8d1dassvv93abmyp135khmp4z4tgr7wvrc77rcq2e9esete7spytny4aadmmcm6dbk0xwyq74z2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%26client%3Dca-pub-1195246028556003%26adurl%3D
Frame ID: F8BB498290ECF01CAFC14E3A74B18AC9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 989C460600DA1EAE8252478F77A2D128
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: C59158A53562A603EF92E5B4C1AFE327
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Frame ID: 567FCBFBBB15085CDE958794330447EA
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97AA0815A5E108ACA01C3AAC74FFDB34
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B74B47226CDDC13A2B85E2926BDCE71
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 371790E4B48BA0C515419A5E55D2FEC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2FE6EE9983A6C904963EB5D1260BAFE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C0C5B78333B991273A9DDC31AFD3D11
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Проверка vin-кода - Ахелп. Бесплатно

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

172
Requests

92 %
HTTPS

68 %
IPv6

32
Domains

42
Subdomains

33
IPs

7
Countries

2632 kB
Transfer

7581 kB
Size

46
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ukrainiansworld.com/v-ukraine/ukraina-geroicheski-srazhaetsya-za-svobodu-kak-mozhno-pomoch-armii-i-prostym-lyudyam/
Title: ПОМОЧЬ УКРАИНСКОЙ АРМИИ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ahelpua

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10227.3uY3hUU8g7FgkLaU4nqubHXzd8VcgWPB6S0WhNSBmz-SGVzucNXVjErjoylauAgX.uY63rBWNe8LUxCdBTQFZWUv3t1E%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10227.rqz-3DEi2Z6ISNv6jUWO5MBvf-HA2lxED1wB794X0NPFF5hvS9awcjHjB4pvA8guRv3QiAXXWAn2Em58ULa53-2Rh2rVlW-1srYBYlJwkUJhmXhhZ0GHWuuKj7M0bEu0nUaYOGeWBmxicQuzNIaHyuZdeRj98ih07XPbxNLenkhoJsk9ex5c4bF5iQ6kEMTZbrCg3LXTk3_588Oyzughy9ACV1X5-ZUbPOxu17_ZXe0%2C.JJorG1ohIEXeomshjaLKYBwT7pQ%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10227._ad4kM0wF42yy7hK2S8ah4YyqVd6dLwq3gdJhrIV_1QkOskqjpIFQFF5GTu1uchlTyRIzb4vzxLS9OcHzDyIYJtq7yv_LS2GaLyfawkkmHSkgVDjy6p3rqeUiqIfA3g9MfrwOEu2cTnRl-746FfDCbDn88AxQSippf6pgCLAhqx2ztqhJ7Hs8mX9d50jJAsyNjKBLw2BHjwtyzSZxHU1eQ%2C%2C.-hz0IHXrJ_dbN1GgGQDrhKSQdog%2C

Request Chain 94

https://mc.yandex.com/watch/17959918?wmode=7&page-url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A536480479869%3Ahid%3A43946706%3Az%3A60%3Ai%3A20231224125306%3Aet%3A1703418787%3Ac%3A1%3Arn%3A104101860%3Arqn%3A1%3Au%3A1703418787230076729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C51%2C725%2C1%2C0%2C0%2C%2C484%2C2%2C%2C%2C%2C1589%3Aco%3A0%3Acpf%3A1%3Ans%3A1703418785018%3Afp%3A1289%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703418787%3At%3A%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/17959918/1?wmode=7&page-url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A536480479869%3Ahid%3A43946706%3Az%3A60%3Ai%3A20231224125306%3Aet%3A1703418787%3Ac%3A1%3Arn%3A104101860%3Arqn%3A1%3Au%3A1703418787230076729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C51%2C725%2C1%2C0%2C0%2C%2C484%2C2%2C%2C%2C%2C1589%3Aco%3A0%3Acpf%3A1%3Ans%3A1703418785018%3Afp%3A1289%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703418787%3At%3A%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 107

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&google_cver=1&google_push=AXcoOmQgt1Xwr5Rpexo9Q72g42mRhuJhXiLKNZ2Iy7Pl4ibDOuF9Lfw3In_OfqRXnhlQaCkoM0ROEzfRELZND-8XThX-N2bU6-g3xw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&google_cver=1&google_push=AXcoOmQgt1Xwr5Rpexo9Q72g42mRhuJhXiLKNZ2Iy7Pl4ibDOuF9Lfw3In_OfqRXnhlQaCkoM0ROEzfRELZND-8XThX-N2bU6-g3xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&google_cver=1&google_push=AXcoOmQgt1Xwr5Rpexo9Q72g42mRhuJhXiLKNZ2Iy7Pl4ibDOuF9Lfw3In_OfqRXnhlQaCkoM0ROEzfRELZND-8XThX-N2bU6-g3xw

Request Chain 108

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELAHGQIiGb5zMQ2ptwBU9Gg&google_cver=1&google_push=AXcoOmQ5_nH39uRSTTxHuIWajDjbm5QvsgSlmlLCkMhXdGlTojnF7nBz6XViADAwtupQewlEdNcxxaSNmZJl-at3hihFnY9-kRriqw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAHGQIiGb5zMQ2ptwBU9Gg&google_push=AXcoOmQ5_nH39uRSTTxHuIWajDjbm5QvsgSlmlLCkMhXdGlTojnF7nBz6XViADAwtupQewlEdNcxxaSNmZJl-at3hihFnY9-kRriqw

Request Chain 109

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELO6p8-3x63NdRhlQ88SRHU&google_cver=1&google_push=AXcoOmTd7103nA3TPuunRmbux64E75NG8bAU6O7iCyT51fb97x9hn44xAUsi1Mhxp6J3qcjgMoohWxMNw7UmS1NeIsUu6vgVahhwGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTd7103nA3TPuunRmbux64E75NG8bAU6O7iCyT51fb97x9hn44xAUsi1Mhxp6J3qcjgMoohWxMNw7UmS1NeIsUu6vgVahhwGg&google_hm=wI49B_ZISaiVh247Upeo8xc

Request Chain 112

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFPS3bpV2jq6qZ4EoEPXiNA&google_cver=1&google_push=AXcoOmQqcpQ6ZR5gSK6AYfJiogTXi2rGWalBtspozkftbNw4eggyqYTSLI0PTYDneu9n1etveF4I8RYb5FRxLkmVW6kMm7LVv4nAlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqcpQ6ZR5gSK6AYfJiogTXi2rGWalBtspozkftbNw4eggyqYTSLI0PTYDneu9n1etveF4I8RYb5FRxLkmVW6kMm7LVv4nAlQ

Request Chain 133

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJbDmL6BqIMDFUaSgwcdP1UGUA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703418788_01505050-a253-11ee-9488-2234841a3abe

Request Chain 146

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ-T8lLUVzKdAnSq0R0fcCU&google_cver=1&google_push=AXcoOmSyXdBcsqOFQtwK_oJU9RvrfQtfhkSmJsz9-zUc26yyy-1i_ItErQSocyXBXIKnp7GBKYT3hwCGjtFSqjB7FJCfFnwSaRBxXg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM0MTExNDQ1MDcwMDI5NTg3MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxQjLCXQPnq5djMElsCIb4&google_cver=1

Request Chain 148

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGxHGLoMQdC_rHKSDzh7LTs&google_cver=1&google_push=AXcoOmQlVOKbptkrzw6MMrBVxPsXfxz0nhHmkv-KMSBW0M6txZgXoikamKf2n_ybDDBRw8tErujeXD-drbCwc71X7pazaEpblhfo6wQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEGxHGLoMQdC_rHKSDzh7LTs&google_cver=1&google_push=AXcoOmQlVOKbptkrzw6MMrBVxPsXfxz0nhHmkv-KMSBW0M6txZgXoikamKf2n_ybDDBRw8tErujeXD-drbCwc71X7pazaEpblhfo6wQ

Request Chain 149

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO2Mkl8_cRvIMmEwRiXEauY&google_cver=1&google_push=AXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO2Mkl8_cRvIMmEwRiXEauY&google_cver=1&google_push=AXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 150

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHRJ8R-sqh2NtXw-A9vySpg&google_cver=1&google_push=AXcoOmRKKE6b5JSAwSsvKfjljeHio5weby-EUDqVEbgVeId7IDWb6kGJ5yqHWZ5ZmLtls7INnZuiG1RwmXcy3PRZthrNkgM7IwmgoIk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRKKE6b5JSAwSsvKfjljeHio5weby-EUDqVEbgVeId7IDWb6kGJ5yqHWZ5ZmLtls7INnZuiG1RwmXcy3PRZthrNkgM7IwmgoIk&google_hm=wI49B_ZISaiVh247Upeo8xc

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

https://googleads.g.doubleclick.net/pagead/adview?ai=CM_rFohuIZZSZPMCN1fAPhZmcoAGKpsfwc6zd2seBEt2Mp72tAhABIIzAuydglfrwgYwHoAGa6KvCKcgBAakCcfXckmZ6sj6oAwHIA8sEqgTlAU_Qeev2WO-oAr_bUPD64fbyCuOaR_ahaebqeW0YyntkneRDmDI-Z_VQ0poi_fa5rvbxSZeZqRQcre4C3ad6mlMPEC8l2KnzKMAP9YfZhQH4Hz8bxiyJCXgZrvfiBiDOFyiyjq5AktUSWhTSfaZQd9EB8zq8xf4dEokO0T_kSr9nWztvFPYysRmJeShbTzwkydPFGY0hjAeKoGWZDsRJK3sivy_b0AygDq6kUptaTAJIdujSsx8eyoIWaSLPzlUyhuYwRN4PgFGXwFp3Yfk_zg_j_3ITyApQyZMOJ-gkWMi2ZG0RwsHABP-t-PXDBIgF4OfkjUySBQQIBBgBkgUECAUYBIAHmqD8oQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCpmArSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WILSzr2BqIMDmgksaHR0cHM6Ly9qb2JtZXNoLmRlL3J1LWdlcm1hbnkvd2l0aG91dC1nZXJtYW6ACgHICwGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAtgTC4gUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTk1MjQ2MDI4NTU2MDAzGAA&sigh=24IwhQmCziQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_7sfqczP1IpPlqQyHOjYlF8QWaDk8rsciLM2A2nqdKUVUwmZreO8riD7GEK1jPQzO1lcXh5DzGAE&template_id=5028&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226570924864558659493%22,%22debug_reporting%22:true,%22destination%22:%22https://jobmesh.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211144983578%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225991509540161092129%22}&andc=true

Request Chain 163

https://s.adroll.com/j/pre/VMX5SDRFBRB7JGIZMPKYTL/PHSWP7M6WZAE5ESPJDPVZN/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

172 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request vin.html Show response
www.ahelp.ua/ 153 KB
23 KB 1103ms
725ms Document
text/html 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: adbd0787ee6aa76cc100b63cfa41aee8db3d729198596efbde9137b50d253719

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 22989
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 11:53:06 GMT
last-modified: Sun, 29 Jan 2023 02:55:07 GMT
link: <https://www.ahelp.ua/wp-json/>; rel="https://api.w.org/", <https://www.ahelp.ua/wp-json/wp/v2/pages/19142>; rel="alternate"; type="application/json", <https://www.ahelp.ua/?p=19142>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-ray: wn42248:0.680/wa42248:D=673017

GET
H2 200 frontend.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/css/ 128 KB
16 KB 34ms
26ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/css/frontend.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c453736e49a5470d86094d2f4510bc96d7aa5f1510b20d0fc427624b1562d64a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-20197"
content-type: text/css

GET
H2 200 post-18456.css
www.ahelp.ua/wp-content/uploads/elementor/css/ 12 KB
1 KB 35ms
27ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/uploads/elementor/css/post-18456.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 47ac0868de672b04988f586a974ce50643cf833d0a48a1c5dc460936eaab6c08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 20 Jul 2022 14:38:49 GMT
server: nginx
etag: W/"62d81379-3120"
content-type: text/css

GET
H2 200 style.min.css
www.ahelp.ua/wp-includes/css/dist/block-library/ 102 KB
13 KB 57ms
50ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 09 Aug 2023 01:06:10 GMT
server: nginx
etag: W/"64d2e682-19824"
content-type: text/css

GET
H2 200 url-span.css
www.ahelp.ua/wp-content/plugins/clearfy/components/comments-plus/assets/css/ 338 B
476 B 58ms
51ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/clearfy/components/comments-plus/assets/css/url-span.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 94adf61f4c2e0b50a47ab73f1d1711191654cd62d02f6f727e86babcb2c6f77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Fri, 19 May 2023 17:37:39 GMT
server: nginx
etag: "6467b3e3-152"
content-type: text/css
accept-ranges: bytes
content-length: 338

GET
H2 200 styles.css
www.ahelp.ua/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1012 B 58ms
51ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Fri, 19 May 2023 17:37:07 GMT
server: nginx
etag: W/"6467b3c3-b2b"
content-type: text/css

GET
H2 200 style.css
www.ahelp.ua/wp-content/plugins/vin-check/assets/ 10 KB
2 KB 59ms
52ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vin-check/assets/style.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: b6a2aa062f98b239b556ef35fd8aa2c18d31c25b1624475b8d70bd1079fb5a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Tue, 23 May 2023 09:35:55 GMT
server: nginx
etag: W/"646c88fb-27b3"
content-type: text/css

GET
H2 200 calc.css
www.ahelp.ua/wp-content/plugins/vin-check/assets/ 1 KB
2 KB 59ms
52ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vin-check/assets/calc.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 51d48c4d19c80af29f2bd31b53c278a6977c9719db44bfb1988d560fce17c9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Mon, 04 Oct 2021 21:10:11 GMT
server: nginx
etag: "615b6db3-5f9"
content-type: text/css
accept-ranges: bytes
content-length: 1529

GET
H2 200 elementor-icons.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/eicons/css/ 18 KB
4 KB 59ms
53ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d2a442e1bc1180697fefe701f9b67b9cf4d819e2837bdb43898a2db6ef8e8262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-49d4"
content-type: text/css

GET
H2 200 post-19129.css
www.ahelp.ua/wp-content/uploads/elementor/css/ 950 B
1 KB 60ms
53ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/uploads/elementor/css/post-19129.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c21db4437458adebf5a43a108edef57f700150b89a5735199499b66379a5947d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Wed, 20 Jul 2022 14:38:21 GMT
server: nginx
etag: "62d8135d-3b6"
content-type: text/css
accept-ranges: bytes
content-length: 950

GET
H2 200 frontend.min.css
www.ahelp.ua/wp-content/plugins/elementor-pro/assets/css/ 247 KB
26 KB 60ms
54ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor-pro/assets/css/frontend.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e0da3dd275d1ebb90faeaf51f5f2a7f36168afb9f4b023275ec1daa31e625a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:14 GMT
server: nginx
etag: W/"615b6e2e-3dc65"
content-type: text/css

GET
H2 200 all.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
12 KB 72ms
66ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-e7d0"
content-type: text/css

GET
H2 200 v4-shims.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 72ms
66ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-684e"
content-type: text/css

GET
H2 200 post-19142.css
www.ahelp.ua/wp-content/uploads/elementor/css/ 927 B
1 KB 72ms
67ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/uploads/elementor/css/post-19142.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 284ec68a69ea912618f22b135ae67fa5b39353ca432eb8bc70130edff8979183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Sun, 29 Jan 2023 02:59:22 GMT
server: nginx
etag: "63d5e10a-39f"
content-type: text/css
accept-ranges: bytes
content-length: 927

GET
H2 200 style.css
www.ahelp.ua/wp-content/themes/vehica/ 520 KB
60 KB 72ms
67ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/themes/vehica/style.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c0ea575195895a7ff72d60dbb92b10e58942e1150650a17f809a2de3e6e87ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:09:20 GMT
server: nginx
etag: W/"615b6d80-8219d"
content-type: text/css

GET
H2 200 fontawesome.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 73ms
67ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-e238"
content-type: text/css

GET
H2 200 regular.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 677 B
813 B 73ms
67ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: "61905aa4-2a5"
content-type: text/css
accept-ranges: bytes
content-length: 677

GET
H2 200 solid.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
805 B 73ms
68ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: "61905aa4-29d"
content-type: text/css
accept-ranges: bytes
content-length: 669

GET
H2 200 brands.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
811 B 73ms
68ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: "61905aa4-2a3"
content-type: text/css
accept-ranges: bytes
content-length: 675

GET
H2 200 vue-select.min.css
www.ahelp.ua/wp-content/plugins/vehica-core/assets/css/ 4 KB
1 KB 73ms
68ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vehica-core/assets/css/vue-select.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3dfe6efbc98da6ceae7c2d0c29bfe90af94d5a200bd612d6e09b2b67c001ee76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:51 GMT
server: nginx
etag: W/"615b6e53-11c1"
content-type: text/css

GET
H2 200 jquery.min.js Show response
www.ahelp.ua/wp-includes/js/jquery/ 85 KB
29 KB 74ms
69ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 09 Aug 2023 01:06:10 GMT
server: nginx
etag: W/"64d2e682-155ba"
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.ahelp.ua/wp-includes/js/jquery/ 13 KB
5 KB 74ms
69ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 09 Aug 2023 01:06:10 GMT
server: nginx
etag: W/"64d2e682-3509"
content-type: application/javascript

GET
H2 200 script.js Show response
www.ahelp.ua/wp-content/plugins/vin-check/assets/ 14 KB
2 KB 74ms
69ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vin-check/assets/script.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: aa06cd0a6afbf185ce43532d97b197779a068f6fe1af523a40f74a3ce198deb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Tue, 23 May 2023 09:36:26 GMT
server: nginx
etag: W/"646c891a-3947"
content-type: application/javascript

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@rc/dist/ 2 KB
2 KB 92ms
30ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15863
x-jsd-version: 3.0.0-rc.4
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"695-pXILqyxk6ej3gkrdagCqNfKaZZQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FdP5fc71%2FFVKtzulyZZNMjhqzGNZ5DvK6Ur0qbNg%2BnTYgIv1zcCBJslNcvElopQMv3ntuhMEYyoIz5DEMfd3jVVtEVZKLzYp%2BRS9wmnDXGLkR1887%2Byj2ENF%2BSS%2FiQtdQbPY3XaFkGImFNloiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83a8a455cc9f9950-FRA

GET
H2 200 v4-shims.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 74ms
70ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-3acf"
content-type: application/javascript

GET
H2 200 lazysizes.min.js Show response
www.ahelp.ua/wp-content/plugins/vehica-core/assets/js/ 8 KB
3 KB 74ms
70ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vehica-core/assets/js/lazysizes.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3ebc05e394f3bbfaff8ecac9f2064f821bbe2fa91ea3278d24436054b1d28904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:54 GMT
server: nginx
etag: W/"615b6e56-1e5b"
content-type: application/javascript

GET
H2 200 css-lazy-load.min.js Show response
www.ahelp.ua/wp-content/plugins/clearfy/assets/js/ 1014 B
1 KB 74ms
70ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/clearfy/assets/js/css-lazy-load.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9cf322ba61df85137ce954428f4f9adff3b760ea6f1d7e07584bf9b599cb1cd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Fri, 19 May 2023 17:37:39 GMT
server: nginx
etag: "6467b3e3-3f6"
content-type: application/javascript
accept-ranges: bytes
content-length: 1014

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 139ms
67ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1195246028556003

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

711803dad7b5528a3ff520c4ca141515b4b5b8bba89e0fdca47bd23c582db54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Origin: https://www.ahelp.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51626
x-xss-protection: 0
server: cafe
etag: 17572846054444855982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:53:06 GMT

GET
H2 200 logo-1.png
www.ahelp.ua/wp-content/uploads/ 15 KB
15 KB 75ms
71ms Image
image/png 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ahelp.ua/wp-content/uploads/logo-1.png
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d64fe538a0010798113b860edc7a1f03831ceaaa207ed3399c4a2fe3428358c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Mon, 04 Oct 2021 21:08:14 GMT
server: nginx
etag: "615b6d3e-3bf7"
content-type: image/png
accept-ranges: bytes
content-length: 15351

GET
H2 200 logo2.png
www.ahelp.ua/wp-content/uploads/ 12 KB
12 KB 75ms
71ms Image
image/png 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ahelp.ua/wp-content/uploads/logo2.png
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d9a4c43693bb5ca88030b5d5df209a66937a94cb48788731c8fbc6d785b2afa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Mon, 04 Oct 2021 21:08:14 GMT
server: nginx
etag: "615b6d3e-3100"
content-type: image/png
accept-ranges: bytes
content-length: 12544

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 158ms
86ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

904afdd82be58333df6bd324fa07aaa9d80cbe86366a7061c5a284ed184239f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51617
x-xss-protection: 0
server: cafe
etag: 5184831556738518534
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:53:06 GMT

GET
H2 200 engine.png
www.ahelp.ua/wp-content/uploads/ 20 KB
20 KB 69ms
67ms Image
image/png 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ahelp.ua/wp-content/uploads/engine.png
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2db0230982dea31be2225dd5e70ece1340ab51a316eeaa3caedddb12cdd18f77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Mon, 04 Oct 2021 21:08:13 GMT
server: nginx
etag: "615b6d3d-4f88"
content-type: image/png
accept-ranges: bytes
content-length: 20360

GET
H2 200 language-switcher.min.css
www.ahelp.ua/wp-content/plugins/connect-polylang-elementor/assets/css/ 6 KB
1 KB 25ms
24ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/connect-polylang-elementor/assets/css/language-switcher.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 390c07c93fd32afe54a95f370b1e8f2eccafd3e26dd34ddf4fdf1df4461ae074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 17 Jul 2022 19:09:42 GMT
server: nginx
etag: W/"62d45e76-19fc"
content-type: text/css

GET
H2 200 animations.min.css
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 25ms
25ms Stylesheet
text/css 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/animations/animations.min.css
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-4824"
content-type: text/css

GET
H2 200 url-span.js Show response
www.ahelp.ua/wp-content/plugins/clearfy/components/comments-plus/assets/js/ 348 B
496 B 35ms
27ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/clearfy/components/comments-plus/assets/js/url-span.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: ab1354779e82eec565fab7946c49a17c5d83357b7c0179f16ccdaff085ee998e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Fri, 19 May 2023 17:37:39 GMT
server: nginx
etag: "6467b3e3-15c"
content-type: application/javascript
accept-ranges: bytes
content-length: 348

GET
H2 200 index.js Show response
www.ahelp.ua/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 36ms
28ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Fri, 19 May 2023 17:37:07 GMT
server: nginx
etag: W/"6467b3c3-2801"
content-type: application/javascript

GET
H2 200 index.js Show response
www.ahelp.ua/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 36ms
28ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Fri, 19 May 2023 17:37:07 GMT
server: nginx
etag: W/"6467b3c3-328f"
content-type: application/javascript

GET
H2 200 vue@2 Show response
cdn.jsdelivr.net/npm/ 105 KB
39 KB 44ms
36ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d92e89b0639956bfba19d5e428c5f6f35c00727b70bcebc583bc694d13e761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22712
x-jsd-version: 2.7.15
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220118-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1a347-2MV/4OpoGC9htXszftP+wXkdOfU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGuJO2ywSJIE8KChHh2mnlT%2B9q3%2B3yfLrJ81pdWjGko0K6C5SG2QWj9wl3ZSDQtacLjKaLh%2FB0oDqd4IoGHNLERDvyxrASMjzvciM6ezuErDpBrFpl%2BLtXQo5N7AjgPZC1EDzKGFTxMYgDBJUMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83a8a4564d109950-FRA

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/ 14 KB
5 KB 106ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2184540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Tue, 22 Dec 2020 05:22:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fe182ae-3813"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUNBin3E60p%2FI49i9yNja2Dye3rLJFZDT0zAmqc2N3XCeSnuELbcppYboDI5Atn6Fc7YvExNAqqXvXUih5g3wQBFhWeoM69JNWrovshUTZHRdL5gEjyZAbkD1MunKWebbpv1mzbI52qITTXO8zF9gBju"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a8a456bdcabbcb-FRA
expires: Fri, 13 Dec 2024 11:53:06 GMT

GET
H2 200 calc.js Show response
www.ahelp.ua/wp-content/plugins/vin-check/assets/ 6 KB
1 KB 35ms
29ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vin-check/assets/calc.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 83c817180aaf0ad14e9cc945b890796202a0a91e21447e81a9b72eca3180f668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:10:11 GMT
server: nginx
etag: W/"615b6db3-17e4"
content-type: application/javascript

GET
H2 200 swiper.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
33 KB 37ms
30ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-21f91"
content-type: application/javascript

GET
H2 200 sweetalert2.min.js Show response
www.ahelp.ua/wp-content/plugins/vehica-core/assets/js/ 65 KB
17 KB 39ms
32ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vehica-core/assets/js/sweetalert2.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: feaabe9700758ebae63a87e273e76fea55dda9cb91a974e73779ba8b47587db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:55 GMT
server: nginx
etag: W/"615b6e57-105f6"
content-type: application/javascript

GET
H2 200 elements.min.js Show response
www.ahelp.ua/wp-content/plugins/vehica-core/assets/js/ 422 KB
102 KB 50ms
44ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/vehica-core/assets/js/elements.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: f4729c5586b31ba3a46f1649da475e199a8126959d85e48baa8e2c3dadbf2d22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:54 GMT
server: nginx
etag: W/"615b6e56-69612"
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
935 B 107ms
31ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d55e7cef7ca52eb863938d3425d15dc2e0874e84e66ac0e236585230e827b7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 24 Dec 2023 11:53:06 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
www.ahelp.ua/wp-includes/js/dist/vendor/ 8 KB
2 KB 54ms
48ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 29 Mar 2023 19:01:56 GMT
server: nginx
etag: W/"64248b24-1feb"
content-type: application/javascript

GET
H2 200 regenerator-runtime.min.js Show response
www.ahelp.ua/wp-includes/js/dist/vendor/ 6 KB
2 KB 55ms
50ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 29 Mar 2023 19:01:56 GMT
server: nginx
etag: W/"64248b24-19cf"
content-type: application/javascript

GET
H2 200 wp-polyfill.min.js Show response
www.ahelp.ua/wp-includes/js/dist/vendor/ 16 KB
6 KB 56ms
50ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 09 Aug 2023 01:06:10 GMT
server: nginx
etag: W/"64d2e682-3f12"
content-type: application/javascript

GET
H2 200 index.js Show response
www.ahelp.ua/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
1 KB 56ms
51ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/contact-form-7/modules/recaptcha/index.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Fri, 19 May 2023 17:37:07 GMT
server: nginx
etag: "6467b3c3-3e7"
content-type: application/javascript
accept-ranges: bytes
content-length: 999

GET
H2 200 webpack-pro.runtime.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 57ms
52ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a82d81a395b044b1fa027aa2bca0a64aa0207a3c8138d516362c2652d95b4b3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:19 GMT
server: nginx
etag: W/"615b6e33-125e"
content-type: application/javascript

GET
H2 200 webpack.runtime.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 57ms
52ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: bd1bff7954f120af88956d2577e4ae604e2f761c13ca0c494d7dd690cab41106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:38:59 GMT
server: nginx
etag: W/"61905aa3-130f"
content-type: application/javascript

GET
H2 200 frontend-modules.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/js/ 14 KB
4 KB 58ms
53ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e91268ba3ec9909ec8544cc5ac11e8a8ab01594816250240f0a33be97eb887c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-36b2"
content-type: application/javascript

GET
H2 200 frontend.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor-pro/assets/js/ 19 KB
5 KB 58ms
53ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 600bd95ca832458fa7120048bc369eb9dd722b74e254f5793e9181db973d66d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:18 GMT
server: nginx
etag: W/"615b6e32-4dbc"
content-type: application/javascript

GET
H2 200 waypoints.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 59ms
54ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-2fa6"
content-type: application/javascript

GET
H2 200 core.min.js Show response
www.ahelp.ua/wp-includes/js/jquery/ui/ 21 KB
7 KB 60ms
55ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-includes/js/jquery/ui/core.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Wed, 29 Mar 2023 19:01:56 GMT
server: nginx
etag: W/"64248b24-53be"
content-type: application/javascript

GET
H2 200 share-link.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 60ms
56ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-a12"
content-type: application/javascript

GET
H2 200 dialog.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/dialog/ 11 KB
3 KB 61ms
57ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-2a6f"
content-type: application/javascript

GET
H2 200 frontend.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/js/ 36 KB
10 KB 62ms
58ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/js/frontend.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: ce8b36c2b69b8ba39cf14fbcfca379233556fa6a51df3a361795012a22935dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:38:59 GMT
server: nginx
etag: W/"61905aa3-8efd"
content-type: application/javascript

GET
H2 200 preloaded-elements-handlers.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor-pro/assets/js/ 113 KB
25 KB 65ms
61ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 41e2c1baad3010ba48055d82269f47925c6984b3e600877e745f2bd12dbd484b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:12:19 GMT
server: nginx
etag: W/"615b6e33-1c3a0"
content-type: application/javascript

GET
H2 200 preloaded-modules.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor/assets/js/ 32 KB
9 KB 65ms
62ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 070e9c4067b7b755decf6775ef626b600946fe297f87eaf89bd383166d8de301

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: W/"61905aa4-7e12"
content-type: application/javascript

GET
H2 200 jquery.sticky.min.js Show response
www.ahelp.ua/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 69ms
66ms Script
application/javascript 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/vin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
content-encoding: br
last-modified: Mon, 04 Oct 2021 21:14:34 GMT
server: nginx
etag: W/"615b6eba-19c3"
content-type: application/javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 103ms
31ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 24 Dec 2023 11:53:06 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
19 KB 143ms
70ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18841
x-xss-protection: 0
server: cafe
etag: 14511532860437540159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:53:06 GMT

GET api.js
www.google.com/recaptcha/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 109ms
20ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 24 Dec 2023 09:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7089
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 24 Dec 2023 11:54:57 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 326ms
131ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0b5aa5c730cfe86174743369fcedd67a44e4790e6520cbb0a787a98e22b1f825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 22 Dec 2023 12:05:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65857ba6-1165f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71263
expires: Sun, 24 Dec 2023 12:53:06 GMT

GET
H2 200 fa-solid-900.woff2
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 60ms
60ms Font
font/woff2 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Origin: https://www.ahelp.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: "61905aa4-13174"
content-type: font/woff2
accept-ranges: bytes
content-length: 78196

GET
H2 200 fa-brands-400.woff2
www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 40ms
39ms Font
font/woff2 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://www.ahelp.ua/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Origin: https://www.ahelp.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
x-ray: wn42248:0.000/
last-modified: Sun, 14 Nov 2021 00:39:00 GMT
server: nginx
etag: "61905aa4-12bdc"
content-type: font/woff2
accept-ranges: bytes
content-length: 76764

GET
H2 200 exchange Show response
bank.gov.ua/NBUStatService/v1/statdirectory/ 7 KB
2 KB 129ms
65ms XHR
application/json 2606:4700::6812:109c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bank.gov.ua/NBUStatService/v1/statdirectory/exchange?json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:109c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Servlet/3.0

Resource Hash

fbb7f9e59b86ffecc69b71d23925077856f6de2b2e51ce5b5d9ecab4db278f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ahelp.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Servlet/3.0
x-cache-status: HIT
statusrequest: OK+%C2%E8%EA%EE%ED%E0%ED%EE
x-xss-protection: 1
x-request-id: 3817406b223b579c22b7036f363566be
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-language: uk-UA
filename: exchange
access-control-allow-origin: *
cf-ray: 83a8a4577992901f-FRA

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 28ms
28ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1666705704&utmhn=www.ahelp.ua&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utmhid=1816301454&utmr=-&utmp=%2Fvin.html&utmht=1703418786505&utmac=UA-19799292-1&utmcc=__utma%3D3426016.273162201.1703418786.1703418786.1703418786.1%3B%2B__utmz%3D3426016.1703418786.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=461251528&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Origin: https://www.ahelp.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1195246028556003&plah=www.ahelp.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1195246028556003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f54c27dd271afbb7fbb213e64964d9c8f3e4649d0c456695eb8f75ad95784a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137959
x-xss-protection: 0
server: cafe
etag: 329479599617917665
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:53:06 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame C04E 9 KB
4 KB 89ms
24ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1195246028556003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Sat, 06 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/999334484/ 3 KB
2 KB 111ms
63ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999334484/?random=1703418786584&cv=9&fst=1703418786584&num=1&label=WqohCPy24gQQ1MTC3AM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&tiba=%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

016d89ec35d14884549c6a5c9ba2d502d2a31c10801935c169e6cc89d69f03f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 schema Show response
www.ahelp.ua/wp-json/contact-form-7/v1/contact-forms/19220/feedback/ 968 B
540 B 448ms
447ms Fetch
application/json 2a01:4f8:222:1791::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ahelp.ua/wp-json/contact-form-7/v1/contact-forms/19220/feedback/schema

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/wp-content/plugins/contact-form-7/includes/js/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:222:1791::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

9951a5d6f1dcbac967dfe70f57ed8a49ee1eeba119704a8494ec64ed76972b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.ahelp.ua/vin.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
x-ray: wn42248:0.420/wa42248:D=421873
x-content-type-options: nosniff
content-encoding: br
server: nginx
allow: GET
vary: Origin
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://www.ahelp.ua/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 css
fonts.googleapis.com/ 68 KB
2 KB 89ms
35ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto&subset=cyrillic,cyrillic

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/wp-content/plugins/clearfy/assets/js/css-lazy-load.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c718bfa7e5fd6be5e22d0cdb3f702d4c4fd38b86c1dae8225252e8ea7e204e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Dec 2023 11:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 11:53:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Dec 2023 11:53:06 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2E9E 41 KB
26 KB 47ms
46ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=hxor6tgqgts

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61c990fb4bdb5b5bbf25e7ba21a63fb8f5c7adc7126c56afc717e4981597c11c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xh9-zM1IIbWQ114jfh7Kyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Xh9-zM1IIbWQ114jfh7Kyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8673 42 KB
26 KB 51ms
50ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=v3a09chgjsyb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70259b77bf77a64310ee8921d91381ae31e9ffa84b1260229eabc62c8c3bdd48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ttbi7I26OTPqkClaA7_7pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ttbi7I26OTPqkClaA7_7pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.google.com/pagead/1p-user-list/999334484/ 42 B
314 B 49ms
49ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/999334484/?random=1703418786584&cv=9&fst=1703415600000&num=1&label=WqohCPy24gQQ1MTC3AM&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&tiba=%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_6NU48eGEWjhjL573bS1eTAVWi5FqLg&random=642209207&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/999334484/ 42 B
455 B 84ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/999334484/?random=1703418786584&cv=9&fst=1703415600000&num=1&label=WqohCPy24gQQ1MTC3AM&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&tiba=%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_6NU48eGEWjhjL573bS1eTAVWi5FqLg&random=642209207&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 88ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto+Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto&subset=cyrillic,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ahelp.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:34:04 GMT
x-content-type-options: nosniff
age: 497942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:34:04 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 21 KB
21 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ahelp.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:02:35 GMT
x-content-type-options: nosniff
age: 420631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:43:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 15:02:35 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4FB 0
306 B 97ms
96ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&adk=1812271804&adf=3025194257&lmt=1674960907&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786549&bpp=4&bdt=424&idt=254&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5095755069611&frm=20&pv=2&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1195246028556003&plah=www.ahelp.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:06 GMT
expires: Sun, 24 Dec 2023 11:53:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10227.3uY3hUU8g7FgkLaU4nqubHXzd8VcgWPB6S0WhNSBmz-SGVzucNXVjErjoylauAgX.uY63rBWNe8LUxCdBTQFZWUv3t1E%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10227.rqz-3DEi2Z6ISNv6jUWO5MBvf-HA2lxED1wB794X0NPFF5hvS9awcjHjB4pvA8guRv3QiAXXWAn2Em58ULa53-2Rh2rVlW-1srYBYlJwkUJhmXhhZ0GHWuuKj7M0bEu0nUaYOGeWBm...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10227._ad4kM0wF42yy7hK2S8ah4YyqVd6dLwq3gdJhrIV_1QkOskqjpIFQFF5GTu1uchlTyRIzb4vzxLS9OcHzDyIYJtq7yv_LS2GaLyfawkkmHSkg...

43 B
581 B

67ms
67ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10227._ad4kM0wF42yy7hK2S8ah4YyqVd6dLwq3gdJhrIV_1QkOskqjpIFQFF5GTu1uchlTyRIzb4vzxLS9OcHzDyIYJtq7yv_LS2GaLyfawkkmHSkgVDjy6p3rqeUiqIfA3g9MfrwOEu2cTnRl-746FfDCbDn88AxQSippf6pgCLAhqx2ztqhJ7Hs8mX9d50jJAsyNjKBLw2BHjwtyzSZxHU1eQ%2C%2C.-hz0IHXrJ_dbN1GgGQDrhKSQdog%2C

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10227._ad4kM0wF42yy7hK2S8ah4YyqVd6dLwq3gdJhrIV_1QkOskqjpIFQFF5GTu1uchlTyRIzb4vzxLS9OcHzDyIYJtq7yv_LS2GaLyfawkkmHSkgVDjy6p3rqeUiqIfA3g9MfrwOEu2cTnRl-746FfDCbDn88AxQSippf6pgCLAhqx2ztqhJ7Hs8mX9d50jJAsyNjKBLw2BHjwtyzSZxHU1eQ%2C%2C.-hz0IHXrJ_dbN1GgGQDrhKSQdog%2C
date: Sun, 24 Dec 2023 11:53:07 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2E9E 55 KB
24 KB 72ms
25ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=hxor6tgqgts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 16:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 16:50:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 2E9E 505 KB
203 KB 98ms
52ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C29F 39 KB
16 KB 556ms
555ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9429d7988f6c7adba14daa4269e24ca6a141263ae9a5f96470de85f4ac5b8051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16475
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:07 GMT
expires: Sun, 24 Dec 2023 11:53:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8673 55 KB
24 KB 52ms
22ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=v3a09chgjsyb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 16:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 16:50:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8673 505 KB
203 KB 75ms
45ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
476 B 67ms
66ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:06 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 22 Dec 2023 12:05:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65857ba6-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 24 Dec 2023 12:53:06 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C96 712 B
382 B 243ms
242ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=100&slotname=3927190693&adk=1678171744&adf=2979842561&pi=t.ma~as.3927190693&w=320&lmt=1674960907&format=320x100&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=368&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=381

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7802c2a717c423df9c939e24ef387638397231e6262a9df8fcc18867d462919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:07 GMT
expires: Sun, 24 Dec 2023 11:53:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB09 124 KB
43 KB 1266ms
1265ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=280&slotname=5788200972&adk=3945262639&adf=1251252648&pi=t.ma~as.5788200972&w=408&fwrn=4&fwrnh=100&lmt=1674960907&rafmt=1&format=408x280&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=396&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f90511c0bd6ab281cd30859d010092025ee66d5f41887ae07090c0a6bba2db42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 43992
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js Show response
www.google.com/js/bg/ Frame 8673 17 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=v3a09chgjsyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 06:37:40 GMT

GET
H3 200 lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js Show response
www.google.com/js/bg/ Frame 2E9E 17 KB
7 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=hxor6tgqgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 06:37:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8673 102 B
135 B 33ms
32ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=v3a09chgjsyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 24 Dec 2023 11:53:07 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2E9E 102 B
135 B 31ms
31ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=hxor6tgqgts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 24 Dec 2023 11:53:07 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/17959918/
Redirect Chain

https://mc.yandex.com/watch/17959918?wmode=7&page-url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/17959918/1?wmode=7&page-url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%...

427 B
546 B

68ms
68ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/17959918/1?wmode=7&page-url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A536480479869%3Ahid%3A43946706%3Az%3A60%3Ai%3A20231224125306%3Aet%3A1703418787%3Ac%3A1%3Arn%3A104101860%3Arqn%3A1%3Au%3A1703418787230076729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C51%2C725%2C1%2C0%2C0%2C%2C484%2C2%2C%2C%2C%2C1589%3Aco%3A0%3Acpf%3A1%3Ans%3A1703418785018%3Afp%3A1289%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703418787%3At%3A%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

67de322497b9a79dec191693000d204ffa275c01cec4d1df6910ba9452d89bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 24-Dec-2023 11:53:07 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ahelp.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 24-Dec-2023 11:53:07 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 24-Dec-2023 11:53:07 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/17959918/1?wmode=7&page-url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A536480479869%3Ahid%3A43946706%3Az%3A60%3Ai%3A20231224125306%3Aet%3A1703418787%3Ac%3A1%3Arn%3A104101860%3Arqn%3A1%3Au%3A1703418787230076729%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C51%2C725%2C1%2C0%2C0%2C%2C484%2C2%2C%2C%2C%2C1589%3Aco%3A0%3Acpf%3A1%3Ans%3A1703418785018%3Afp%3A1289%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703418787%3At%3A%D0%9F%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B0%20vin-%D0%BA%D0%BE%D0%B4%D0%B0%20-%20%D0%90%D1%85%D0%B5%D0%BB%D0%BF.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://www.ahelp.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 24-Dec-2023 11:53:07 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame FE45 7 KB
1 KB 39ms
38ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1285c3983cfa7b1e093216aa9ccf76768e4b5b7ca4693a7a9300e1c8dd72c1b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6CU6BPRTmbSb0YE4UcaDOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6CU6BPRTmbSb0YE4UcaDOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C29F 3 KB
1 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 14:03:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C29F 20 KB
9 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 09:13:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C29F 0
0 32ms
31ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyJOcGM0sxW8y0S8BnhUkUY3aO-Vb8gZX16U6Iv-bopqhMyOl_q58cxRHRfGdVFCSlVGXPyV5v7E6zXcXzEl05xNnL6g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C29F 203 KB
65 KB 146ms
90ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:53:07 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame F8BB 2 KB
3 KB 112ms
48ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j5sm341xr0astdvchwpp4zechk35mbjc38adbkc31ajfefe4tsnrsgkmaa26vep781jjmm6enj9kwva7xz3grsw677k8mh7daftyq4rv61hnq8wgcgeassnxm99a1r6r3vmbktaamr7ajwcsarkmht6s6qdnh6jzkfvhqwdetp6xxhk7z2zv35y1vvjmdz5bwzc4eqftp2wx3etr13hjqvtswa5dthnthzvg1pmmv10zpj03jn6zv4gh50zvacatmwxfykvvj0h8jet0srkzcmtgnc08qrtvj51em6dpn32hgk6pr23gt0fsy1e1frrbyr3xyhw4pxxf7xr31tbvs6yx575ggrhh7c9zwstjwq9fnd7ng5yx737gj64j8d1dassvv93abmyp135khmp4z4tgr7wvrc77rcq2e9esete7spytny4aadmmcm6dbk0xwyq74z2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%26client%3Dca-pub-1195246028556003%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7b4cfcceed5436ca101bb25416d230eb21877e7c07f72fe207a94eaf6abf9d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83a8a45e9a78049f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:07 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 989C 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 25 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame FE45 55 KB
24 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 16:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 16:50:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame FE45 505 KB
203 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LflK6wcAAAAAJTwJP2O7hC6PCIxFDEy7K-W_HFe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 13:11:36 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1195246028556003
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ahelp.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
DATA 200
OK truncated
/ Frame C29F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 933e55970047339ff5871b3e779743b90c3b569b3115904055f547e72549277e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 989C 35 B
463 B 96ms
23ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGJntPt2tU133gRp9Cg-hwI&google_cver=1&google_push=AXcoOmQTR_jHOFqEHDED8mttlfIseIHLj9Hi8_vLI2NwYZ0AbfhbB9j5033vFVqfT5tgKQ60MtniW2ZrBdXrp0d2POxq7SYHu8RNjg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 989C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&google_cver=1&google_push=AXcoOmQgt1Xwr5Rpexo9Q72g42mRhuJhXiLKNZ2Iy7Pl4ib...

170 B
188 B

30ms
30ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&google_cver=1&google_push=AXcoOmQgt1Xwr5Rpexo9Q72g42mRhuJhXiLKNZ2Iy7Pl4ibDOuF9Lfw3In_OfqRXnhlQaCkoM0ROEzfRELZND-8XThX-N2bU6-g3xw

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 11:53:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEOh3p6enJIpczDkSRzLAoc8&google_cver=1&google_push=AXcoOmQgt1Xwr5Rpexo9Q72g42mRhuJhXiLKNZ2Iy7Pl4ibDOuF9Lfw3In_OfqRXnhlQaCkoM0ROEzfRELZND-8XThX-N2bU6-g3xw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 989C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAHGQIiGb5zMQ2ptwBU9Gg&google_push=AXcoOmQ5_nH39uRSTTxHuIWajDjbm5QvsgSlmlLCkMhXdGlTojnF7nBz6X...

170 B
188 B

33ms
33ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAHGQIiGb5zMQ2ptwBU9Gg&google_push=AXcoOmQ5_nH39uRSTTxHuIWajDjbm5QvsgSlmlLCkMhXdGlTojnF7nBz6XViADAwtupQewlEdNcxxaSNmZJl-at3hihFnY9-kRriqw

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320027-CPH
pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1703418788.852979,VS0,VE96
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELAHGQIiGb5zMQ2ptwBU9Gg&google_push=AXcoOmQ5_nH39uRSTTxHuIWajDjbm5QvsgSlmlLCkMhXdGlTojnF7nBz6XViADAwtupQewlEdNcxxaSNmZJl-at3hihFnY9-kRriqw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 989C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELO6p8-3x63NdRhlQ88SRHU&google_cver=1&google_push=AXcoOmTd7103nA3TPuunRmbux64E75NG8bAU6O7iCyT51fb97x9hn44xAUsi1Mhxp6J3qcjgMoohWxMNw7U...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTd7103nA3TPuunRmbux64E75NG8bAU6O7iCyT51fb97x9hn44xAUsi1Mhxp6J3qcjgMoohWxMNw7UmS1NeIsUu6vgVahhwGg&google_hm=wI49B_ZISaiVh247Up...

170 B
329 B

137ms
137ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTd7103nA3TPuunRmbux64E75NG8bAU6O7iCyT51fb97x9hn44xAUsi1Mhxp6J3qcjgMoohWxMNw7UmS1NeIsUu6vgVahhwGg&google_hm=wI49B_ZISaiVh247Upeo8xc

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTd7103nA3TPuunRmbux64E75NG8bAU6O7iCyT51fb97x9hn44xAUsi1Mhxp6J3qcjgMoohWxMNw7UmS1NeIsUu6vgVahhwGg&google_hm=wI49B_ZISaiVh247Upeo8xc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 989C 0
173 B 104ms
35ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOeUWxwS4y_UgdF3nZiOg2o&google_cver=1&google_push=AXcoOmT-RyNdH-1Cdf7M9eUwmhYDGGxk3ZzPGRF8E6fsZ5NfAnm1XKFI4odpKIP8_d8fJSIZgsE7Y_rtOXiDmzd0-tld7QL2fFvi0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 989C 43 B
146 B 97ms
24ms Image
image/gif 18.195.61.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENozeUpiGzUNWXh-20gAkx4&google_cver=1&google_push=AXcoOmQkS6H2e0EfyCb64HJKFnWgjgwopVBQgS6PGM2jNE330Cblc6RCN4GcTkaNkBXIguU_TmXudLncGE80ywfrGJ_FoqRz3oPWEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 989C
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFPS3bpV2jq6qZ4EoEPXiNA&google_cver=1&google_push=AXcoOmQqcpQ6ZR5gSK6AYfJiogTXi2rGWalBtspozkftbNw4eggyqYTSLI0PTYDneu9n1etveF4I8RYb5FRx...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqcpQ6ZR5gSK6AYfJiogTXi2rGWalBtspozkftbNw4eggyqYTSLI0PTYDneu9n1etveF4I8RYb5FRxLkmVW6kMm7LVv4nAlQ

170 B
232 B

144ms
142ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqcpQ6ZR5gSK6AYfJiogTXi2rGWalBtspozkftbNw4eggyqYTSLI0PTYDneu9n1etveF4I8RYb5FRxLkmVW6kMm7LVv4nAlQ

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqcpQ6ZR5gSK6AYfJiogTXi2rGWalBtspozkftbNw4eggyqYTSLI0PTYDneu9n1etveF4I8RYb5FRxLkmVW6kMm7LVv4nAlQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 989C 0
130 B 106ms
31ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_aVZOmBcfSboWtjzhgxd3doGcbhCzqnCDTMBuXHmvzw4n28v_VwdfyEKKLTeVVXvao9Tt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 2E9E 13 KB
9 KB 183ms
183ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b2a0ff17d7cfcb48351279996c5dbc7551659d14376e7bfb0f5216a144590abf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9toQUAAAAAHEswFK_ajedM-T1UM5FdBdO4wto&co=aHR0cHM6Ly93d3cuYWhlbHAudWE6NDQz&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=hxor6tgqgts
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 24 Dec 2023 11:53:07 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F8BB 115 KB
14 KB 37ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j5sm341xr0astdvchwpp4zechk35mbjc38adbkc31ajfefe4tsnrsgkmaa26vep781jjmm6enj9kwva7xz3grsw677k8mh7daftyq4rv61hnq8wgcgeassnxm99a1r6r3vmbktaamr7ajwcsarkmht6s6qdnh6jzkfvhqwdetp6xxhk7z2zv35y1vvjmdz5bwzc4eqftp2wx3etr13hjqvtswa5dthnthzvg1pmmv10zpj03jn6zv4gh50zvacatmwxfykvvj0h8jet0srkzcmtgnc08qrtvj51em6dpn32hgk6pr23gt0fsy1e1frrbyr3xyhw4pxxf7xr31tbvs6yx575ggrhh7c9zwstjwq9fnd7ng5yx737gj64j8d1dassvv93abmyp135khmp4z4tgr7wvrc77rcq2e9esete7spytny4aadmmcm6dbk0xwyq74z2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%26client%3Dca-pub-1195246028556003%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j5sm341xr0astdvchwpp4zechk35mbjc38adbkc31ajfefe4tsnrsgkmaa26vep781jjmm6enj9kwva7xz3grsw677k8mh7daftyq4rv61hnq8wgcgeassnxm99a1r6r3vmbktaamr7ajwcsarkmht6s6qdnh6jzkfvhqwdetp6xxhk7z2zv35y1vvjmdz5bwzc4eqftp2wx3etr13hjqvtswa5dthnthzvg1pmmv10zpj03jn6zv4gh50zvacatmwxfykvvj0h8jet0srkzcmtgnc08qrtvj51em6dpn32hgk6pr23gt0fsy1e1frrbyr3xyhw4pxxf7xr31tbvs6yx575ggrhh7c9zwstjwq9fnd7ng5yx737gj64j8d1dassvv93abmyp135khmp4z4tgr7wvrc77rcq2e9esete7spytny4aadmmcm6dbk0xwyq74z2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%26client%3Dca-pub-1195246028556003%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 716948
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxUNUXZ%2BQHnpLqvSPhc6cynwEZwgvMjLdTU1RsQPduNYSRryrG8CnFGPU2J6FVgDpsKuTjw08OGXs4irA3HfNnRClwm0D%2F3KSfa6hY%2BG89M479n9%2B0l17E8knuNLND7Vujb8lzQFMWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83a8a45efaea049f-FRA
expires: Mon, 25 Dec 2023 11:53:07 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame F8BB 24 KB
10 KB 180ms
178ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j5sm341xr0astdvchwpp4zechk35mbjc38adbkc31ajfefe4tsnrsgkmaa26vep781jjmm6enj9kwva7xz3grsw677k8mh7daftyq4rv61hnq8wgcgeassnxm99a1r6r3vmbktaamr7ajwcsarkmht6s6qdnh6jzkfvhqwdetp6xxhk7z2zv35y1vvjmdz5bwzc4eqftp2wx3etr13hjqvtswa5dthnthzvg1pmmv10zpj03jn6zv4gh50zvacatmwxfykvvj0h8jet0srkzcmtgnc08qrtvj51em6dpn32hgk6pr23gt0fsy1e1frrbyr3xyhw4pxxf7xr31tbvs6yx575ggrhh7c9zwstjwq9fnd7ng5yx737gj64j8d1dassvv93abmyp135khmp4z4tgr7wvrc77rcq2e9esete7spytny4aadmmcm6dbk0xwyq74z2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%26client%3Dca-pub-1195246028556003%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 355097
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0q4GuWeNjPcVfoATGG0RW00CgSHWcYJldG2KjN7ost1x0KP3EZPXtcAQmQm809wOCWbOVlFDbvPVA42J4oa1HPdlZip1Qi0QyNFd%2Fx8Y26GRqV1ivvY3OmlcvV3RfcCoJTR%2B8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83a8a45efaee049f-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F8BB 350 B
910 B 102ms
34ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2111844
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ekoxv45gykOF7qSPKXN4r3M3XRH3wqWwPU4no2Le299oaOM34QMAgQJKJYrq0NLToJdxY7ZKbV%2BNw8CPl6yePBvmVOAou7d%2BL547zLY2cXiO2XbZmvYvDUM1NMiqbmUvrHFwc8pCHHQCO7cxH4KuF%2BaB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83a8a460ada391f9-FRA
expires: Fri, 29 Nov 2024 01:15:43 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame C591 2 KB
2 KB 33ms
33ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2233042
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83a8a4604d7f39d6-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Sun, 24 Dec 2023 11:53:07 GMT
expires: Tue, 28 Nov 2023 16:18:07 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iapw%2F7DB27CgbNUrWcsCfGyoqttLd3mQZGONPab0TUtGX4VVEw4Mqe%2BROJPGjoeny2gmBvYbZtgwnDPfYCc%2BnjdsT6N6pkBvnChexw9P%2BYk4G8Hjhem67Jk1zssDckyKap2%2BPlc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame F8BB 1 KB
2 KB 50ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3aedc6af2f806c78d5d1abe88d604d1626ab27e8eb15505ff8c09dc3fcbd75

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OD32qOJmt77YbsVc6q3isQjey4txD2A2iSgIAhzlzvZsli8rTWo%2F%2FBIKsN6%2Fk39JK3ZNC%2BjKAL6qIWjjgYzI3XQdTU7rAgZrxXtJSBXfyayC6pmUXj8kl6clhy%2F65SHImbObAw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83a8a46108bd18af-FRA
x-backend-server: aa-reachservice-group-europe-west1-s092
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 73ms
46ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83a8a460b82d18af-FRA
content-length: 24
content-type: text/plain
date: Sun, 24 Dec 2023 11:53:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSFzDSjUCxDDQI%2FLXwmf5fHVVqE4b8M9M4OiY6RDcQfTUNBKmRnpxAmDbJrUJ8ELGIKwATcTBFoK2s8Wly9ElxrGKCfZbcYugMcdRXU3%2B8clwPj7vsqU1UdNxjOK9KXUMKbC2lc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-mzmz

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C29F 0
19 B 66ms
65ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBaj3ohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExAFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4shHaKIAvx_sogzaf_-HxqJI31u83NtEDg6FUrM35i1LfDrqMF5Z3gAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExOTUyNDYwMjg1NTYwMDMYAA&sigh=nbFmrcxkcHo&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_S310gI5CcnLivCUYkcBmWND9AWS3ZxVqEIK2sAO4CtOrOWTDY9u8-LP3GlaogJpekTv_ASyM7RgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Dec 2023 11:53:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C29F 0
103 B 92ms
31ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hm82w7kg9t5js9kk17nz16ybq9r47xm4cmez2bpyh3hktgv1p58hqq2qbm6z4nj354v7n91f1cjztzapxhtfyf6n1c95ky0119kr830yjrppefyenzb611ns4k4mrhyz05avp17qembtp0h47r0f18jbjmhs258qta4sttpcvpktbr98qp541k04dgpfh2vvd8998xdh8qpbvxramt9k05x1avk3tyknck93dvpp3n5m59we9jn575fecwk6k1jwtqd5br6y8sgem83vs4b6nt4be4z0atyda4zq7shqv60hj982zs1nycxh258vt6yfvyy5wpdw14v24hfkp46ea667rq8amtg9ky8de2re4gj0g82tct92rwn3yqpwma3tyypt5tqz1gn2xg&b=ZYgbogAOJ4AIFWKWAAEUklOrs6G9vaZ6oTTtGg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=90&slotname=7646943859&adk=3524779162&adf=2089259827&pi=t.ma~as.7646943859&w=728&lmt=1674960907&format=728x90&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786553&bpp=2&bdt=428&idt=339&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=453&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Dec 2023 11:53:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 567F 9 KB
4 KB 48ms
47ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3fc71cc7a04c5de3eb33be296779835dcc1bd62703cd533652d417afef2cf6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j5sm341xr0astdvchwpp4zechk35mbjc38adbkc31ajfefe4tsnrsgkmaa26vep781jjmm6enj9kwva7xz3grsw677k8mh7daftyq4rv61hnq8wgcgeassnxm99a1r6r3vmbktaamr7ajwcsarkmht6s6qdnh6jzkfvhqwdetp6xxhk7z2zv35y1vvjmdz5bwzc4eqftp2wx3etr13hjqvtswa5dthnthzvg1pmmv10zpj03jn6zv4gh50zvacatmwxfykvvj0h8jet0srkzcmtgnc08qrtvj51em6dpn32hgk6pr23gt0fsy1e1frrbyr3xyhw4pxxf7xr31tbvs6yx575ggrhh7c9zwstjwq9fnd7ng5yx737gj64j8d1dassvv93abmyp135khmp4z4tgr7wvrc77rcq2e9esete7spytny4aadmmcm6dbk0xwyq74z2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%26client%3Dca-pub-1195246028556003%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83a8a4615eae39d6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:08 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 567F 115 KB
14 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 881504
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq1eRsJH%2FVbgoFp3azwF3pLdcn%2FZUagfKeTHTZmEfdWnC59isqrWFDcOUFvRrv8T48rxR1uVpOZjkLqXicxuOQDda9HBHN6MDV5X3v3TzmMeRWwBe0izXAGqrlUnydUAwLskIMqwDoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83a8a461af0f39d6-FRA
expires: Mon, 25 Dec 2023 11:53:08 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 567F 9 KB
9 KB 52ms
33ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2183865
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqMQ37iNdx0VpPxA96P95dKubX7I8vtRQjcWgKH4kFyHAelSO05PvKyCsGeDhLcmvyMxwUwodmofCIHPtZnIVLaYpHCz5xPyClpUnPcAWvMXpdIfXhKsEAZ7OtU9iQ9DRD%2BXONe3x8i0%2FnuA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83a8a461ce72049f-FRA

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 567F 21 KB
21 KB 50ms
32ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2274479
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 21332
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:58 GMT
server: cloudflare
etag: "50190e2f2596fbaf0b3827698ee24008"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udpqlkm5ckONitJn5g%2Bm5JazAu2NZzrADxTbHfGWG0SHtgo4JVdc3rCtArxkTUAXLXKrLLK5DLR3Fg25k8ayP%2FG6mk%2F4O77i7RkPG8junPHEWoUGGxy91BRzMuSNSOIg8us3Y6VyeQlKWwCk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83a8a461ce6e049f-FRA

GET
H2 200 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame 567F 0
327 B 106ms
34ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 567F 2 KB
2 KB 49ms
31ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312085
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmnv5Ov4UPBt7%2FHGse6YhxdNBAhjit8Zv4%2BX3DjJwGNsREedv5%2BN0GIhs7YuXBRTyExJ3YYmbif%2B6GzcI1dh2fdVrIwbsYf4AHtfFjJhYDRWxk4fT8%2FqyMkJzZ07fxumkEcdQivDLwrRAZb%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83a8a461ce6a049f-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 567F 23 KB
23 KB 52ms
35ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3563330
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDlNtM1SEf6AhID9sOd%2FPAm2F3f58PE9ixqbBr7NDFlBlfUczjTkJkgqVgr9ZjN4q3sIQtCuNJKNhCNIAnG3EG%2FhrHB%2Bq%2FD7VZq4p8yaOdg0YbA%2FV1tOiOAi6dDHCHJo%2BJRfm83QFE6ruHmA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83a8a461ce69049f-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 567F 43 B
703 B 158ms
96ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 11:53:08 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 567F 9 KB
10 KB 47ms
31ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 313183
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0PI3SG%2Fg4UMQ37pHkUCY9qi4y1yMFG%2Frw12jpWiGsV7OiEVOQydcrp7UWUgSNfP4ALEb6Qtj7mLzNtEFRHrNn2TK82axi6sm13hYUZfWvH8JtmmD%2FvhJG37HxHM4I359oKQMJOO5A0CHcyU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83a8a461ce67049f-FRA

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 567F 26 KB
27 KB 71ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 306797
cf-polished: qual=85, origFmt=jpeg, origSize=27208
alt-svc: h3=":443"; ma=86400
content-length: 27004
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 15:25:13 GMT
server: cloudflare
etag: "b0768a8c228032955d69e4578a6f208e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BPVchrQDhxMHyCaiEfpzMqvsgwWxtfF0XIsqR%2Bk8yzw8wxwWtJBRiJDD1Dm7QcAxhrygwkgfqm2DzWB%2B5plyajQbgXcem2jRdoYa4gEgI5%2B198BMwyceFHAOawzbWFL7u0F%2F%2FSqWK%2FyB%2BwH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83a8a461ce73049f-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 567F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJbDmL6BqIMDFUaSgwcdP1UGUA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703418788_01505050-a253-11ee-9488-2234841a3abe

0
549 B

59ms
14ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703418788_01505050-a253-11ee-9488-2234841a3abe
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C117569%2C22451&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x&c=728&d=90&e=&g=439be17aeec648a79b2baa21818ace72%2F11320204477555383135&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703418787995&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kyh3h52ce0vesrkqrqnw8tp12z9njsk5xyfrhjm4vfy9hjrvnyta47bwqk7w3z4638r0e32sphntadz9e4z1mqabz2x49v607p6a5eg5n35r6tpwf7w0yfbc6evx1pts02tqmyecp6m7dp847dzabbcjbhbfvbbd0598rrdx55nav6whybdmpz72dxrqme1yey1zc6hcqqpk2yz8dn8t1ahxcszn0d97ytrce2fsq2m47v0gxmdr3jmg5xjz7g2pkc9pfh5wsn8bygtwds6kmxq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCGO_OohuIZYDPOJbF1fAPkqmE2A2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0xMTk1MjQ2MDI4NTU2MDAzyAEJqQJx9dySZnqyPqgDAcgDAqoExwFP0FbMKbFGX_S2zE6qu3-u5nxfk26qwHbeyshMlQd3tjyc75BoeKP8TEeWIBb906igc9yLCsVmPx1rtL-TldfQvm2YY0Blr8SAbX_1UiB1AzX3EsumSjfih-ISg_pDaoAewVGnb4EVwQclXrIl0Ksx8Ur9qeKO6bXv8fD6dXTE7La9FeCYJ7_W7-clG2e0YhdNhSCx0E-X_Oa2inE4slPYCRL4PnxoS7HXaTu4OmAOwuWaPP8bXiGW5V8BH0zzFm9QiNa_3XAMgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNCIy72BqIMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3kgAIOJ2Op8BCk5aKjdsFa6ZsAlg%2526client%253Dca-pub-1195246028556003%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 11:53:08 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 24 Dec 2023 11:53:08 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703418788_01505050-a253-11ee-9488-2234841a3abe
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DB09 16 KB
2 KB 33ms
30ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=280&slotname=5788200972&adk=3945262639&adf=1251252648&pi=t.ma~as.5788200972&w=408&fwrn=4&fwrnh=100&lmt=1674960907&rafmt=1&format=408x280&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=396&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Dec 2023 11:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 11:31:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Dec 2023 11:53:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DB09 2 KB
879 B 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 09:13:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DB09 23 KB
9 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 09:13:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97AA 143 B
166 B 41ms
33ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=280&slotname=5788200972&adk=3945262639&adf=1251252648&pi=t.ma~as.5788200972&w=408&fwrn=4&fwrnh=100&lmt=1674960907&rafmt=1&format=408x280&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=396&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DB09 3 KB
1 KB 40ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 14:03:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 14:03:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2B74 1 KB
643 B 24ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Mon, 25 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DB09 20 KB
8 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 09:13:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DB09 0
0 45ms
39ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSplt5aCq5G68gk3eDzHT1pX-_3ivWbhwi9c-U820E-KzLWhSmFjOFA-P356ca9gi0uFb82rQvDXOmGd0lcf5OIseraFw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=280&slotname=5788200972&adk=3945262639&adf=1251252648&pi=t.ma~as.5788200972&w=408&fwrn=4&fwrnh=100&lmt=1674960907&rafmt=1&format=408x280&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=396&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB09 203 KB
64 KB 80ms
73ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:53:08 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame DB09 37 KB
15 KB 39ms
34ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
DATA 200
OK truncated
/ Frame DB09 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DB09 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca988664213bb4423b127ef511048cabadd2c1f705bbf22600a7b0d52e4b0185

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2B74
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ-T8lLUVzKdAnSq0R0fcCU&google_cver=1&google_push=AXcoOmSyXdBcsqOFQtwK_oJU9RvrfQtfhkSmJsz9-zUc26yyy-1i_ItErQSocyXBXIKnp7GBKYT3hwCGjtFSqjB7FJCfFnwSaRBxXg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjM0MTExNDQ1MDcwMDI5NTg3MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxQjLCXQPnq5djMElsCIb4&google_cver=1

43 B
398 B

172ms
138ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxQjLCXQPnq5djMElsCIb4&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECxQjLCXQPnq5djMElsCIb4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2B74 0
104 B 216ms
115ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE39Gzo7BanbTA092TiPbNo&google_cver=1&google_push=AXcoOmRAwV0ZSw4e0XTVf676PoZl3uXSeetPmbJoMwhag0Cp46N5N8bf7g9uuN1vVJdfbeyq4-1dWJuks6PX34jDISW-19oIJmiPRBw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=280&slotname=5788200972&adk=3945262639&adf=1251252648&pi=t.ma~as.5788200972&w=408&fwrn=4&fwrnh=100&lmt=1674960907&rafmt=1&format=408x280&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=396&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B74
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGxHGLoMQdC_rHKSDzh7LTs&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEGxHGLoMQdC_rHKSDzh7LTs&google_cver=1&google_push=AXcoOmQlVOKbptkrzw6MMrBVxPsXfxz0nhHmkv-KMSBW0M6...

170 B
188 B

32ms
31ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEGxHGLoMQdC_rHKSDzh7LTs&google_cver=1&google_push=AXcoOmQlVOKbptkrzw6MMrBVxPsXfxz0nhHmkv-KMSBW0M6txZgXoikamKf2n_ybDDBRw8tErujeXD-drbCwc71X7pazaEpblhfo6wQ

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Dec 2023 11:53:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eFdoSmREUWwxUmhuMno1&google_gid=CAESEGxHGLoMQdC_rHKSDzh7LTs&google_cver=1&google_push=AXcoOmQlVOKbptkrzw6MMrBVxPsXfxz0nhHmkv-KMSBW0M6txZgXoikamKf2n_ybDDBRw8tErujeXD-drbCwc71X7pazaEpblhfo6wQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2B74
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEO2Mkl8_cRvIMmEwRiXEauY&google_cver=1&google_push=AXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_pi...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO2Mkl8_cRvIMmEwRiXEauY&google_cver=1&google_push=AXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_...

43 B
420 B

191ms
190ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO2Mkl8_cRvIMmEwRiXEauY&google_cver=1&google_push=AXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83a8a464ed5c1a6b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 44
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO2Mkl8_cRvIMmEwRiXEauY&google_cver=1&google_push=AXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTX0d-I4D7h_i0uZVHQQFXuJeFNu1Mk7RP0JcTY76YjzHcbUVaeQaSn-aSxDgRhviF1s0mgmavBr9x3OlOqB81FR3HBel_piS4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83a8a4637b301a6b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B74
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHRJ8R-sqh2NtXw-A9vySpg&google_cver=1&google_push=AXcoOmRKKE6b5JSAwSsvKfjljeHio5weby-EUDqVEbgVeId7IDWb6kGJ5yqHWZ5ZmLtls7INnZuiG1RwmXc...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRKKE6b5JSAwSsvKfjljeHio5weby-EUDqVEbgVeId7IDWb6kGJ5yqHWZ5ZmLtls7INnZuiG1RwmXcy3PRZthrNkgM7IwmgoIk&google_hm=wI49B_ZISaiVh247U...

170 B
188 B

32ms
32ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRKKE6b5JSAwSsvKfjljeHio5weby-EUDqVEbgVeId7IDWb6kGJ5yqHWZ5ZmLtls7INnZuiG1RwmXcy3PRZthrNkgM7IwmgoIk&google_hm=wI49B_ZISaiVh247Upeo8xc

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRKKE6b5JSAwSsvKfjljeHio5weby-EUDqVEbgVeId7IDWb6kGJ5yqHWZ5ZmLtls7INnZuiG1RwmXcy3PRZthrNkgM7IwmgoIk&google_hm=wI49B_ZISaiVh247Upeo8xc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 2B74 43 B
145 B 23ms
21ms Image
image/gif 18.195.61.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKe3Xa6koux3MLq-qnA8Pdc&google_cver=1&google_push=AXcoOmR3iYUFy8je0at6QgjDpTVZpx-gTzHvIq3Wnv99_EDP_XWJz4ynFAs92UMwAhhXiAI1pIM5RKrwir89wFQXFvHJjDFzB8l-tbA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1195246028556003&output=html&h=280&slotname=5788200972&adk=3945262639&adf=1251252648&pi=t.ma~as.5788200972&w=408&fwrn=4&fwrnh=100&lmt=1674960907&rafmt=1&format=408x280&url=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703418786555&bpp=1&bdt=430&idt=396&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C320x100&nras=1&correlator=5095755069611&frm=20&pv=1&ga_vid=273162201.1703418786&ga_sid=1703418786&ga_hid=1816301454&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1096&ady=889&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C42531705%2C95320884&oid=2&pvsid=457435795582102&tmod=616194055&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=400
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2B74 43 B
363 B 103ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR34VxoggI3oGIugyjVGOiVpkLxUrRg4eEC-WLvlOEu4PeshGtsjf9B4xbSogQukl-r9f-Aj7s70Ux0xTwPzrrx52Ne7slpIVM&google_gid=CAESEBsfJ5gFU6eliTX7Z7kC7gY&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:07 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 268716
expires: Sun, 24 Dec 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2B74 0
12 B 30ms
29ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxOPGEpku3MrB-kI84copbz1WQjLYEvVf6zKq408ZFzASeLLZAmUp_xiOkB7VGug3qkLCw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97AA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
38ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:08 GMT
expires: Sun, 24 Dec 2023 11:53:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame DB09 47 KB
47 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:01:29 GMT
x-content-type-options: nosniff
age: 280299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:01:29 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ Frame DB09 26 KB
26 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:36:11 GMT
x-content-type-options: nosniff
age: 278217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26736
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:36:11 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DB09
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CM_rFohuIZZSZPMCN1fAPhZmcoAGKpsfwc6zd2seBEt2Mp72tAhABIIzAuydglfrwgYwHoAGa6KvCKcgBAakCcfXckmZ6sj6oAwHIA8sEqgTlAU_Qeev2WO-oAr_bUPD64fbyCuOaR_ahaeb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226570924864558659493%22,%22debug_reporting%22:true,%22destination%22:%22https://jobmesh.de%22,%22event_report_window%22:%22...

0
0

57ms
56ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226570924864558659493%22,%22debug_reporting%22:true,%22destination%22:%22https://jobmesh.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211144983578%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225991509540161092129%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6570924864558659493","debug_reporting":true,"destination":"https://jobmesh.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11144983578"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"5991509540161092129"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Dec 2023 11:53:08 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Dec 2023 11:53:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6570924864558659493","debug_reporting":true,"destination":"https://jobmesh.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11144983578"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"5991509540161092129"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 77 KB
24 KB 113ms
25ms Script
text/javascript 2600:9000:2644:c200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.ahelp.ua
URL: https://www.ahelp.ua/vin.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:c200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd133f65e4b01d44b31ed450c2ded840f5a6074797571452aa74bf965b00e0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: mwpgId4D.xsRaz2Lp3akH7EyTXFzbDSi
Content-Encoding: gzip
Via: 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
Date: Sun, 24 Dec 2023 11:39:49 GMT
Age: 805
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 20 Dec 2023 19:07:27 GMT
Server: AmazonS3
Etag: W/"577e468d019c21bc05275d07caaff423"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: yxvvH8Ti9EX7u1epwGKRLPQ-MGnLIoId2EeO4LI92-7K4ia_DMis4A==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 72ms
72ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

198ed919347ebfeaad7235557da324ecdc1f3a83fc9a686616e74470b391a68f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12190
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3717 51 KB
19 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 355173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 09:13:35 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 104ms
55ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Dec 2023 11:53:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 11:53:08 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/VMX5SDRFBRB7JGIZMPKYTL/PHSWP7M6WZAE5ESPJDPVZN/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

41ms
22ms

Script
application/javascript

2600:9000:2644:c200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2644:c200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Sun, 24 Dec 2023 06:45:51 GMT
Via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
Age: 59366
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: eZtbe1yQJpCsaFki4lEUcXdvKpDValkYEAqtGGdH1uUWK2kFu6PF8g==

Redirect headers

Date: Sat, 23 Dec 2023 19:02:58 GMT
Via: 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
Age: 60610
X-Amz-Cf-Pop: FRA60-P6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gtg30xT_6kIkEehbe_2clV2NRZMFQR1UaOjw_t9v1a1hPQaGJOcIuA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/VMX5SDRFBRB7JGIZMPKYTL/PHSWP7M6WZAE5ESPJDPVZN/ 0
808 B 46ms
21ms Script
text/javascript 2600:9000:2644:c200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/VMX5SDRFBRB7JGIZMPKYTL/PHSWP7M6WZAE5ESPJDPVZN/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:c200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-Amz-Version-Id: kNiA5JDtMJKP7rjGA18wbdKbfSGLl_LJ
Date: Sun, 24 Dec 2023 11:42:13 GMT
Via: 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront)
Age: 658
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 23 Dec 2023 11:51:00 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: SHLbc1bv4WWNQtpOmjSNzKruoYgJmHKmM2gXHDvByO5kj6jAYb61UA==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2FE6 13 KB
5 KB 24ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 78589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 14:03:19 GMT
expires: Sun, 22 Dec 2024 14:03:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C0C 829 B
560 B 32ms
31ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25ad9c7f4a4feb5792cddc032bf27f89b0a2da99d1d302638424f9bdc9d9bb8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dxNlzQ5uvuF5uX1JQyLi_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ahelp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dxNlzQ5uvuF5uX1JQyLi_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 11:53:08 GMT
expires: Sun, 24 Dec 2023 11:53:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C29F 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukYFzAaIuKrGxns_Pu8vu0KM1iLVm_36e7o9AJxZ3puVewUmctfbggigd_Pd_Zcw7k-2CbUd1QSbGAF3UvKOwgwbR4x6IForyA4Pl0JSuqdv4h59p2cA&sig=Cg0ArKJSzGrOyHIJy9A-EAE&id=lidar2&mcvt=1009&p=0,0,90,728&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3524779162&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703418786898&rpt=814&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 VMX5SDRFBRB7JGIZMPKYTL Show response
d.adroll.com/consent/check/ 493 B
586 B 164ms
46ms Script
application/javascript 2a05:d018:cc3:fe05:fd6c:63e6:cf75:41c6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/VMX5SDRFBRB7JGIZMPKYTL?pv=56835447599.06763&arrfrr=https%3A%2F%2Fwww.ahelp.ua%2Fvin.html&_s=15b2bfcb905cd4a91cd5ce753bc554dc&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:fd6c:63e6:cf75:41c6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b7415d9cfd5c330303a0cdac656588054aefaaf8b919773121fb182b6cfe01ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
server: nginx/1.22.1
content-length: 493
content-type: application/javascript

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FE6 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 12:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 12:05:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C0C 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=457435795582102&rc=05APYnBZXJvjW9b9zuB4yTt0ZMC-AGw0_cHCDaWO2Rz9ootEcvz9cdMAOd0DsRs8fTvpyPk57aL55J5sXMbUV88QBqZz8tRCcfxeFbsfgQANsfpGkiShm937OCRJWJYpXMNnqt7CruUziFkUl7ez5lzD7L-_JmQj8Y-dy94lit-ywrZRSwPrFTDXkEPIdsAVM3BExBfEA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2FE6 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bwvIdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:53:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=457435795582102&bg=!-Pul-7TNAAY3kmNgF5I7ADQBe5WfOIiPUfuYYMEf7krSGcN62m6N1Z3MHvkpTf61r6Dk4esUBpCNO36NVRhIHaJs-n-OAgAAAH5SAAAAB2gBB5kC7dis4aXAGxH80vln5GelcL629cB_aVGWxjW059jlUWzxuIWhqE3gh4geYWN0NoeMhBpnHV9NTTwLHEC0WQakG3enOIoozhdaW-ljpstx2125xYQVvh_ciCqQVuhP9GiSx1wOOW6BM-qcfdtQWDiKbL1JcKexgIuXIYJ2qzS80sV6YG_dcOBm5z4aeYJEfzIkh4WMruqxYty2lYVoWgoRtnbmyCZswhgO-SN6wFZbQD5TShhC08PVaBi_3c7WKL3OoSFlyBzQeK-agjNLjFaBukEQif5FLmzjfi1wXo5nwjeCEOkndsgcWha1L1WclasFxZgIdk07FpTcOF6to8aEvA8NlBBT6L5CsJ6H1GPg70pNo2lydtW8w2wwgqc2ABHSRu-sUfqka3tQMGGA55VzRBx7V1hK4tbDeelRYq27WjR6Cm4dB2xmlRHElAIIjtWdkz1mG88Guus08Ce1cTQ_tGlX7vbNPbiukbJB0Jo9JYlvCKQwGyzedxYdE7RREpnqqwPYalXY10c9lmbWsdjpN9tM6Lcw9zY7UcyamFeNlbkytYBewhuRobhGzy6Rz_p1quz1gWDJSvpgCLua_zDrexE98MECOxFpaeiVwt3IN0Wtim6Zqr6H9hL-bcPFMT01t5npcJ_vFhShYttBfJvl9ek--QDv3JMa6-9NwOHI5SYTjpf2OMOiz1720B2ACaX6H8shLFIQ1SdsVZqukq2R8ZneU29ydH1Y-NiyvX75my9vmYp8rNGzArJqvUE5J0Wi7O8pONpJcgVhNEqpj26eiQNQiUN5nH9StlEr6Gn9JOXTpodr5TUVE7Y8vJ0stebyUExMQRdVvD3ZiGtLTnDLK9vVKjhV_DialefRAemRGcooTV7h1qIbDLUR3VmFP2QfpCJoFPZrdP6xptEEJlp04uFj504s4EbJh2jAck_KBlZ3VWDHDjz617XnEaKkc5JgWid1u3VLwCma6LN4FCePwCFjOxWpZIRgKMKn5MpB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ahelp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB09 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu94V4ksHR83zj8X8e-66gohkTn8FZxZ2SuEfZZLsyUcv8c2VF27WCz8zjgL8X8W280Mx1XCsJ3NZom1lvwh6g0bkr0vgVqst9dA7Yc2MDLLGSeS3tjluKCnMHWcfJnzTVAcdwfHAeNlwnz6Zohjc-3qkJG&sai=AMfl-YTZQ8vQ6TXpEFmjyTKE3XFU5gZZqaO8U8qFLEYwhJsQVl7gJ0SNRHT8uKSdvIzN6jiNtY4poOM3i_PmqQMAx9xMMXdO55my6umko7kP6mTa1KMnVIcEy0r4Lks&sig=Cg0ArKJSzB6l3Lt6eeXxEAE&cid=CAQSOwAvHhf_7sfqczP1IpPlqQyHOjYlF8QWaDk8rsciLM2A2nqdKUVUwmZreO8riD7GEK1jPQzO1lcXh5DzGAE&id=lidar2&mcvt=1000&p=0,0,280,408&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3945262639&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703418786957&rpt=1576&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Dec 2023 11:53:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: http://www.google.com/recaptcha/api.js

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:53:30	Name: userId Value: CaO5IlpO7aGRS9_7l2GKI18Spt6XyfAL
www.google.com/recaptcha	1970-01-20 21:29:30	Name: _GRECAPTCHA Value: 09APYnBZU9w7xD9m2e7c_5zDQTLg3XIZNAbmUEcwhus56z1_zuHmpQP2zvkXxJm04oUNhGSj1Dnno7dmLJ-zXpCRE
.ahelp.ua/	1970-01-21 02:46:18	Name: __utma Value: 3426016.273162201.1703418786.1703418786.1703418786.1
.ahelp.ua/	1969-12-31 23:59:59	Name: __utmc Value: 3426016
.ahelp.ua/	1970-01-20 21:33:06	Name: __utmz Value: 3426016.1703418786.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ahelp.ua/	1970-01-20 17:10:19	Name: __utmt Value: 1
.ahelp.ua/	1970-01-20 17:10:20	Name: __utmb Value: 3426016.1.10.1703418786
www.ahelp.ua/	1970-01-21 01:55:54	Name: pll_language Value: ru
.ahelp.ua/	1970-01-21 01:55:54	Name: _ym_uid Value: 1703418787230076729
.ahelp.ua/	1970-01-21 01:55:54	Name: _ym_d Value: 1703418787
.mc.yandex.com/	1970-01-20 17:10:19	Name: sync_cookie_csrf Value: 1446002051fake
.yandex.com/	1970-01-21 02:46:18	Name: i Value: PcQGNxexC6OyWs2L9LS6KDldqwoO+gtNATrngisDzwesu2bANj9fSpRfjUxPHlG7fxWj8yAePBjw+49oC1clvO5fCiI=
.yandex.com/	1970-01-21 01:55:54	Name: yandexuid Value: 2396502091703418786
.ahelp.ua/	1970-01-20 17:11:30	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:10:19	Name: sync_cookie_csrf Value: 1394623872fake
.mc.yandex.com/	1970-01-20 17:11:45	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 02:46:18	Name: yandexuid Value: 2396502091703418786
.yandex.ru/	1970-01-21 02:46:18	Name: yuidss Value: 2396502091703418786
.yandex.ru/	1970-01-21 02:46:18	Name: i Value: PcQGNxexC6OyWs2L9LS6KDldqwoO+gtNATrngisDzwesu2bANj9fSpRfjUxPHlG7fxWj8yAePBjw+49oC1clvO5fCiI=
.yandex.ru/	1970-01-21 02:46:18	Name: yp Value: 1703505187.yu.3328478941703418786
.yandex.ru/	1970-01-21 01:55:54	Name: ymex Value: 1706010787.oyu.3328478941703418786
.ahelp.ua/	1970-01-21 02:31:54	Name: __gads Value: ID=b68dc27af07f5146:T=1703418786:RT=1703418786:S=ALNI_MaDF4LBSUOdnRWxTuWKErvzLz4Jpw
.ahelp.ua/	1970-01-21 02:31:54	Name: __gpi Value: UID=00000ce79bfab6df:T=1703418786:RT=1703418786:S=ALNI_MY2S-8RRrr3IGmd6mMTy1zfrkZPCQ
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2669617261703418787
.yandex.com/	1970-01-21 01:55:54	Name: yuidss Value: 2396502091703418786
.yandex.com/	1970-01-21 01:55:54	Name: ymex Value: 1734954787.yrts.1703418787
.yandex.com/	1970-01-21 01:55:54	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-21 02:31:54	Name: IDE Value: AHWqTUnZqn9O1FGda3WhKlixl9scmDIL5DFsZO5RYxjgHNZ4Kdt2c3csQ8rhiKASj50
.ctnsnet.com/	1970-01-21 01:55:54	Name: gid_CAESELO6p8-3x63NdRhlQ88SRHU Value: 1
.quantserve.com/	1970-01-20 19:19:54	Name: d Value: EGwBCQHeKoEA
.quantserve.com/	1970-01-21 02:40:33	Name: mc Value: 65881ba3-a6192-4d56e-9ef1e
.blismedia.com/	1970-01-21 01:55:58	Name: b Value: 65881BA3C55F0457592BB515BLIS
.w55c.net/	1970-01-21 02:41:59	Name: wfivefivec Value: xWhJdDQl1Rhn2z5
.w55c.net/	1970-01-20 17:53:30	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-21 01:55:54	Name: everest_g_v2 Value: g_surferid~ZYgbowAJTxHF2ABH
.doubleclick.net/	1970-01-20 21:29:30	Name: APC Value: AfxxVi58DAY90qgBh7x1r1-VsT8I_Vr_vl_hkRxf10rvqMpSYURfiQ
.awin1.com/	1970-01-20 17:13:11	Name: awpv20044 Value: 412871\|1703418788\|014294b0-a253-11ee-b1a8-22396ad6a5ca
.awin1.com/	1970-01-20 17:20:23	Name: awpv11938 Value: 412871\|1703418788\|01505050-a253-11ee-9488-2234841a3abe
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.ctnsnet.com/	1970-01-21 01:55:54	Name: cid Value: c08e3d07f64849a895876e3b5297a8f3
.ctnsnet.com/	1970-01-21 01:55:54	Name: gid_CAESEHRJ8R-sqh2NtXw-A9vySpg Value: 1
.congstar.de/	1970-01-20 17:20:27	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1703418788_01505050-a253-11ee-9488-2234841a3abe%22%2C%22sp%22%3A%22awin%22%7D
.doubleclick.net/	1970-01-20 17:10:22	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 21:29:30	Name: uid Value: 2341114450700295871
.googleadservices.com/	1970-01-20 19:19:54	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 19:19:54	Name: ANON_ID Value: awntuJyOZbSFoJTyBr0uRu2Ue5V61UusK0YNlbDV8rT3VJ1ccUx5Gn45ROg6ZdY1hH5UDqWpdDRaSdKO4dhRZbQGOyv

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.ahelp.ua/vin.html Message: Mixed Content: The page at 'https://www.ahelp.ua/vin.html' was loaded over HTTPS, but requested an insecure script 'http://www.google.com/recaptcha/api.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
as.ad4m.at
assets.ad4m.at
bank.gov.ua
banner.congstar.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d.adroll.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
s.adroll.com
s.tribalfusion.com
ssl.google-analytics.com
static-de.ad4mat.net
sync-tm.everesttech.net
tpc.googlesyndication.com
tr.blismedia.com
www.ahelp.ua
www.awin1.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
www.google.com
104.102.45.165
151.101.130.49
172.217.23.102
178.250.1.9
18.195.61.190
2001:678:cb4:bbbb::11
216.58.206.34
2600:1901:0:76b9::
2600:9000:2644:c200:6:9280:1080:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:109c
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a01:4f8:222:1791::1
2a02:6b8::1:119
2a02:fa8:8806:12::1370
2a05:d018:cc3:fe05:fd6c:63e6:cf75:41c6
34.96.105.8
35.186.193.173
51.89.9.252
52.28.181.94
87.118.116.9
91.121.248.44
016d89ec35d14884549c6a5c9ba2d502d2a31c10801935c169e6cc89d69f03f3
070e9c4067b7b755decf6775ef626b600946fe297f87eaf89bd383166d8de301
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c
0b5aa5c730cfe86174743369fcedd67a44e4790e6520cbb0a787a98e22b1f825
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d55e7cef7ca52eb863938d3425d15dc2e0874e84e66ac0e236585230e827b7d
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1285c3983cfa7b1e093216aa9ccf76768e4b5b7ca4693a7a9300e1c8dd72c1b2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
198ed919347ebfeaad7235557da324ecdc1f3a83fc9a686616e74470b391a68f
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
25ad9c7f4a4feb5792cddc032bf27f89b0a2da99d1d302638424f9bdc9d9bb8e
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
284ec68a69ea912618f22b135ae67fa5b39353ca432eb8bc70130edff8979183
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2db0230982dea31be2225dd5e70ece1340ab51a316eeaa3caedddb12cdd18f77
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
390c07c93fd32afe54a95f370b1e8f2eccafd3e26dd34ddf4fdf1df4461ae074
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
3dfe6efbc98da6ceae7c2d0c29bfe90af94d5a200bd612d6e09b2b67c001ee76
3ebc05e394f3bbfaff8ecac9f2064f821bbe2fa91ea3278d24436054b1d28904
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e2c1baad3010ba48055d82269f47925c6984b3e600877e745f2bd12dbd484b
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
47ac0868de672b04988f586a974ce50643cf833d0a48a1c5dc460936eaab6c08
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51d48c4d19c80af29f2bd31b53c278a6977c9719db44bfb1988d560fce17c9e5
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
600bd95ca832458fa7120048bc369eb9dd722b74e254f5793e9181db973d66d3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c990fb4bdb5b5bbf25e7ba21a63fb8f5c7adc7126c56afc717e4981597c11c
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67de322497b9a79dec191693000d204ffa275c01cec4d1df6910ba9452d89bf3
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
70259b77bf77a64310ee8921d91381ae31e9ffa84b1260229eabc62c8c3bdd48
711803dad7b5528a3ff520c4ca141515b4b5b8bba89e0fdca47bd23c582db54e
756cca29e306e66f94e7b705c45bb0bc0315d7e745c159971cbecc65e62e7d3f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c817180aaf0ad14e9cc945b890796202a0a91e21447e81a9b72eca3180f668
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
904afdd82be58333df6bd324fa07aaa9d80cbe86366a7061c5a284ed184239f8
933e55970047339ff5871b3e779743b90c3b569b3115904055f547e72549277e
9429d7988f6c7adba14daa4269e24ca6a141263ae9a5f96470de85f4ac5b8051
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
94adf61f4c2e0b50a47ab73f1d1711191654cd62d02f6f727e86babcb2c6f77e
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9951a5d6f1dcbac967dfe70f57ed8a49ee1eeba119704a8494ec64ed76972b53
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
9cf322ba61df85137ce954428f4f9adff3b760ea6f1d7e07584bf9b599cb1cd6
9d3aedc6af2f806c78d5d1abe88d604d1626ab27e8eb15505ff8c09dc3fcbd75
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a82d81a395b044b1fa027aa2bca0a64aa0207a3c8138d516362c2652d95b4b3e
aa06cd0a6afbf185ce43532d97b197779a068f6fe1af523a40f74a3ce198deb3
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
ab1354779e82eec565fab7946c49a17c5d83357b7c0179f16ccdaff085ee998e
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
adbd0787ee6aa76cc100b63cfa41aee8db3d729198596efbde9137b50d253719
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2a0ff17d7cfcb48351279996c5dbc7551659d14376e7bfb0f5216a144590abf
b2b92ba8d4314393d3c729cf94c12b65a1db2a41fb676b252f060f8eafdd2efd
b6a2aa062f98b239b556ef35fd8aa2c18d31c25b1624475b8d70bd1079fb5a25
b7415d9cfd5c330303a0cdac656588054aefaaf8b919773121fb182b6cfe01ea
b8d92e89b0639956bfba19d5e428c5f6f35c00727b70bcebc583bc694d13e761
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd1bff7954f120af88956d2577e4ae604e2f761c13ca0c494d7dd690cab41106
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c0ea575195895a7ff72d60dbb92b10e58942e1150650a17f809a2de3e6e87ab0
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21db4437458adebf5a43a108edef57f700150b89a5735199499b66379a5947d
c453736e49a5470d86094d2f4510bc96d7aa5f1510b20d0fc427624b1562d64a
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c718bfa7e5fd6be5e22d0cdb3f702d4c4fd38b86c1dae8225252e8ea7e204e11
c7802c2a717c423df9c939e24ef387638397231e6262a9df8fcc18867d462919
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
ca988664213bb4423b127ef511048cabadd2c1f705bbf22600a7b0d52e4b0185
cd133f65e4b01d44b31ed450c2ded840f5a6074797571452aa74bf965b00e0f2
ce8b36c2b69b8ba39cf14fbcfca379233556fa6a51df3a361795012a22935dca
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d2a442e1bc1180697fefe701f9b67b9cf4d819e2837bdb43898a2db6ef8e8262
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d64fe538a0010798113b860edc7a1f03831ceaaa207ed3399c4a2fe3428358c9
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d9a4c43693bb5ca88030b5d5df209a66937a94cb48788731c8fbc6d785b2afa6
db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab
e0da3dd275d1ebb90faeaf51f5f2a7f36168afb9f4b023275ec1daa31e625a72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e91268ba3ec9909ec8544cc5ac11e8a8ab01594816250240f0a33be97eb887c7
ee3fc71cc7a04c5de3eb33be296779835dcc1bd62703cd533652d417afef2cf6
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7b4cfcceed5436ca101bb25416d230eb21877e7c07f72fe207a94eaf6abf9d
f4729c5586b31ba3a46f1649da475e199a8126959d85e48baa8e2c3dadbf2d22
f54c27dd271afbb7fbb213e64964d9c8f3e4649d0c456695eb8f75ad95784a7e
f90511c0bd6ab281cd30859d010092025ee66d5f41887ae07090c0a6bba2db42
fbb7f9e59b86ffecc69b71d23925077856f6de2b2e51ce5b5d9ecab4db278f5b
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
feaabe9700758ebae63a87e273e76fea55dda9cb91a974e73779ba8b47587db5

www.ahelp.ua Open in urlscan Pro 2a01:4f8:222:1791::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

172 Requests

92 %HTTPS

68 %IPv6

32 Domains

42 Subdomains

33 IPs

7 Countries

2632 kBTransfer

7581 kBSize

46 Cookies

2 Outgoing links

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ahelp.ua Open in urlscan Pro
2a01:4f8:222:1791::1 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

92 %
HTTPS

68 %
IPv6

32
Domains

42
Subdomains

33
IPs

7
Countries

2632 kB
Transfer

7581 kB
Size

46
Cookies

172 HTTP transactions
3 data transactions