ye.ua Open in urlscan Pro
2606:4700:10::ac43:2bd5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ye.ua/
Effective URL:
https://ye.ua/
Submission: On December 06 via manual (December 6th 2023, 10:24:13 am UTC) from IN — Scanned from DE

Summary HTTP 197 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 32 domains to perform 197 HTTP transactions. The main IP is 2606:4700:10::ac43:2bd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is ye.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2023. Valid for: a year.

This is the only time ye.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:3dfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2606:4700:10:... 2606:4700:10::ac43:2bd5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
27	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	193.200.64.24 193.200.64.24	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	193.200.65.68 193.200.65.68	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
14	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7 19	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.247.14.54 34.247.14.54	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:d400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7781:74ad:d26b:3a38:f963	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	52.29.13.21 52.29.13.21	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	3.69.41.2 3.69.41.2	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:9449:420b:1a77:b906	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	2.19.104.4 2.19.104.4	16625 (AKAMAI-AS) (AKAMAI-AS)
2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
197	37

1 2606:4700:10::6816:3dfa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:10::ac43:2bd5 (United States)

ASN13335 (CLOUDFLARENET, US)

ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openx2.ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.24 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: cs05.etarg.network

streetuptowind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.68 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

maxrilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.206.34 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.20 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.14.54 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-14-54.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:d400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7781:74ad:d26b:3a38:f963 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.13.21 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.41.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:9449:420b:1a77:b906 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.104.4 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	ye.ua 1 redirects ye.ua openx2.ye.ua	902 KB
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	478 KB
34	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	133 KB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	603 KB
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	142 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	102 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	4 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 818	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316	47 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	166 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	495 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	29 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 6100	668 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1226	204 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	554 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	716 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	543 B
1	maxrilla.com maxrilla.com — Cisco Umbrella Rank: 259445	77 KB
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3789	12 KB
1	streetuptowind.com streetuptowind.com — Cisco Umbrella Rank: 156610	2 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1345	609 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
197	32

	Domain	Requested by
34	ye.ua	1 redirects ye.ua
27	pagead2.googlesyndication.com	ye.ua pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
23	s0.2mdn.net	ye.ua s0.2mdn.net
19	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
14	tpc.googlesyndication.com	pagead2.googlesyndication.com ye.ua tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
12	openx2.ye.ua	ye.ua openx2.ye.ua
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com ye.ua googleads.g.doubleclick.net
7	static.criteo.net	ads.eu.criteo.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	pm.w55c.net	4 redirects
4	www.google.com	ye.ua tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagservices.com	ye.ua googleads.g.doubleclick.net
3	www.googletagmanager.com	ye.ua www.googletagmanager.com
2	ad.doubleclick.net	ye.ua
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	s0.2mdn.net
2	googleads4.g.doubleclick.net	ye.ua
2	fw.adsafeprotected.com	1 redirects ye.ua
2	www.google.de	ye.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ius.ctnsnet.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	maxrilla.com	ye.ua
1	region1.analytics.google.com	www.googletagmanager.com
1	img.youtube.com	ye.ua
1	streetuptowind.com	ye.ua
1	polyfill.io	ye.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
197	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
accounts.google.com
www.instagram.com
www.youtube.com
twitter.com
t.me
invite.viber.com
openx2.ye.ua
index.minfin.com.ua
ua.sinoptik.ua
bank.gov.ua
kam-pod.ye.ua
memory.ye.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-04` - `2024-03-03`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-02` - `2024-01-01`	a month	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
streetuptowind.com R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
maxrilla.com R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://ye.ua/
Frame ID: 8A561225CFB2D7B7E8FD70AD5B3C54CD
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/zrt_lookup_fy2021.html
Frame ID: E9EF33FC379C2FBD51E2A7D1CBA5C370
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&adk=1812271804&adf=3025194257&lmt=1701858249&plaf=2%3A2%2C7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye.ua%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858248735&bpp=8&bdt=168&idt=374&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7291214964486&frm=20&pv=2&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=384
Frame ID: 664D015528E82A58C9E2A44DCCA7FE42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Frame ID: E46A841F15BC1558DF0116C5DE562AB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12
Frame ID: 1C9E040879F8BD58B5EA5DA1576C8BA0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4C5269CE0412877049803056D0AA263D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNXqckNshq9vx5C942YwDPcil4uKDaiY3GzWs1J__mX0HI2hKiJaYD2SmkoJAIkWP6BMciSf_0ApiCwIPRP6TTZV5gaj23AusSKFZeej_cI_OdzvdMxzGOXltlMlpVQbWrNu6cbylh-9dHANGOrCZHPuzAY9DMdacbBKeNd38qL0w2_JdE8
Frame ID: E03A4D7ED8C8D53475B40EDB30CB0124
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4BA982DB3DF32BE1B11289F39D480D9C
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31EF2A9525DD37E25808076243F71526
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0B583817ACA906E18410A3B1B67B498
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3D9D562383B75A84AF7C8D726E2357D6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Frame ID: 1C42830728AF9DBFA1EB1DA0165DE207
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E82FBC3C4AE7292F83AC68C59F9278D0
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXBLyQAOL9AGdhQjAAK2j0LKgdoJifRsk_0xgg&u=%7CxlsBPFcKyB6GJmupHSqK1VWWCo7vZi4DBfdjbLdqqIQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62r3jSRVOZjJaaQQfUWgbhidXWPfZLYllRf53OzsuKUUfPHChFcqkeuBBKg5rpWkYnIOL4plM0AZBbFIKSDFphEaGIIy1EFveRJTfCEw1LHunrhZufkN16nDcS5ooPJiNfOTq5BpVdZm0erixqLZ4BflbiVG_CeLWNWjmGtqaTZVIvGxfU2hlXZ_yj_OBLwhdMuo9ACFic29QZIBV2UMITWt8ZAOAy9NK9w29Q4vcJoLe-IXB5LQH4K1-BwQ9TFS0FSCt7EE5dS33ERFJrrqraxfaJRnVJbEwjABCL9sBXvzN4mWrFjc15W7Vs0cAs5HGIjES8jop1weDdiIbKYv0IixiFNJ3NUug3odmUPsBcEhoXK10O_hOYNiaHg86_pxvbuxNECIJqccyvtD8Owh-lxHN3T7CjoZWLbhlmqj6TSc_rFPfoamiCPBQ7rY9OwayTANexCR0lR-r8612JJIjiqGFSN2M7eVt7zuyGojV5trGgw4uqeHrG-4KhX8dhabdI3gIO673FgDeFrtDAEM22-f5sJ0qqIWww90k0oe61FewJ2xU_hw3KHUdUXrwckJzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbHnMyUtwZdDfOKOo2OMPj-2KCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyMTY4NDI0NDkxMjczNjXIAQmpAnu7jSsxHbI-qAMByAMCqgTlAU_Qur7QuJ_K04pqAy7Z0GRRigg1fmRkk_l7RQXydltpBy_5qO2D5NJ9FpKuqlJQzx0p6UBZwewsGuonFu3Bcfj_c037RJ3a8hBDiOO9K5abQMI6UyUmbQ3sqZQ661pXokbDmuQPc34HgCRbfp9SZsYPV25500azDTKPbkpn9ZM8ANncVXCs8ONcxyqXM60cst2wpNUVgyCjOCgbOzAS1ms538ftMzt67CfURAJd10MiBguPWohVumnccoMSXToLz6-Oi3yPv31MHUwXGWyjxVqiY4FYaCKF212zy7UCwTpTNzMFCFSABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIusODzPqCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ATcPZpcQhy1Hcw119DN2eEDwzIA%26client%3Dca-pub-1216842449127365%26adurl%3D
Frame ID: 2249C5734789B5EDBED9183038336F75
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3906A8A8A03DA6E6AA40FAC0733BE290
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNWeNo64QDiKeDlptIAD3rwsbNwxKqGsezqNAxHLvHBVLlFNOWlRPxjG7QUXZZGgo2yBUMFLOLKQibm2d8_jaKD6Rz0lkCvrYkYisQPB50GdugjajRia6472uMYrydbqMGzraFSQkb4SYBOWRdaHRrnve5pjAyK3gwfiZfGitl9nng2YaiU
Frame ID: 29D278E183A3AFD1E69A533FBE6D8237
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 495B1FCCEA0026DE9AE3435EBD413469
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 464E01D1CCD0AF959C09917CE4A33526
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7A28927D21925F3C45E26C7FB3ED99E6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
Frame ID: B55F0F7270E2F356E7D9A0164BB792EF
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 1C0425C5559FD5C4428C7812836B94F6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Хмельницького "Є" | ye.ua ye-logo.v1.2

Page URL History Show full URLs

http://ye.ua/ HTTP 301
https://ye.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

197
Requests

90 %
HTTPS

57 %
IPv6

32
Domains

45
Subdomains

37
IPs

8
Countries

2912 kB
Transfer

6045 kB
Size

29
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/v2.10/dialog/oauth?client_id=2010787465808195&scope=email&redirect_uri=https://ye.ua/include/other/all/fb.php

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?scope=email%20profile&state=%2Fprofile&redirect_uri=https://ye.ua/include%2Fother%2Fall%2Fgoogle.php&response_type=code&client_id=972825115840-li07dtavfsc46bibgg6ngt89ngk4ti00.apps.googleusercontent.com&approval_prompt=force

Search URL Search Domain Scan URL

URL: https://www.facebook.com/www.ye.ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ye.ua/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gazetaE

Search URL Search Domain Scan URL

URL: https://twitter.com/GazetaYEnews

Search URL Search Domain Scan URL

URL: https://t.me/s/yeuanews

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQB2YhGIZF29XEpluCJevfH%2BsB2C%2BPPVaT%2B8U14DWSTUUX5G66bRxOGSH0OHxhDE

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=64__zoneid=25__cb=5509b08091__oadest=https%3A%2F%2Fye.ua%2Fogo%2Fadd%2F%3Fref%3Dright-col

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=9__zoneid=28__cb=a164def0f2__oadest=http%3A%2F%2Fvoda.km.ua%2F

Search URL Search Domain Scan URL

URL: https://index.minfin.com.ua/ua/markets/fuel/reg/hmelnickaya/
Title: * вартість пального згідно з сайтом minfin.com.ua

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D1%85%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%B8%D0%B9
Title: Погода на 7 днів

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/
Title: НБУ

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/control/uk/curmetal/detail/currency?period=daily
Title: Офіційний курс гривні щодо інших іноземних валют

Search URL Search Domain Scan URL

URL: https://kam-pod.ye.ua/
Title: kam-pod.ye.ua

Search URL Search Domain Scan URL

URL: https://memory.ye.ua/
Title: Книга пам'яті

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ye.ua/ HTTP 301
https://ye.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXBLySu2RCG1xsQcWAp6oAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHu1rqKu9RKVeF8tgGQcieM&google_cver=1

Request Chain 85

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D

Request Chain 116

https://fw.adsafeprotected.com/rfw/st/1627455/73523875/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-1216842449127365&ias_chanId=1&ias_placementId=20487174429&bidurl=https://ye.ua/&ias_dealId=&xsId=ABAjH0g5gSIQA2rsh6ghTwrAH8i7&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g5gSIQA2rsh6ghTwrAH8i7&adContainerId=brand_safety_yktwZaffBIHFjuwP7cGrsAM&cbFunctionName=goog_wrapCb_yktwZaffBIHFjuwP7cGrsAM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fye.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fye.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231204%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231204%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-1216842449127365%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D3&adsafe_type=be&adsafe_jsinfo=,id:f90f3e97-d2c6-0431-a5e6-891459bef969,c:w0Yq1t,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-594854db75-7q78h,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tXEzMub+11%7C12%7C13%7C14%7C151*.1627455-73523875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:13,oid:9822e86a-9421-11ee-a08e-3a62daf73c15,v:19.8.463,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0g5gSIQA2rsh6ghTwrAH8i7&ias_xappb=&adContainerId=brand_safety_yktwZaffBIHFjuwP7cGrsAM&cbFunctionName=goog_wrapCb_yktwZaffBIHFjuwP7cGrsAM&true_pb=

Request Chain 140

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&google_cver=1&google_push=AXcoOmQBcfyu3CF4_dyjKfwp_1thgVrFiEkSRePs2AZLdJ_cTQ5cho6WBH__4tYFSUPmAUiJ46ixo_ov_0dnS2ciYaERGmFT_iflAd0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&google_cver=1&google_push=AXcoOmQBcfyu3CF4_dyjKfwp_1thgVrFiEkSRePs2AZLdJ_cTQ5cho6WBH__4tYFSUPmAUiJ46ixo_ov_0dnS2ciYaERGmFT_iflAd0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGszQjdiamQxUmFQNEM1&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&google_cver=1&google_push=AXcoOmQBcfyu3CF4_dyjKfwp_1thgVrFiEkSRePs2AZLdJ_cTQ5cho6WBH__4tYFSUPmAUiJ46ixo_ov_0dnS2ciYaERGmFT_iflAd0

Request Chain 141

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGvNTPvsh_BrvqPazSIk4A8&google_cver=1&google_push=AXcoOmQBlE-RNcn8WhcY7v8ZxKQLo5DeEpiGlbo-GIxLinAuqNOH0Fvh0e-yWhpY1SsRDN1iAZUI7S_4APcg7nnEUw9g7wQpsAZcbbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGvNTPvsh_BrvqPazSIk4A8&google_push=AXcoOmQBlE-RNcn8WhcY7v8ZxKQLo5DeEpiGlbo-GIxLinAuqNOH0Fvh0e-yWhpY1SsRDN1iAZUI7S_4APcg7nnEUw9g7wQpsAZcbbw

Request Chain 142

https://um.simpli.fi/gp_match?google_gid=CAESENqpTzN_cMUd1-2QXz_v_pw&google_cver=1&google_push=AXcoOmT7kpo6NdYzs6PX8PK2P8ud-tfBXPeYtrIRyGokvhKSe3vLNJXU46Z9ypsW2Iku7bEF7fL0QXtpM2NuHa3OyV-qmtYdS8zGKmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E3EE07D6B74E12A5CC6FC88122EEBD&google_push=AXcoOmT7kpo6NdYzs6PX8PK2P8ud-tfBXPeYtrIRyGokvhKSe3vLNJXU46Z9ypsW2Iku7bEF7fL0QXtpM2NuHa3OyV-qmtYdS8zGKmA

Request Chain 144

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN48CPIFtyibw29y7puH9Zg&google_cver=1&google_push=AXcoOmQlQrfDhzZz7QHdqzfKR13u87avSqh-SHkSKFdWsv6q0uDyYeJpGMGTgzuUEtcHP4oge8jxEdnaih7vJVm5jJIb422fxJlgH8w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4RhCiC7jTskRl3HhH_V-yw&google_push=AXcoOmQlQrfDhzZz7QHdqzfKR13u87avSqh-SHkSKFdWsv6q0uDyYeJpGMGTgzuUEtcHP4oge8jxEdnaih7vJVm5jJIb422fxJlgH8w

Request Chain 146

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENTrfukT0S2hmfbauaHmTwE&google_cver=1&google_push=AXcoOmTLn1hplELGkn32IOVEdGk-v7ApFsEEHJPXna-xpwXHjTExdVwCTuRyZBalQOFN3TOl22HHdTHE_Myd7Eht7lJQ1N2807X0VQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLn1hplELGkn32IOVEdGk-v7ApFsEEHJPXna-xpwXHjTExdVwCTuRyZBalQOFN3TOl22HHdTHE_Myd7Eht7lJQ1N2807X0VQ&google_hm=eS1PZ0hlWE5GRTJwR3ZLZk1pQ3cuSWoxejJLSXZFVlRVQ35B

Request Chain 149

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&google_cver=1&google_push=AXcoOmTyyJP42EJw9ELu9NftMmjCLMqQhoncWqVQX1DJNXI8V7qC5vkZ6stE9JQKLP7mrkS6WZWoYR1kNunb4c7GcU73Z-sVuQmD8trzYlfWKacxgmLjtn2IRyO3MPzYGfKw0dQp6DOl8lvzqj1EIiYo7AddJ-Q HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&google_cver=1&google_push=AXcoOmTyyJP42EJw9ELu9NftMmjCLMqQhoncWqVQX1DJNXI8V7qC5vkZ6stE9JQKLP7mrkS6WZWoYR1kNunb4c7GcU73Z-sVuQmD8trzYlfWKacxgmLjtn2IRyO3MPzYGfKw0dQp6DOl8lvzqj1EIiYo7AddJ-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WHZQek9IN1kxUmFQNEM1&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&google_cver=1&google_push=AXcoOmTyyJP42EJw9ELu9NftMmjCLMqQhoncWqVQX1DJNXI8V7qC5vkZ6stE9JQKLP7mrkS6WZWoYR1kNunb4c7GcU73Z-sVuQmD8trzYlfWKacxgmLjtn2IRyO3MPzYGfKw0dQp6DOl8lvzqj1EIiYo7AddJ-Q

Request Chain 151

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGv2eMw7FOEVWlFlCGCVcDs&google_cver=1&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOGr4R3w7QthHuQAB6dhIVm6V40ct-Yqz0Bw61aEdfIjc5Zzq4H7YLSnt2f_0W9oJWK-4Zrhb6DUaFLCKvYdRA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGv2eMw7FOEVWlFlCGCVcDs&google_cver=1&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOGr4R3w7QthHuQAB6dhIVm6V40ct-Yqz0Bw61aEdfIjc5Zzq4H7YLSnt2f_0W9oJWK-4Zrhb6DUaFLCKvYdRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYxNzUzOTQ1MzQ5Mjc0Njc0OQ&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOGr4R3w7QthHuQAB6dhIVm6V40ct-Yqz0Bw61aEdfIjc5Zzq4H7YLSnt2f_0W9oJWK-4Zrhb6DUaFLCKvYdRA

Request Chain 154

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPpSQFpVUCBZI9M8nbMvFFs&google_cver=1&google_push=AXcoOmRRyEBo2uJODNUKSxTycEsKmlg5HJeSnbqWX1oGqPOZrxbAe_Mf6-3_vm6H4Cns_eR9eEGNDhGIfeHiSSUuih2A_pLAXC2e2572GEepfFUe7LKzB25GjWxRGfUTYmD8JQdDCP5VBu6b90k8Y1a85Rmh6Q_f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRRyEBo2uJODNUKSxTycEsKmlg5HJeSnbqWX1oGqPOZrxbAe_Mf6-3_vm6H4Cns_eR9eEGNDhGIfeHiSSUuih2A_pLAXC2e2572GEepfFUe7LKzB25GjWxRGfUTYmD8JQdDCP5VBu6b90k8Y1a85Rmh6Q_f&google_hm=jppyeGfNR4OMujagPk_bk0o

Request Chain 155

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFi0oH7gI6eFBI0084zwxSw&google_cver=1&google_push=AXcoOmQrybhxyHYWoSTJq3mU4PbFTteIiys1rmPsdFJ5psNPZe-73OlIVcO22zFyWYR12lpKXcsJXxaq0nJ-ShkkHLftayWC78aH7Xa6qrTQahh_f_iqKuVOiCwHEV9TzSUh45w62vTo_pzuI8e-UNu1OzlrVpip HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQrybhxyHYWoSTJq3mU4PbFTteIiys1rmPsdFJ5psNPZe-73OlIVcO22zFyWYR12lpKXcsJXxaq0nJ-ShkkHLftayWC78aH7Xa6qrTQahh_f_iqKuVOiCwHEV9TzSUh45w62vTo_pzuI8e-UNu1OzlrVpip HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXBLySu2RCG1xsQcWAp6oAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENz_vHjGVORJ99KBsNnE2lI&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D

197 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ye.ua/
Redirect Chain

http://ye.ua/
https://ye.ua/

162 KB
38 KB

1361ms
1342ms

Document
text/html

2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.0

Resource Hash

3f1e36884a78472a85677b14b1e42b1fe4e04be076dfd288a46a613454995d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8313d13d2c0335ee-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 10:24:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.0
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8313d13ca9b75b62-FRA
Connection: keep-alive
Content-Type: text/html
Date: Wed, 06 Dec 2023 10:24:07 GMT
Location: https://ye.ua/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 jquery.min.js Show response
ye.ua/js/js/js/ 85 KB
30 KB 23ms
21ms Script
application/javascript 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/jquery.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-1538f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d1459c9e35ee-FRA

GET
H2 200 jquery.cookie.min.js Show response
ye.ua/js/js/default/ 2 KB
901 B 22ms
20ms Script
application/javascript 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/default/jquery.cookie.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b6e442e0162e2c67d3cf272012edd38a95076ecb4b71f54c28a8810f4dbbb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-672"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d1459ca235ee-FRA

GET
H2 200 popper.min.js Show response
ye.ua/js/js/js/ 20 KB
7 KB 21ms
20ms Script
application/javascript 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/popper.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-4f71"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d145dcd235ee-FRA

GET
H2 200 bootstrap.min.js Show response
ye.ua/js/js/js/ 50 KB
14 KB 19ms
18ms Script
application/javascript 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/bootstrap.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-c62b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d145dcd335ee-FRA

GET
H2 200 polyfill.min.js Show response
polyfill.io/v2/ 100 B
609 B 26ms
11ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 10:24:08 GMT
age: 3097442
detected-user-agent: Chrome Mobile/119.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/119.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 app.min.js Show response
ye.ua/js/js/js/ 34 KB
10 KB 20ms
19ms Script
application/javascript 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/app.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b49df55acb1072af429ec4f155107c35de1921d9053fabb2693b0e57749f224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-89ce"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d145dcd535ee-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 80ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1216842449127365

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd232a84d8fc00f5f1054256e510260118646a2809c6c68b63d6dad671c6df6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52532
x-xss-protection: 0
server: cafe
etag: 18262651970984980722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:24:08 GMT

GET
H2 200 asyncjs.php Show response
openx2.ye.ua/www/delivery/ 10 KB
4 KB 41ms
30ms Script
text/javascript 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://openx2.ye.ua/www/delivery/asyncjs.php
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: f3b5932558e6a765f1bfc3fb5ee364013cd03588adcf0f22293a77ddf2e90df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Wed, 06 Dec 2023 11:24:08 GMT
cf-ray: 8313d145eceb35ee-FRA

GET
H2 200 bootstrap-custom.css
ye.ua/css/css/css/ 191 KB
26 KB 26ms
24ms Stylesheet
text/css 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/bootstrap-custom.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0854243cee262b5de8673e332e533bcf232cda58cc48405d79998d6888ada200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-2fab2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d1459c9435ee-FRA

GET
H2 200 fontawesome-custom.css
ye.ua/css/css/css/ 54 KB
12 KB 25ms
22ms Stylesheet
text/css 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/fontawesome-custom.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b59270e2d2a3730d00b61b36541001751277b940d73846e9f44ee7f189c60b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
cf-polished: origSize=55047
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: minify
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-d707"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d1459c9835ee-FRA

GET
H2 200 app.min.css
ye.ua/css/css/css/ 59 KB
11 KB 19ms
17ms Stylesheet
text/css 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/app.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ddaf573663b8243cc0e85098b1723ace007f1c13d83f6a1a95c554e37162fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-edf0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d1459c9c35ee-FRA

GET
H2 200 legacy.min.css
ye.ua/css/css/css/ 10 KB
3 KB 20ms
18ms Stylesheet
text/css 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/legacy.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

890d81648be2bed4a1da49a1bab308041e26f3f6267f4dd41a76f3e2541e6fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-268a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d1459c9d35ee-FRA

GET
H/1.1 200
OK / Show response
streetuptowind.com/services/ 2 KB
2 KB 64ms
22ms Script
text/javascript 193.200.64.24
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://streetuptowind.com/services/?id=147967
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.24 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: cs05.etarg.network
Software: nginx /
Resource Hash: 7ecb66f6a93940ba8cbb3264a7a795397bc954bbbe67f0565227121d1e86c72a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 10:24:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 1603
Content-Type: text/javascript; charset=utf-8

GET
H2 200 311.png
ye.ua/images/weather/64x64/day/ 708 B
1 KB 123ms
122ms Image
image/webp 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/weather/64x64/day/311.png

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8a21d7aa6defd016972a2f9c344010930e36acccac9045f051b700b562abbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2232
content-disposition: inline; filename="311.webp"
content-length: 708
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 18 Jan 2023 07:18:41 GMT
server: cloudflare
etag: "63c79d51-8b8"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1459ca035ee-FRA

GET
H2 200 371.png
ye.ua/images/weather/64x64/day/ 1 KB
1 KB 124ms
123ms Image
image/webp 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/weather/64x64/day/371.png

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a29055bcc2279469ce07a5b0739407f884be8ea5d709892a66061d6ead1729b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2858
content-disposition: inline; filename="371.webp"
content-length: 1312
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 18 Jan 2023 07:18:41 GMT
server: cloudflare
etag: "63c79d51-b2a"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1459ca135ee-FRA

GET
H2 200 326.png
ye.ua/images/weather/64x64/day/ 684 B
809 B 119ms
117ms Image
image/webp 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/weather/64x64/day/326.png

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f50f0a2d6671013dd590af18c00d26c6547ae6b1640375c2125c42e3386a4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2263
content-disposition: inline; filename="326.webp"
content-length: 684
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Wed, 18 Jan 2023 07:18:41 GMT
server: cloudflare
etag: "63c79d51-8d7"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d145dcd035ee-FRA

GET
H2 200 icon_256x256.webp
ye.ua/images/ 11 KB
11 KB 100ms
99ms Image
image/webp 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/icon_256x256.webp

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ac0c44e962362e044f2df416f2553775b38b1b8064470f648825aa8d2a8996e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 10868
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 19:28:25 GMT
server: cloudflare
etag: "62a4ecd9-2a74"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d145dcd135ee-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
72 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR9MWRW

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e18bd78013338f10fa6e96f28a13c8bb6a64cfeb099c3ca15b2e98613d407d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73377
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 10:24:08 GMT

GET
H2 200 big__Dopomoga_Zbroynim_silam_Ukrayini__yak_dopomogti_ne_tilki_groshima_a_y_spravami_1_2023_12_06_09_42_07.JPG
ye.ua/images/news/topnews/ 73 KB
74 KB 141ms
140ms Image
image/jpeg 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/big__Dopomoga_Zbroynim_silam_Ukrayini__yak_dopomogti_ne_tilki_groshima_a_y_spravami_1_2023_12_06_09_42_07.JPG

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf133eee860c02b0692d5332367178d4b79a7dc094ac40378169d0a97018195c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 75081
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Dec 2023 08:57:46 GMT
server: cloudflare
etag: "6570378a-12549"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d145dcd635ee-FRA

GET
H2 200 print.min.css
ye.ua/css/css/css/ 2 KB
845 B 17ms
17ms Stylesheet
text/css 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/print.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8fe10f28fa2e884b988f4ef91390487f598e21fb54eb9c1a11ed39d647288a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 965
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-666"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d145dcd735ee-FRA

GET
H2 200 ornament.svg
ye.ua/css/css/images/ 1 KB
612 B 17ms
17ms Image
image/svg+xml 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/css/css/images/ornament.svg

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7c176af91f6fc30c3e49051636d4b456531b4e75245a62d931c9a8bb77ea4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/css/css/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 6600
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 12 Jun 2022 05:48:23 GMT
server: cloudflare
etag: W/"62a57e27-462"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 8313d1460d1835ee-FRA

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 open-sans-v15-cyrillic_latin-regular.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 21ms
20ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-regular.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 965
content-length: 19156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4ad4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d3435ee-FRA

GET
H2 200 fa-brands-400.woff2
ye.ua/css/css/fonts/ 60 KB
60 KB 22ms
21ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-brands-400.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 965
content-length: 61336
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-ef98"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d3735ee-FRA

GET
H2 200 fa-solid-900.woff2
ye.ua/css/css/fonts/ 49 KB
49 KB 26ms
26ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-solid-900.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 965
content-length: 50372
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-c4c4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d3c35ee-FRA

GET
H2 200 open-sans-condensed-v12-cyrillic_latin-700.woff2
ye.ua/css/css/fonts/ 22 KB
22 KB 25ms
25ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-condensed-v12-cyrillic_latin-700.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94e274617dd12daa61f94f74bcd2a3ceb82ad275b53ef797946a3608b0e1222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 965
content-length: 22776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-58f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d3e35ee-FRA

GET
H2 200 fa-regular-400.woff2
ye.ua/css/css/fonts/ 12 KB
12 KB 19ms
19ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-regular-400.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 965
content-length: 12188
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-2f9c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d4035ee-FRA

GET
H2 200 open-sans-v15-cyrillic_latin-700.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 44ms
44ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-700.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 965
content-length: 19836
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d4335ee-FRA

GET
H2 200 open-sans-v15-cyrillic_latin-600.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 121ms
121ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-600.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19716
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d04"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d4635ee-FRA

GET
H2 200 open-sans-v15-cyrillic_latin-300.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 118ms
118ms Font
font/woff2 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-300.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd2bc32e766754718771fbbd323bd27ae4e64f71b28d87a619368ebf52a3c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19744
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1461d4c35ee-FRA

GET
H2 200 icon_256x256.png
ye.ua/images/ 11 KB
12 KB 31ms
31ms Image
image/webp 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/icon_256x256.png

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b57c9c945be047bbac4054c9bb5b813c25cf319f2a0f297b57eef11aee194db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3745
cf-polished: origFmt=png, origSize=13132
content-disposition: inline; filename="icon_256x256.webp"
content-length: 11716
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sat, 11 Jun 2022 19:28:25 GMT
server: cloudflare
etag: "62a4ecd9-334c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1463d6b35ee-FRA

POST
H2 200 ogoService.php Show response
ye.ua/ajax/ 2 KB
731 B 43ms
41ms XHR
text/html 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/ajax/ogoService.php

Requested by

Host: ye.ua
URL: https://ye.ua/js/js/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.0

Resource Hash

f6ea2d344b056cccc8e5f1d80407e42fc9c55d9477400c3b2152e1908effbaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ye.ua/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: PHP/8.1.0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
permissions-policy: interest-cohort=()
cf-ray: 8313d1466daf35ee-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 ogoService.php Show response
ye.ua/ajax/ 7 KB
2 KB 112ms
110ms XHR
text/html 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/ajax/ogoService.php

Requested by

Host: ye.ua
URL: https://ye.ua/js/js/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.0

Resource Hash

1674e516c036a0ee105c3e7a2378332530206c330dbb5ccdd301f1cc4a1fc183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ye.ua/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: PHP/8.1.0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
permissions-policy: interest-cohort=()
cf-ray: 8313d1467db135ee-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 sm__Vtrati_voroga_na_ranok_6_grudnya_1_2023_12_06_08_48_45.jpg
ye.ua/images/news/topnews/ 5 KB
5 KB 101ms
100ms Image
image/jpeg 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/sm__Vtrati_voroga_na_ranok_6_grudnya_1_2023_12_06_08_48_45.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

526dc6f5bdfb11d075dcdeddf0d4c1a875ce25e7864a4ee9573b39c2f04a2b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 4758
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Dec 2023 06:59:11 GMT
server: cloudflare
etag: "65701bbf-1296"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1467db535ee-FRA

GET
H2 200 sm__Ataka_dronami__na_Hmelnichchini_po_vorozhih_cilyah_pracyivala_PPO_1_2023_12_06_08_17_24.jpeg
ye.ua/images/news/topnews/ 4 KB
4 KB 104ms
102ms Image
image/jpeg 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/sm__Ataka_dronami__na_Hmelnichchini_po_vorozhih_cilyah_pracyivala_PPO_1_2023_12_06_08_17_24.jpeg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57b2dea18480654773265e9f5bfe4dabc2d81b7a4e01b7d57fc761ff0a0f96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 3602
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Dec 2023 06:20:13 GMT
server: cloudflare
etag: "6570129d-e12"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1467db635ee-FRA

GET
H2 200 66708.jpg
ye.ua/images/news/preview/ 14 KB
14 KB 112ms
111ms Image
image/jpeg 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/preview/66708.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acb464609085552cc2e887342df8c030a2ce5c53253800bae364b7efbdb7e2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=14389
content-length: 14067
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 05 Dec 2023 14:21:22 GMT
server: cloudflare
etag: "656f31e2-3835"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1467db735ee-FRA

GET
H2 200 66702.jpg
ye.ua/images/news/preview/ 15 KB
16 KB 98ms
98ms Image
image/jpeg 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/preview/66702.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c8bbc744ba1991b7a07e0d835a12af0af46d6a52c9c81ee88bf5d1e9f8893e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=15813
content-length: 15745
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Tue, 05 Dec 2023 08:17:02 GMT
server: cloudflare
etag: "656edc7e-3dc5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1467db935ee-FRA

GET
H2 200 66683.jpg
ye.ua/images/news/preview/ 14 KB
14 KB 113ms
112ms Image
image/jpeg 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/preview/66683.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

019d45c006cc31018fef793d375ab33931033206c1d3e5e411ea8d783c1999bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=14431
content-length: 14207
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100,h2pri
last-modified: Sun, 03 Dec 2023 12:32:08 GMT
server: cloudflare
etag: "656c7548-385f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8313d1467dba35ee-FRA

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/ds5DzNoFKbk/ 11 KB
12 KB 63ms
18ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ds5DzNoFKbk/mqdefault.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9709ded853fd7afa138a6cc220636adde9877762728d0a2469d647b8ed8ee56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: sffe
etag: "1701683520"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Dec 2023 10:29:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
94 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7MCF8X4X0H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MWRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1584f73335b49befc4498e16438efc4973f99b0090cc32931fb4c46d5e419e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 10:24:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 38ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR9MWRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 09:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2539
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Dec 2023 11:41:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
134 KB 101ms
84ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1216842449127365&plah=ye.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1216842449127365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e62797b3a27901154e260c5cd5544bef1d3a049431333b6944e694d6ea7a8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137565
x-xss-protection: 0
server: cafe
etag: 18172422331462775679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:24:08 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/ Frame E9EF 9 KB
4 KB 37ms
10ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1216842449127365

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 01:32:39 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 01:32:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 34ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7MCF8X4X0H&gtm=45je3bt0v888942913z8838580850&_p=1701858248585&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1168823755.1701858249&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701858248&sct=1&seg=0&dl=https%3A%2F%2Fye.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE%20%22%D0%84%22%20%7C%20ye.ua&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1675
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7MCF8X4X0H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ye.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
238 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7MCF8X4X0H&cid=1168823755.1701858249&gtm=45je3bt0v888942913z8838580850&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7MCF8X4X0H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ye.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 54ms
34ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7MCF8X4X0H&cid=1168823755.1701858249&gtm=45je3bt0v888942913z8838580850&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1124167274

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
202 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=863838190&t=pageview&_s=1&dl=https%3A%2F%2Fye.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE%20%22%D0%84%22%20%7C%20ye.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=472293456&gjid=917319475&cid=1168823755.1701858249&tid=UA-23402213-1&_gid=227756442.1701858249&_r=1&_slc=1&gtm=45He3bt0n81KR9MWRWv838580850&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1949858435

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ye.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ye.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23402213-1&cid=1168823755.1701858249&jid=472293456&gjid=917319475&_gid=227756442.1701858249&_u=YADAAEAAAAAAACAAI~&z=2142572457

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ye.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 06 Dec 2023 10:24:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ye.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 52ms
33ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23402213-1&cid=1168823755.1701858249&jid=472293456&_u=YADAAEAAAAAAACAAI~&z=711218631

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23402213-1&cid=1168823755.1701858249&jid=472293456&_u=YADAAEAAAAAAACAAI~&z=711218631

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 664D 60 KB
17 KB 618ms
617ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&adk=1812271804&adf=3025194257&lmt=1701858249&plaf=2%3A2%2C7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fye.ua%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858248735&bpp=8&bdt=168&idt=374&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7291214964486&frm=20&pv=2&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=384

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1216842449127365&plah=ye.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecf9ebe86e3cba43326de7a3c09449fa5474c96a0dccd71a100b774b110960f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17253
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:09 GMT
expires: Wed, 06 Dec 2023 10:24:09 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=scroll-progress&cls=scroll-progress&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vinos.js Show response
maxrilla.com/bens/ 76 KB
77 KB 77ms
35ms Script
text/javascript 193.200.65.68
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://maxrilla.com/bens/vinos.js?24657&u=null&a=0.43542717951033083
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e69d35045681a2497b8aa40ea9e0eeaab3dc0295bb97bfd3ebf7fc1768291e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: text/javascript; charset=utf-8
Date: Wed, 06 Dec 2023 10:24:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"

GET
H2 200 asyncspc.php Show response
openx2.ye.ua/www/delivery/ 4 KB
999 B 19ms
19ms XHR
application/json 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://openx2.ye.ua/www/delivery/asyncspc.php?zones=23%7C25%7C28%7C29%7C27%7C30%7C21%7C34&prefix=revive-0-&loc=https%3A%2F%2Fye.ua%2F
Requested by: Host: openx2.ye.ua
URL: https://openx2.ye.ua/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: a93c2df80e7f526d57df3f84126131148285d98f09cbce1c302cbd248f9d5cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye.ua
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8313d14cfd5135ee-FRA
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231204&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebb97b5e4484a9540ceecf811bfdead000ad86732e491b82b75889eeb1552b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12195
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc3f72b5fd9d8db2907974cf2c815903dd438134ab524f6c9be1d3c8a8fa84f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55950
x-xss-protection: 0
server: cafe
etag: 18312829676527222209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:24:09 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E46A 116 KB
47 KB 591ms
591ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeab609fee90fc342e5abbc68022a90e130e58d8ade76571effcb42a44d73e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47824
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:10 GMT
expires: Wed, 06 Dec 2023 10:24:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C9E 39 KB
16 KB 577ms
576ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

533584c44b006ee4f9cc7acf92c55f345e822b5c73f19f45ce4e306ac6614093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16551
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:10 GMT
expires: Wed, 06 Dec 2023 10:24:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=863838190&t=event&ni=1&_s=1&dl=https%3A%2F%2Fye.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE%20%22%D0%84%22%20%7C%20ye.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=10percent&el=10-%2F&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1168823755.1701858249&tid=UA-23402213-1&_gid=227756442.1701858249&gtm=45He3bt0n81KR9MWRWv838580850&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1186182412

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 07:11:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11551
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=863838190&t=event&ni=1&_s=1&dl=https%3A%2F%2Fye.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE%20%22%D0%84%22%20%7C%20ye.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll&ea=25percent&el=25-%2F&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1168823755.1701858249&tid=UA-23402213-1&_gid=227756442.1701858249&gtm=45He3bt0n81KR9MWRWv838580850&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=984555366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 07:11:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11551
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
116 B 23ms
22ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=23&loc=https%3A%2F%2Fye.ua%2F&cb=da735f1db5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d7dde35ee-FRA
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 34ms
33ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=64&campaignid=54&zoneid=25&loc=https%3A%2F%2Fye.ua%2F&cb=5509b08091
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d7de035ee-FRA
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 33ms
32ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=9&campaignid=10&zoneid=28&loc=https%3A%2F%2Fye.ua%2F&cb=a164def0f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d7de135ee-FRA
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
122 B 31ms
30ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=29&loc=https%3A%2F%2Fye.ua%2F&cb=aea5916e3f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d7de335ee-FRA
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 38ms
37ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=27&loc=https%3A%2F%2Fye.ua%2F&cb=0b2dc45c9c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d7de535ee-FRA
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 36ms
35ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=30&loc=https%3A%2F%2Fye.ua%2F&cb=c922e00fc2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d7de635ee-FRA
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 37ms
37ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=21&loc=https%3A%2F%2Fye.ua%2F&cb=8fe9102b11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d8df635ee-FRA
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 46ms
45ms Image
image/gif 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=34&loc=https%3A%2F%2Fye.ua%2F&cb=5f348672f9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8313d14d8df535ee-FRA
content-length: 43
expires: 0

GET
H2 200 9fd568dd44821cd84166a0cec6edc56c.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 5 KB
5 KB 38ms
38ms Image
image/webp 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/9fd568dd44821cd84166a0cec6edc56c.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8adebfd685a1b2fe5148e65f71830e4e6a1d843b6c9f0d86b285d59cfb6d2080

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5088
cf-resized: internal=ok/h q=0 n=14+84 c=0+0 v=2023.9.8 l=5088
last-modified: Sat, 12 Mar 2022 12:25:15 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cfVbkW1h-gjCZlHYKFUuLJtu9gXgdYILPeIlaz2NQiDQ:2b16-5da048a1f71bf"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8313d14dae2235ee-FRA

GET
H2 200 37934d0fbc914ecac2e56416a30f5dc3.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 365 KB
366 KB 46ms
46ms Image
image/webp 2606:4700:10::ac43:2bd5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/37934d0fbc914ecac2e56416a30f5dc3.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb31c365d6de3fb11a3a61024ace5305db4e01e1efe0e93a2ca05d4c1c577b7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 373784
cf-resized: internal=ok/h q=0 n=14+94 c=0+0 v=2023.9.8 l=373784
last-modified: Thu, 01 Aug 2019 06:55:30 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cfj8PSKuIwbFcK27xSGGA5MXinXgdYILPeIlaz2NQiDQ:a0f83-58f08ba34f1f2"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8313d14dae2435ee-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 10:24:09 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 17ms
16ms Image
text/html 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1719260318&rv=3bt0&h=Ag&gtm=45He3bt0v838580850&ccid=38580850&cid=GTM-KR9MWRW&l=GTM-KR9MWRW.L1466.S2.Y4.B5.E1118.I1547.EC7.TC5.HTC0~gtm.init.S0.V0.E9~gtm.js.S0.V0.E189.TS5ua.TI4.TE1.TS5googtag.TI8.TE2~gtm.dom.S0.V0.E5~gtm.load.S0.V0.E63.TS5sdl.TI9.TE0~gtm.scrollDepth.S0.V0.TS1ua.TI7.TE2~gtm.scrollDepth.S0.V0.TS1ua.TI7.TE1~gtm.init_consent.S0.V0.E10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/ Frame 4C52 9 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:42:25 GMT
etag: 5585625838579639069
expires: Tue, 19 Dec 2023 15:42:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E03A 624 B
246 B 48ms
48ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNXqckNshq9vx5C942YwDPcil4uKDaiY3GzWs1J__mX0HI2hKiJaYD2SmkoJAIkWP6BMciSf_0ApiCwIPRP6TTZV5gaj23AusSKFZeej_cI_OdzvdMxzGOXltlMlpVQbWrNu6cbylh-9dHANGOrCZHPuzAY9DMdacbBKeNd38qL0w2_JdE8

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:09 GMT
expires: Wed, 06 Dec 2023 10:24:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4BA9 89 KB
31 KB 143ms
143ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:24:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 4BA9 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 09:29:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 4BA9 20 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BA9 202 KB
64 KB 109ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:24:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA9 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5O59dNFBz8xZybMUZ87_4OtrO11SmUMGNHfAimpxcYy-JZ_7rU-oEo00oheeHnkAHfIZ2Q6ByfxblCUM8N1ShDbYZEFHyTUfLmuF766E_BsJ7zxM

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31EF 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 09:29:38 GMT
expires: Thu, 05 Dec 2024 09:29:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B0B5 829 B
998 B 25ms
24ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0af64ad95ac92253b8a6aa9f2b1262b5e273af3cba6f87f141d4d5c89c23a11f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n8h4_canTI7ZY9Hxtb3Jqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-n8h4_canTI7ZY9Hxtb3Jqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:09 GMT
expires: Wed, 06 Dec 2023 10:24:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 31EF 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 09:29:39 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E03A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1

43 B
332 B

22ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNXqckNshq9vx5C942YwDPcil4uKDaiY3GzWs1J__mX0HI2hKiJaYD2SmkoJAIkWP6BMciSf_0ApiCwIPRP6TTZV5gaj23AusSKFZeej_cI_OdzvdMxzGOXltlMlpVQbWrNu6cbylh-9dHANGOrCZHPuzAY9DMdacbBKeNd38qL0w2_JdE8
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0F59V01J2R6cEGopanqoW20tWtc8iZaUaDzGybLUlroOsCsW4ZuvyE6KVM7VDiAV7ldc8G66fess3GYK7RHsv8a9sECZJsKh%2BIpE1Rt0UcW%2BmfVuIg7PJuKJLshdMUdxG79TUwlf2ZKyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8313d14e9aa06913-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E03A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXBLySu2RCG1xsQcWAp6oAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1

43 B
767 B

31ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNXqckNshq9vx5C942YwDPcil4uKDaiY3GzWs1J__mX0HI2hKiJaYD2SmkoJAIkWP6BMciSf_0ApiCwIPRP6TTZV5gaj23AusSKFZeej_cI_OdzvdMxzGOXltlMlpVQbWrNu6cbylh-9dHANGOrCZHPuzAY9DMdacbBKeNd38qL0w2_JdE8
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DH5v3VZaj1rYk61o4tTMST2C8tKXHlw55foqbI%2BbXq9nHEhQNpsgxSi6iVhZbAFv5izM1A%2FJ3tJiUZXOVyBYMHD8Nz9MSlVbd3NQtiDkxpcHpzWrTnPGlgkOdpyN9FlOmG2ATsTafKXqVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8313d14ecf6235e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIUdg2AeiZzFNI2ArEdrS78&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E03A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHu1rqKu9RKVeF8tgGQcieM&google_cver=1

43 B
846 B

14ms
13ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHu1rqKu9RKVeF8tgGQcieM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNXqckNshq9vx5C942YwDPcil4uKDaiY3GzWs1J__mX0HI2hKiJaYD2SmkoJAIkWP6BMciSf_0ApiCwIPRP6TTZV5gaj23AusSKFZeej_cI_OdzvdMxzGOXltlMlpVQbWrNu6cbylh-9dHANGOrCZHPuzAY9DMdacbBKeNd38qL0w2_JdE8

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
an-x-request-uuid: 4b2464c3-35bd-47b1-9b1e-25a6119c64c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.74; 45.141.152.74; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHu1rqKu9RKVeF8tgGQcieM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E03A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D

170 B
243 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
an-x-request-uuid: 9b867bec-7b09-46f2-8564-d9c5c6df3e82
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D
x-proxy-origin: 45.141.152.74; 45.141.152.74; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B0B5 0
0 40ms
40ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231204&jk=2213315020667298&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 31EF 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C_4OCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA9 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2761187955405&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA9 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2761187955405&version=m202309260101&ct=76&x=1&cor=14129960269013608000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4BA9 110 KB
41 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CE5oAT9_IYRPDYl6o9FO2jxW8aT2bFsQhxwMECyBvkwhrGlzqG7SwIomDOJLJZn3ZWzDluVQAXucKoF7E5R1u_nyhOk6x0Ab5KcDGwA7M0hy9Xta24uthM5sOZ__i68D4kmxSMkc3OXSJIJ_eIR2mKoAqj8GXeaM10mCCUjrSoro93yQI&dbm_d=AKAmf-DgwLJNx97CurepsERDOeh3SUpHMJA_IrVq7Lb9X2gnhpEnY1qnCdH0Ljnfd_piWseKvZl7_oMeU_WP6lLnfik8ur-FuFoIYKvO5ZJW6GaWJYj3d-jOew8-gdfPwBJI8x26v0CLIDEQL3XhjHbmyFq-nM17ZxD5amTQv_B9VisKxlG_nCDdKK_80y3cHz4g6bMdVB47eDCsm3ciS-X7MYtfZJTk1qbYgv5pOhL3ifpxZ4e7utM6gr3FPP_j_6shbiViipf2rytf8G0n6N0zTpd_gubgwgkIdE_UxI6yG96q84S0ikP4ETpks6uUPn3WQL362tgeQaaGoUGvZbsTxviDboZKy1LGYzYqQzUazTxXOwerUSQacGWUePSPlVvmTIX6AhkbKzMUAmGSrcbdjjI9mF2vi5tQhoUGSkNT68x3wor98VgdyKwg1d2fDbpHCmGhTek07lS-roDrgVtNzJ32zwBL0VMyYV1pmtPTOt2wrS0kyRL4ynf60KVUHiFhdw2gdz5kp03ZYqzTt840n7SKPm_TgoSbKWFMtPxkJR8MSGjZmMrYhvjmUxQzLC2c_ZNCqTbQE8_EY1MCmNndzJBTcZXI2wQyxwj7VTx9bxy8MQahtVrBc130t_cy_cs98USx2oYQTIxVAGz3HYDSS4NfZDkCqFTb-LCjljhuTTILkmiAv-iq6T6ptpM2LwRGnu_etgoIJAw1gYiXJutHF7mI2mfB0DAzdkmTRym7-T3ri6nGtpzhNUGNNMSp7xCbEy0-QKrzIPXY6Qes0OTlp3IF538nkTVRc1VExOiTzCo326Nt8Fj8Re6J56fmAQWzdewMK1zj-drP7Qpr8ZH9Et-AM6Uy5aBHGW45kv080-qdZWVm1mfygDgA5_LK9yX9fn6VrIHsnWm06lQndAyFFqO0ywJkHUS6gs8M8vBLYJRl0_ErRZ2I_6TiJqn9Fyy6XftWI5D58Bd9AzQ-Q2kqGIXHAaCyjcdWrbDSSHkDP2EihpTDlA_TKjC2ecbyInaxYkBzwoiDZVxz5IUKL2p_ovBZ-i2ui0xZeYUsBL3tHqNyIVG-W9eVptBS2u4tpy69I61yQ8OdOTmO_8rnWP9JlVvtA-swzQebZOUQF-O_F73QIVZJQPoLXgnkmim6Bf3ke3hI_OBj5rwBLKSrmNNm21rDzk869aYlQvIEuzuq0VCqInaXMubTCUttXSIqyej-tCoif5HQV8LfqnhD-dhHkpDJWXaMr_AwINzieyg4Qfmed0x-vtZ4MbKa0IXRKXusQRxDBeEchysdwU1ZsNjykPk8XAaN-klWuCtU92jToqecWm35tIwNV0jgmMsDZzrGNX_GA5BoiDEZLnU7RgQD-uzt5aSs4G9Zgg9XHkSHg3waqoE_yeI1Lznk4YNilKX3xGlazgf-H7ol6-xrk6XB8XZt1Em5baCEwfNwVcsckRx1QKP7MzCjj5dbkGqohTtdAGEw0BoQGcKO1UJ4rQAO5hOaNN8ZBEis5A4pkgu57RJJ1vxMihrIBNM8Xk9ffvoTovXfeuelZg9fmJeJGt_xV4ht2beNO9JaX22YSAGyfd9MX5Fxn9srSGIQ2YlTv2x-6GvKGD9Os8Qq5QzJBF-9v1tAyx_ylMaFdMahO7xgEOhAJ8rqOPzQV1HT_OMUyBjPr3QQ2m8XYadYkInqOVNNw7q70p5CLL2JNQQD5v8viDWDHOb5Sw40y3lkOqS8IAH67fzfb2ALQ8OpY1Wc3RQe7yxYV-LjUMUPZG_SoIeRPNBgm10uTDwM1iea0dN7xvKf3A_tyoVS4PsK6kn3cvMv5Xpo0UwDzY8en5OGssrAph07vI_56uAxvpc7hv6EAth-Clyf96L3GoHmaMx7wNJHHW2i_ptib2Ucr4mZvUtu8POYKJ114It0GkDPcRyE6ux6BHumleJF8r8-jgMJp_iNj21C_q9lsRvVvJEctDqaDhgLNGJtdAr7p4OfF-OTgcUu0VDR0nqHgrWhoS75D_oxLTzdQ-ChdSPJnpO_yvJOcjkw5rs1EOylAu73OvZPQ91yA4_qr7ay0adthoP10EyER5FDhnXuo4wjXmy_8L2PskdUS5VHOMIh-qvliujsZGkl1AH3IQT46rIGALDIDdyrUdSYXRWxBWiXXrhbsquY7br7aah7eQHfRsPonsVqkikJjhPJ5qsbeC7SAoVq61zggD9GdYbMA3OdoMaifvxZ5tzs8Lk7SvNKO88yS3En66pts09qsXaokximeyClLZa8Aw2qlf7kOcYA0mchgQhpTfoGimhxrbLOX9Q8DidwLh7onRXRmMM-hvZrD5__dqGz2YUM9q4wHzdJ21zJpS6bjpU8EjKjxz_-dovW_TYvRY8xrJW5B1yxn0uxX9zQ6FezPLRGAwZWNKbPswy_dE0p4najYoc4TfhalCwjkAt6Y4BASHpg3zc5QhyiDiSctjBAtydiQwTzr-ZPWJkjisM_50ORgvDE8DhMssqiwtLQNlvd3QNI9LhIikNiMgNWYF4y0nkveMpmMVbh71mMmQ6yTAGxzcQTUx9dYZE7N5Aqdc93x-eG80ER96KRKZg2I8y3pVTwWp6Qw3p6B85Ejia4RI7xCIOCaOYXD2nGEMimEGsESKd9GRNk0ptkywLtZ3Xk89aZhO5gGADA9yGPjkpEaZlTvfjqXYujt24e-68b_UXXenDhlQsNrpFWV6K-U0aLVx0Ns2kNm9G8oDt_D68xw7QR9ZI2MjIZHl2nt61HHReVpQXO0MGk5BgazdSIO6RzKRzpNI22a1-mSkM7r5c1D27O8F4Q6BvxUiJ86OaQmQnj_V3dKnL5jMOkUdcpR-U6FN32YLBISB9sDIgdJwrf_-oH24ae6Tl1E_dfpbogmOjUiiCx7P6Y_dJQsL5lcDdcZfiLQLkDhDqyy_e4m6AQO-3qdJn4f0JjV0DyMhKngjbAkQ59baCzun3Uev01AhSNgfWv2vhF2gy3bCqdHhbiECDapWP8zyQV_apOYybdqXw6O8el2IHp-o4OhnPWI_Guc4c756dGYyFCeD0UtuAkkZM5eJlGQAEkUVvoq_VlTaIhWfud2UOsiV1vtvvo2eRSxe8gZ-zTB91oRYhI-hdDWqItfTYj6ZOsZKajQjNf2p1FEN1LhJjvW6QuZa7XfhT_2jHiVl9y22BrmVm15-9lcqVRzoL3z64eCP0Jwtuzn1BkDsuEmE8WtJvImUrzy8LAo5QN3LQdcV404pCKbLzrPGat5jsrVfaXxCgfg5aeCu50qkMUDHp5E4eDK5BAPKuslVPvm6dY39qIm-VPfN6HSy_gUX1ZNAVKy5P2xwuXIbKS3xJ_KRc7bNzsMwRyhZlGv2x2jN72N8O2jfnk6U8ueojrKLF8WJxxdT8jNaACfoprMjIIcEX8QVLUkb5DfA8QQQW-jknieVUzhSZcOPj2QFm9XZol0r3WreTCQIItk4qp01WoBjcIirqvy9_Y8ZVsre1Oy30McLJyKA4CKrnDTIjoAVZfeEzdn3PmzyfHpmqotxgcVDOzrKdS_9n0w3RYjdq4Gz1foVt1ajRfKJ9-t3Nvs3GKzWvV7gkQEPl1HSiGIDtWCvwKkDfNofazyM4wDuZOwvs-7UoHQpuxpODVQVniGq3xvbia0pwLfDL1dfl_I94M5xJUo3UQpq4hP_LFp-ftnIKXHx8llxLad94atHL1pBXOlbRnaUbvX1uhDE_oiTVznwPfCrygL1LHzvvNhNMMNPgeUlgKZQSzjetIeR35OdporxprfpITDApZ_ygM8TfNtKO9GUEgQsDuQrN2N6m1az_tJwAMWUioaxoIPJqDh9emDI1hzTBSogDmxC-9chtgV3d2cUh8gAkZqB1HlKHKwvZl618G7hiso7zqOW2dLEfdPbObBojlZpOewsv0uW33ruyjMiaMWuOlsC9SzDRKIHZy5hyntd22afpcJ7JNRjcPj-ZsvLYoSuEBLMnFrjkvZI2A2IclHIE5YSCcve6lTZNYyelflelneiL1KB5LkD1-X5nAUX2MSB5xbVXapRF-NZwSxzj8EjuWky54jmUN8R_Bvv03D36t5pHnNh_Y1qRULjJKwQR00rF7HNmYViDsnD2I8M6XlxrJC3eQ6CcYnUhuXCBI9RhKOyw9g3470yivBpc&cid=CAQSTgDICaaN8TlPV9R9gxbVFbcPPaa13s61vTY3QYFtAUjQrXbu8Rzg5gBzzqraIMmG6esE9Nqh8JQHbPjvjm4JdelKsAThS3Lyp-qCpgm_6RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fye.ua%2F&ds=l&xdt=1&iif=1&cor=14129960269013608000&adk=1761367584&idt=145&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

068917acc478a59da9adcced8e6cbd028e0b4dc63ea0fde3a33167faea6c931c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42452
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523875/ Frame 4BA9 255 KB
77 KB 118ms
36ms Script
application/javascript 34.247.14.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523875/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-1216842449127365&ias_chanId=1&ias_placementId=20487174429&bidurl=https://ye.ua/&ias_dealId=&xsId=ABAjH0g5gSIQA2rsh6ghTwrAH8i7&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g5gSIQA2rsh6ghTwrAH8i7
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.14.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-14-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2b7289e87efca5ffb67ebbed1e980d4a56b842fe0fe58140a34e31edc152d700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4BA9 111 KB
39 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 19:51:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame 4BA9 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CE5oAT9_IYRPDYl6o9FO2jxW8aT2bFsQhxwMECyBvkwhrGlzqG7SwIomDOJLJZn3ZWzDluVQAXucKoF7E5R1u_nyhOk6x0Ab5KcDGwA7M0hy9Xta24uthM5sOZ__i68D4kmxSMkc3OXSJIJ_eIR2mKoAqj8GXeaM10mCCUjrSoro93yQI&dbm_d=AKAmf-DgwLJNx97CurepsERDOeh3SUpHMJA_IrVq7Lb9X2gnhpEnY1qnCdH0Ljnfd_piWseKvZl7_oMeU_WP6lLnfik8ur-FuFoIYKvO5ZJW6GaWJYj3d-jOew8-gdfPwBJI8x26v0CLIDEQL3XhjHbmyFq-nM17ZxD5amTQv_B9VisKxlG_nCDdKK_80y3cHz4g6bMdVB47eDCsm3ciS-X7MYtfZJTk1qbYgv5pOhL3ifpxZ4e7utM6gr3FPP_j_6shbiViipf2rytf8G0n6N0zTpd_gubgwgkIdE_UxI6yG96q84S0ikP4ETpks6uUPn3WQL362tgeQaaGoUGvZbsTxviDboZKy1LGYzYqQzUazTxXOwerUSQacGWUePSPlVvmTIX6AhkbKzMUAmGSrcbdjjI9mF2vi5tQhoUGSkNT68x3wor98VgdyKwg1d2fDbpHCmGhTek07lS-roDrgVtNzJ32zwBL0VMyYV1pmtPTOt2wrS0kyRL4ynf60KVUHiFhdw2gdz5kp03ZYqzTt840n7SKPm_TgoSbKWFMtPxkJR8MSGjZmMrYhvjmUxQzLC2c_ZNCqTbQE8_EY1MCmNndzJBTcZXI2wQyxwj7VTx9bxy8MQahtVrBc130t_cy_cs98USx2oYQTIxVAGz3HYDSS4NfZDkCqFTb-LCjljhuTTILkmiAv-iq6T6ptpM2LwRGnu_etgoIJAw1gYiXJutHF7mI2mfB0DAzdkmTRym7-T3ri6nGtpzhNUGNNMSp7xCbEy0-QKrzIPXY6Qes0OTlp3IF538nkTVRc1VExOiTzCo326Nt8Fj8Re6J56fmAQWzdewMK1zj-drP7Qpr8ZH9Et-AM6Uy5aBHGW45kv080-qdZWVm1mfygDgA5_LK9yX9fn6VrIHsnWm06lQndAyFFqO0ywJkHUS6gs8M8vBLYJRl0_ErRZ2I_6TiJqn9Fyy6XftWI5D58Bd9AzQ-Q2kqGIXHAaCyjcdWrbDSSHkDP2EihpTDlA_TKjC2ecbyInaxYkBzwoiDZVxz5IUKL2p_ovBZ-i2ui0xZeYUsBL3tHqNyIVG-W9eVptBS2u4tpy69I61yQ8OdOTmO_8rnWP9JlVvtA-swzQebZOUQF-O_F73QIVZJQPoLXgnkmim6Bf3ke3hI_OBj5rwBLKSrmNNm21rDzk869aYlQvIEuzuq0VCqInaXMubTCUttXSIqyej-tCoif5HQV8LfqnhD-dhHkpDJWXaMr_AwINzieyg4Qfmed0x-vtZ4MbKa0IXRKXusQRxDBeEchysdwU1ZsNjykPk8XAaN-klWuCtU92jToqecWm35tIwNV0jgmMsDZzrGNX_GA5BoiDEZLnU7RgQD-uzt5aSs4G9Zgg9XHkSHg3waqoE_yeI1Lznk4YNilKX3xGlazgf-H7ol6-xrk6XB8XZt1Em5baCEwfNwVcsckRx1QKP7MzCjj5dbkGqohTtdAGEw0BoQGcKO1UJ4rQAO5hOaNN8ZBEis5A4pkgu57RJJ1vxMihrIBNM8Xk9ffvoTovXfeuelZg9fmJeJGt_xV4ht2beNO9JaX22YSAGyfd9MX5Fxn9srSGIQ2YlTv2x-6GvKGD9Os8Qq5QzJBF-9v1tAyx_ylMaFdMahO7xgEOhAJ8rqOPzQV1HT_OMUyBjPr3QQ2m8XYadYkInqOVNNw7q70p5CLL2JNQQD5v8viDWDHOb5Sw40y3lkOqS8IAH67fzfb2ALQ8OpY1Wc3RQe7yxYV-LjUMUPZG_SoIeRPNBgm10uTDwM1iea0dN7xvKf3A_tyoVS4PsK6kn3cvMv5Xpo0UwDzY8en5OGssrAph07vI_56uAxvpc7hv6EAth-Clyf96L3GoHmaMx7wNJHHW2i_ptib2Ucr4mZvUtu8POYKJ114It0GkDPcRyE6ux6BHumleJF8r8-jgMJp_iNj21C_q9lsRvVvJEctDqaDhgLNGJtdAr7p4OfF-OTgcUu0VDR0nqHgrWhoS75D_oxLTzdQ-ChdSPJnpO_yvJOcjkw5rs1EOylAu73OvZPQ91yA4_qr7ay0adthoP10EyER5FDhnXuo4wjXmy_8L2PskdUS5VHOMIh-qvliujsZGkl1AH3IQT46rIGALDIDdyrUdSYXRWxBWiXXrhbsquY7br7aah7eQHfRsPonsVqkikJjhPJ5qsbeC7SAoVq61zggD9GdYbMA3OdoMaifvxZ5tzs8Lk7SvNKO88yS3En66pts09qsXaokximeyClLZa8Aw2qlf7kOcYA0mchgQhpTfoGimhxrbLOX9Q8DidwLh7onRXRmMM-hvZrD5__dqGz2YUM9q4wHzdJ21zJpS6bjpU8EjKjxz_-dovW_TYvRY8xrJW5B1yxn0uxX9zQ6FezPLRGAwZWNKbPswy_dE0p4najYoc4TfhalCwjkAt6Y4BASHpg3zc5QhyiDiSctjBAtydiQwTzr-ZPWJkjisM_50ORgvDE8DhMssqiwtLQNlvd3QNI9LhIikNiMgNWYF4y0nkveMpmMVbh71mMmQ6yTAGxzcQTUx9dYZE7N5Aqdc93x-eG80ER96KRKZg2I8y3pVTwWp6Qw3p6B85Ejia4RI7xCIOCaOYXD2nGEMimEGsESKd9GRNk0ptkywLtZ3Xk89aZhO5gGADA9yGPjkpEaZlTvfjqXYujt24e-68b_UXXenDhlQsNrpFWV6K-U0aLVx0Ns2kNm9G8oDt_D68xw7QR9ZI2MjIZHl2nt61HHReVpQXO0MGk5BgazdSIO6RzKRzpNI22a1-mSkM7r5c1D27O8F4Q6BvxUiJ86OaQmQnj_V3dKnL5jMOkUdcpR-U6FN32YLBISB9sDIgdJwrf_-oH24ae6Tl1E_dfpbogmOjUiiCx7P6Y_dJQsL5lcDdcZfiLQLkDhDqyy_e4m6AQO-3qdJn4f0JjV0DyMhKngjbAkQ59baCzun3Uev01AhSNgfWv2vhF2gy3bCqdHhbiECDapWP8zyQV_apOYybdqXw6O8el2IHp-o4OhnPWI_Guc4c756dGYyFCeD0UtuAkkZM5eJlGQAEkUVvoq_VlTaIhWfud2UOsiV1vtvvo2eRSxe8gZ-zTB91oRYhI-hdDWqItfTYj6ZOsZKajQjNf2p1FEN1LhJjvW6QuZa7XfhT_2jHiVl9y22BrmVm15-9lcqVRzoL3z64eCP0Jwtuzn1BkDsuEmE8WtJvImUrzy8LAo5QN3LQdcV404pCKbLzrPGat5jsrVfaXxCgfg5aeCu50qkMUDHp5E4eDK5BAPKuslVPvm6dY39qIm-VPfN6HSy_gUX1ZNAVKy5P2xwuXIbKS3xJ_KRc7bNzsMwRyhZlGv2x2jN72N8O2jfnk6U8ueojrKLF8WJxxdT8jNaACfoprMjIIcEX8QVLUkb5DfA8QQQW-jknieVUzhSZcOPj2QFm9XZol0r3WreTCQIItk4qp01WoBjcIirqvy9_Y8ZVsre1Oy30McLJyKA4CKrnDTIjoAVZfeEzdn3PmzyfHpmqotxgcVDOzrKdS_9n0w3RYjdq4Gz1foVt1ajRfKJ9-t3Nvs3GKzWvV7gkQEPl1HSiGIDtWCvwKkDfNofazyM4wDuZOwvs-7UoHQpuxpODVQVniGq3xvbia0pwLfDL1dfl_I94M5xJUo3UQpq4hP_LFp-ftnIKXHx8llxLad94atHL1pBXOlbRnaUbvX1uhDE_oiTVznwPfCrygL1LHzvvNhNMMNPgeUlgKZQSzjetIeR35OdporxprfpITDApZ_ygM8TfNtKO9GUEgQsDuQrN2N6m1az_tJwAMWUioaxoIPJqDh9emDI1hzTBSogDmxC-9chtgV3d2cUh8gAkZqB1HlKHKwvZl618G7hiso7zqOW2dLEfdPbObBojlZpOewsv0uW33ruyjMiaMWuOlsC9SzDRKIHZy5hyntd22afpcJ7JNRjcPj-ZsvLYoSuEBLMnFrjkvZI2A2IclHIE5YSCcve6lTZNYyelflelneiL1KB5LkD1-X5nAUX2MSB5xbVXapRF-NZwSxzj8EjuWky54jmUN8R_Bvv03D36t5pHnNh_Y1qRULjJKwQR00rF7HNmYViDsnD2I8M6XlxrJC3eQ6CcYnUhuXCBI9RhKOyw9g3470yivBpc&cid=CAQSTgDICaaN8TlPV9R9gxbVFbcPPaa13s61vTY3QYFtAUjQrXbu8Rzg5gBzzqraIMmG6esE9Nqh8JQHbPjvjm4JdelKsAThS3Lyp-qCpgm_6RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fye.ua%2F&ds=l&xdt=1&iif=1&cor=14129960269013608000&adk=1761367584&idt=145&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:38:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 4BA9 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 19:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BA9 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame 4BA9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a63b4c28e91cbc0a9536a564018dfc5ea91b748188a1eccfa98b8537d0e9518

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3D9D 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 90765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1064608057035189096/ Frame 1C42 6 KB
2 KB 21ms
7ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 128345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1879
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:45:05 GMT
expires: Tue, 03 Dec 2024 22:45:05 GMT
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4BA9 0
0 84ms
50ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmlaEnxLkRuiTXfYi8l1v8UPBkA3OY8gc0_1J18WT8t3ui5JtZ6oI8uQVSDBNmQa-M1zh-Sp8Qd5PuuT7r8tnGii9QxySJGxkDt5PtB4DPMI40I84MsZfXG1F3NvSGRfa12rdPE1YRE8_DYf4NnKz64tsAxNljnXetMRldZLAF1xzAmlAe0e7lCVWp6c3gGjuths6CNMJEjzsoP8yI8uO82-I4b5IfgXNmRho5yQv1vOPffk9SJQJgzJ_a-zH9kl_ehnkpA03i-A129rHarexoeImRiA7ha6v34D4axwTZVQB29ua13VGinSTyJ5tqpIovghRPxw-cjFkIfa0UKRuVPA_MQC2QFhV3uB9EsEkCH9GaunsDlRo0J3BKDoeQR-3W2kZ8-eYdjxpiup39n8l_40nZhCj5XgmD4MzN1GuXwA-msaZdeGmzFPXrCeQ05wWKKpg4bv8KuKVheN_ms2QtR0exF6jq4Cn7NZrpbEN5kZc2pJbriVasCyWKbjeWd6MxtzJqoZCsLY9xOSmM64d3THS_Ogt0oq-1hDxiGrBdeOXVFg8zTknRhWsSG7H3IU586es93sJRrnvs2qbNiwMOdffuYiPT3jg4aX0Ns08nhLirPyH04vKIeCeZS-ocQSgBJwxOCcyoxCoiB56RuCkSpFkwsGttG91HR7ojXGKu6p3kfgPIOMCEs1vDAmhmWfAjCYMqtXR90ef6FTumwYg5f7WEwDe6fwKchtI9_0yUOQt2SoxbRxZmbS-0i4lZgL0p82DrD0ES9WsqGV0pih-6LBMZAU085fRUHG4z_G16h21s4ac9aV_R6-6l5f3mrxLSuodbj5zxQ7q5qCy_OkXcb7mKtXyFZVc7x6X74QeoxNbNHcWwHhaoz0JcvY28ZOhaYd6DStRAdla2TWW0mQsFYnjt26hGX_TkrzHBlBaqEVdwRp4R2vu2sz4inHVoq2b_o8SmnUClcPvb1QyZzY2HgyUj9iOE5lFFnynY5lw8eyi96bEjmGbU6TE8DbFbslfwYxcvSa783xeQsJroSjHS9pDrfNh7CuQ_eZtkOoh1jMOUUqkfdTpvOxqhgOPu2k0TuCVkhF3M17aNtPIhTKvnwghOJjixuiZNhypBqJmdCrORrVKs7OeoSlxdMSAK0HxQKg6WUFZ14L_Z_Q-DFJealtfVo4qSne0bI5l3duvh2CM0lkIAqfSEefRKI6YqtXYmrYl4E_7A3lqGQknxPnnjmTt2zWaRidpBUJvjd7bq-XYZiZaIuWqvaZL4yhm9cUm0vmy9nvD-k5Uy4B1IbmWqEqnT_yPoUR0gIwkiCZQZFMJPfKF0wMMC0naePwqqq0gdZks0&sai=AMfl-YT2UlCMVCJ5xQeL8D87xHxLJiTVIRKH47XbVDfeD3RsaqRFAFTw-OB6BTP41IR-Kx9hZqJMy4HgVwrj9psgPGdcsTtmToc8ECJmuWBLNRGnDa5Vyr-d9kzw8hAXYKj9DMiynOt21xQpXnckG8txxDZHVNrlr0vAJ3xF20Wm4WtmwzuIkFkIyiTjQZpiU1CixVTIk2ARHO8U0IJdJ_20vlTuVEhIzf_zKU3pGH2ytIRWBjjxhjjtXnP1Xu6aRPMbGWIF8syKvLbOg_ifS1kxJA5yMx333H4Of8mF0g&sig=Cg0ArKJSzHu_0N55dxIZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=53&cbvp=1&cstd=52&cisv=r20231204.97477&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D9D 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 09:29:39 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/1064608057035189096/css/ Frame 1C42 6 KB
2 KB 11ms
10ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 12:55:20 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 1C42 70 KB
25 KB 41ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2338198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5vf2ImYuDkZh3UuIBDRFBqYI95P7uQxHWHvFDdSSMRhGTvm3kv9x3Zx3Sy%2BsZfVWLyHcA%2FL1AE0wLS9rkHF4hOaIxVpLEUfCsRrp9IbZyTRwhj5PUF6zaTL5y8o5NQ%2FtpayT4dd%2BAMDgVmn35OU8nO3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8313d1500d3a0410-FRA
expires: Mon, 25 Nov 2024 10:24:10 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 1C42 7 KB
4 KB 38ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 703382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfhJESIMNwr7jQ0Qd8%2BwPMxgUxonUszzTZZ37nhDEE7PM1WEMxjIqVB%2B%2FHb7pft%2FcIJMKwzifmlE%2FPVYIDHd8McgfGGhqpom%2Fiyd6%2BUWsocLopxUkwJC0vpJjHi23zSyNISBHc0vEDVGWd5KmCTyL70Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8313d1501d410410-FRA
expires: Mon, 25 Nov 2024 10:24:10 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 2 KB
1 KB 12ms
12ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 12:55:20 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 2 KB
800 B 11ms
11ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 15:16:30 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 429 B
349 B 8ms
8ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 13:53:26 GMT

GET
H3 200 dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 25 KB
8 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson-v15s-submarine.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8356
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 12:55:20 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 33 KB
33 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 02:04:14 GMT
x-content-type-options: nosniff
age: 116396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33567
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 02:04:14 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 33 KB
33 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 17:17:43 GMT
x-content-type-options: nosniff
age: 61587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33601
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 17:17:43 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 25 KB
25 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:40 GMT
x-content-type-options: nosniff
age: 128310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25911
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:45:40 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 9 KB
9 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:41:43 GMT
x-content-type-options: nosniff
age: 52947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8971
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 19:41:43 GMT

GET
H3 200 5-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 12 KB
12 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/5-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:23 GMT
x-content-type-options: nosniff
age: 128447
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:43:23 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/1064608057035189096/script/ Frame 1C42 4 KB
959 B 12ms
12ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 930
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 23:23:57 GMT

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 1C42 8 KB
8 KB 11ms
11ms Font
font/woff 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:55:21 GMT
x-content-type-options: nosniff
age: 250129
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 12:55:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D9D 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Byu3eyktwZaffBIHFjuwP7cGrsAMAAAAAOAHgBAI&bg=!4-Cl4K_NAAY3kmNgF5I7ADQBe5WfOMwBoeZnuL9ZoSD82FFbHhiYzsYTs2dNjSoww3tW09GChOUDsRBFSQDEy-Oslkf1AgAAAGVSAAAAAWgBB5kDAwZaFg472Bp8tshSmW8S2kkFk9kZAGQ3kwj2qbweEgbJI1FaOdLEM92vHNCm3TgdXovXwmkhtVGtfe9FH0JS9yYVHhcTzZR3qoj-YQptrsg6Xpc9vlAieZu71h4zkhMqKMbaMYTx2rqT7dWX4CZ5u70n_ybbagi4SHJa55TorBvCG2GhY9N-dt2I2NwivLdil_huI99z_14fipfLYvTI02FSTSqDdyVUWyBfT-WZtIWGL8fDCsqJhjM8PL3T2fR50YfxguAjPL602oUmUVZb_WcIqw8kFu9XQ2r-OtTzQezVI0gZIkT1xGrMbd_Hx87WmVIRKLjjBPksr06_8dNHXtiTGjyDOrWuMcqcDPx7mTukSpD7ja3CFO36o0sLrqJcKYRm_tKtMJODA176OFOcreSafqtC7ktPXajOUaO2QE2PD1f0SZyuQjP3UAXrbeaGotCeQQiY_gEkbSVpvHSfgxupUSXxYxgrfFBxGUYxv-JA0rQ2a11RrOvvuREUv_OpYKgZvoEHPpB2QhDWPwPyI0bRwqGmTD_mV-WVtb3OZjxiTXI1KVE0KOxVezxQFMTYwwBBlf3ZcLhH1Jj5YEmLArJ92vj8puIRTgLEDb7_2_FklE-OjVgIWiXfNrnc2U5OFsC8wKKV7oqpwtipP_L3rUXvvzYkzTtUwmN1Zv8iw4A0oFuM7aS6uf9M9loCeRFKDiBZq0vyxkz4QItZNoD-zCVl2h8zykMvZHFrIGUbp8EEw7omrF-ZfHRjBf6wXdCgpT4EJVqk8891HZFJnBVsjAodF5wM0KIOb7M3HamMTfrN_b0z2MQ2XdnOwoX7TzIkSnlna51D0OmaY1mUF6AXZgT-CLzivIHWbOOjnpWJLv3iM3hv-1ELJE45LPe3HWL-dNDyjeB4PzblyibapQ6DEiyM6wQbZ_LBl4WDQDSrmJ78DMtw2dejScyXlS5c7NYX0shD8hCpS2K_JjIDkjcDZJ6W9gzKRjZrKogfxG_UBESRuIn5c1tX8XdDsBcLRnSRZMqUwQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 4BA9
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523875/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-1216842449127365&ias_chanId=1&ias_placementId=20487174429&bidurl=https://ye.ua/&ias_dealI...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0g5gSIQA2rsh6ghTwrAH8i7&ias_xappb=&adContainerId=brand_safety_yktwZaffBIHFjuwP7cGrsAM&cbFunctionName=goog_wrapCb_yktwZaffBIHFjuwP7cGrsAM&true_pb=

1 KB
1 KB

6ms
6ms

Script
application/javascript

2600:9000:223f:d400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0g5gSIQA2rsh6ghTwrAH8i7&ias_xappb=&adContainerId=brand_safety_yktwZaffBIHFjuwP7cGrsAM&cbFunctionName=goog_wrapCb_yktwZaffBIHFjuwP7cGrsAM&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:d400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:54:05 GMT
x-amz-version-id: 4Cmv1jyFRAmZ7XChlLsmb9GJS5ztjryA
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 138606
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 04 Dec 2023 19:54:03 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: nhj9QUOu2tlRUt_rRgtTQvNrKrwT_G8wI7r2vsPH6QLgEgQwkPVcpg==

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0g5gSIQA2rsh6ghTwrAH8i7&ias_xappb=&adContainerId=brand_safety_yktwZaffBIHFjuwP7cGrsAM&cbFunctionName=goog_wrapCb_yktwZaffBIHFjuwP7cGrsAM&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame E82F 91 KB
23 KB 30ms
7ms Script
application/javascript 2600:9000:223f:d400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6603300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ASxBdlOrb-nld-64yBAXqbuWi3lfg0MHrWQSUqJVfCbNgv2Y6db8pw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4BA9 43 B
216 B 525ms
173ms Image
image/gif 2600:1f13:800:7781:74ad:d26b:3a38:f963
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=f90f3e97-d2c6-0431-a5e6-891459bef969&tv=%7Bc:w0Yq1R,pingTime:-3,time:36,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:36,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXEzMub+11%7C12%7C13%7C14%7C151*.1627455-73523875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:0,renddet:na,siq:13%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:74ad:d26b:3a38:f963 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4BA9 43 B
215 B 528ms
180ms Image
image/gif 2600:1f13:800:7781:74ad:d26b:3a38:f963
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=f90f3e97-d2c6-0431-a5e6-891459bef969&tv=%7Bc:w0Yq1U,pingTime:-6,time:39,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXEzMub+11%7C12%7C13%7C14%7C151*.1627455-73523875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:0,renddet:na,siq:13%7D&tpiLookup=ao:ye.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:74ad:d26b:3a38:f963 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4BA9 0
0 45ms
44ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmlaEnxLkRuiTXfYi8l1v8UPBkA3OY8gc0_1J18WT8t3ui5JtZ6oI8uQVSDBNmQa-M1zh-Sp8Qd5PuuT7r8tnGii9QxySJGxkDt5PtB4DPMI40I84MsZfXG1F3NvSGRfa12rdPE1YRE8_DYf4NnKz64tsAxNljnXetMRldZLAF1xzAmlAe0e7lCVWp6c3gGjuths6CNMJEjzsoP8yI8uO82-I4b5IfgXNmRho5yQv1vOPffk9SJQJgzJ_a-zH9kl_ehnkpA03i-A129rHarexoeImRiA7ha6v34D4axwTZVQB29ua13VGinSTyJ5tqpIovghRPxw-cjFkIfa0UKRuVPA_MQC2QFhV3uB9EsEkCH9GaunsDlRo0J3BKDoeQR-3W2kZ8-eYdjxpiup39n8l_40nZhCj5XgmD4MzN1GuXwA-msaZdeGmzFPXrCeQ05wWKKpg4bv8KuKVheN_ms2QtR0exF6jq4Cn7NZrpbEN5kZc2pJbriVasCyWKbjeWd6MxtzJqoZCsLY9xOSmM64d3THS_Ogt0oq-1hDxiGrBdeOXVFg8zTknRhWsSG7H3IU586es93sJRrnvs2qbNiwMOdffuYiPT3jg4aX0Ns08nhLirPyH04vKIeCeZS-ocQSgBJwxOCcyoxCoiB56RuCkSpFkwsGttG91HR7ojXGKu6p3kfgPIOMCEs1vDAmhmWfAjCYMqtXR90ef6FTumwYg5f7WEwDe6fwKchtI9_0yUOQt2SoxbRxZmbS-0i4lZgL0p82DrD0ES9WsqGV0pih-6LBMZAU085fRUHG4z_G16h21s4ac9aV_R6-6l5f3mrxLSuodbj5zxQ7q5qCy_OkXcb7mKtXyFZVc7x6X74QeoxNbNHcWwHhaoz0JcvY28ZOhaYd6DStRAdla2TWW0mQsFYnjt26hGX_TkrzHBlBaqEVdwRp4R2vu2sz4inHVoq2b_o8SmnUClcPvb1QyZzY2HgyUj9iOE5lFFnynY5lw8eyi96bEjmGbU6TE8DbFbslfwYxcvSa783xeQsJroSjHS9pDrfNh7CuQ_eZtkOoh1jMOUUqkfdTpvOxqhgOPu2k0TuCVkhF3M17aNtPIhTKvnwghOJjixuiZNhypBqJmdCrORrVKs7OeoSlxdMSAK0HxQKg6WUFZ14L_Z_Q-DFJealtfVo4qSne0bI5l3duvh2CM0lkIAqfSEefRKI6YqtXYmrYl4E_7A3lqGQknxPnnjmTt2zWaRidpBUJvjd7bq-XYZiZaIuWqvaZL4yhm9cUm0vmy9nvD-k5Uy4B1IbmWqEqnT_yPoUR0gIwkiCZQZFMJPfKF0wMMC0naePwqqq0gdZks0&sai=AMfl-YT2UlCMVCJ5xQeL8D87xHxLJiTVIRKH47XbVDfeD3RsaqRFAFTw-OB6BTP41IR-Kx9hZqJMy4HgVwrj9psgPGdcsTtmToc8ECJmuWBLNRGnDa5Vyr-d9kzw8hAXYKj9DMiynOt21xQpXnckG8txxDZHVNrlr0vAJ3xF20Wm4WtmwzuIkFkIyiTjQZpiU1CixVTIk2ARHO8U0IJdJ_20vlTuVEhIzf_zKU3pGH2ytIRWBjjxhjjtXnP1Xu6aRPMbGWIF8syKvLbOg_ifS1kxJA5yMx333H4Of8mF0g&sig=Cg0ArKJSzHu_0N55dxIZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=230&vt=11&dtpt=177&dett=3&cstd=52&cisv=r20231204.97477&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4BA9 43 B
215 B 522ms
178ms Image
image/gif 2600:1f13:800:7781:74ad:d26b:3a38:f963
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=f90f3e97-d2c6-0431-a5e6-891459bef969&tv=%7Bc:w0Yq1Y,pingTime:-2,time:43,type:a,im:%7Bsf:0,pci:%7Btdr:33%7D,pom:1,prf:%7BbeA:431,beZ:432,mfA:435,cmA:436,inA:436,inZ:438,prA:439,prZ:441,si:444,poA:445,poZ:460,cmZ:460,mfZ:460,loA:470,loZ:472,ltA:475,ltZ:475%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXEzMub+11%7C12%7C13%7C14%7C151*.1627455-73523875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:13,sinceFw:29,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:74ad:d26b:3a38:f963 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 1C9E 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 09:29:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 1C9E 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1C9E 0
0 22ms
21ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6BjNpHiwQ_VrkRU8lhlLDxPlO_6jC7_WSVdFtewc-_XW5wDlw1nC_ctgh4pbSDI3zC-SBvia2telAaLpQz6MreShQvg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C9E 202 KB
64 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:24:10 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2249 136 KB
46 KB 109ms
77ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXBLyQAOL9AGdhQjAAK2j0LKgdoJifRsk_0xgg&u=%7CxlsBPFcKyB6GJmupHSqK1VWWCo7vZi4DBfdjbLdqqIQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62r3jSRVOZjJaaQQfUWgbhidXWPfZLYllRf53OzsuKUUfPHChFcqkeuBBKg5rpWkYnIOL4plM0AZBbFIKSDFphEaGIIy1EFveRJTfCEw1LHunrhZufkN16nDcS5ooPJiNfOTq5BpVdZm0erixqLZ4BflbiVG_CeLWNWjmGtqaTZVIvGxfU2hlXZ_yj_OBLwhdMuo9ACFic29QZIBV2UMITWt8ZAOAy9NK9w29Q4vcJoLe-IXB5LQH4K1-BwQ9TFS0FSCt7EE5dS33ERFJrrqraxfaJRnVJbEwjABCL9sBXvzN4mWrFjc15W7Vs0cAs5HGIjES8jop1weDdiIbKYv0IixiFNJ3NUug3odmUPsBcEhoXK10O_hOYNiaHg86_pxvbuxNECIJqccyvtD8Owh-lxHN3T7CjoZWLbhlmqj6TSc_rFPfoamiCPBQ7rY9OwayTANexCR0lR-r8612JJIjiqGFSN2M7eVt7zuyGojV5trGgw4uqeHrG-4KhX8dhabdI3gIO673FgDeFrtDAEM22-f5sJ0qqIWww90k0oe61FewJ2xU_hw3KHUdUXrwckJzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbHnMyUtwZdDfOKOo2OMPj-2KCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyMTY4NDI0NDkxMjczNjXIAQmpAnu7jSsxHbI-qAMByAMCqgTlAU_Qur7QuJ_K04pqAy7Z0GRRigg1fmRkk_l7RQXydltpBy_5qO2D5NJ9FpKuqlJQzx0p6UBZwewsGuonFu3Bcfj_c037RJ3a8hBDiOO9K5abQMI6UyUmbQ3sqZQ661pXokbDmuQPc34HgCRbfp9SZsYPV25500azDTKPbkpn9ZM8ANncVXCs8ONcxyqXM60cst2wpNUVgyCjOCgbOzAS1ms538ftMzt67CfURAJd10MiBguPWohVumnccoMSXToLz6-Oi3yPv31MHUwXGWyjxVqiY4FYaCKF212zy7UCwTpTNzMFCFSABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIusODzPqCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ATcPZpcQhy1Hcw119DN2eEDwzIA%26client%3Dca-pub-1216842449127365%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2298ae8bb0a9fc2963da0ce71624d7f36ee1a8cfdec547593d48437d26fca0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=b3T3xsxFJhXfPXNuCizMEhAFeQQoaIbYduV800TG3EBCAlBuDnrKptA6Jf7UNJZDJhBaChWa4zPaYrb6Tif07vA33ed4ZVUBUr5vqQhT9FnL3UXE2KwqdzSAcd9y8AAjtdApR5emm0Z6OxWNAmHIBo-BzB0hVvAmyJL9tZDFpYpcsvQaWdkQkIPOLR4Yq-k9VbB8WRygJgvkUxn4qtc51oK4rtKrB0qEkI4ow8c0sMawX7QorkRynMjfi3fNpALQPM5hKA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58674809
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3906 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 29D2 624 B
242 B 49ms
49ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNWeNo64QDiKeDlptIAD3rwsbNwxKqGsezqNAxHLvHBVLlFNOWlRPxjG7QUXZZGgo2yBUMFLOLKQibm2d8_jaKD6Rz0lkCvrYkYisQPB50GdugjajRia6472uMYrydbqMGzraFSQkb4SYBOWRdaHRrnve5pjAyK3gwfiZfGitl9nng2YaiU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 495B 172 KB
60 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 11:48:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame 495B 7 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 17:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:56:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 495B 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:45:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:45:17 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 495B 41 KB
14 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 495B 3 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 09:29:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 464E 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 495B 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 495B 0
0 23ms
22ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoqkSQReKOcMLkOlobsgoL7Drsjv1_ehEnnDZxtIVl-jCOvOj4vqreONX5nGME93IuYbTFB6xvoTLRrLlQQxqlPJu7kA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 495B 202 KB
64 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:24:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 495B 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dq4a5wTT10bbZbDFSAddoMrjcQ9xK9sz1zaYxkHKGhU0BEmJ0E57wFECuCNhUpsRnrGg92_WaGUL0y1YYwHDbenLK1-DIsEq8QciDGRJthPuUJKj8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1C9E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4f446181457bb27f139c1cc45a0a2cfb9d01d5692eabda4d9c64987c2261e61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3906
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGszQjdiamQxUmFQNEM1&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&google_cver=1&google_push=AXcoOmQBcfyu3CF4_dyjKfwp_1thgVrFiEkSRePs2AZLdJ_...

170 B
188 B

19ms
19ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGszQjdiamQxUmFQNEM1&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&google_cver=1&google_push=AXcoOmQBcfyu3CF4_dyjKfwp_1thgVrFiEkSRePs2AZLdJ_cTQ5cho6WBH__4tYFSUPmAUiJ46ixo_ov_0dnS2ciYaERGmFT_iflAd0

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Dec 2023 10:24:10 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGszQjdiamQxUmFQNEM1&google_gid=CAESEMETdcbNC5hhoc9azIMkJzo&google_cver=1&google_push=AXcoOmQBcfyu3CF4_dyjKfwp_1thgVrFiEkSRePs2AZLdJ_cTQ5cho6WBH__4tYFSUPmAUiJ46ixo_ov_0dnS2ciYaERGmFT_iflAd0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3906
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGvNTPvsh_BrvqPazSIk4A8&google_push=AXcoOmQBlE-RNcn8WhcY7v8ZxKQLo5DeEpiGlbo-GIxLinAuqNOH0Fvh0e...

170 B
188 B

17ms
16ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGvNTPvsh_BrvqPazSIk4A8&google_push=AXcoOmQBlE-RNcn8WhcY7v8ZxKQLo5DeEpiGlbo-GIxLinAuqNOH0Fvh0e-yWhpY1SsRDN1iAZUI7S_4APcg7nnEUw9g7wQpsAZcbbw

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230057-FRA
pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701858250.489162,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGvNTPvsh_BrvqPazSIk4A8&google_push=AXcoOmQBlE-RNcn8WhcY7v8ZxKQLo5DeEpiGlbo-GIxLinAuqNOH0Fvh0e-yWhpY1SsRDN1iAZUI7S_4APcg7nnEUw9g7wQpsAZcbbw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3906
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENqpTzN_cMUd1-2QXz_v_pw&google_cver=1&google_push=AXcoOmT7kpo6NdYzs6PX8PK2P8ud-tfBXPeYtrIRyGokvhKSe3vLNJXU46Z9ypsW2Iku7bEF7fL0QXtpM2NuHa3OyV-qmtYdS8zGKmA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E3EE07D6B74E12A5CC6FC88122EEBD&google_push=AXcoOmT7kpo6NdYzs6PX8PK2P8ud-tfBXPeYtrIRyGokvhKSe3vLNJXU46Z9ypsW2Iku7bEF7fL0QXtpM2NuHa3...

170 B
188 B

21ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E3EE07D6B74E12A5CC6FC88122EEBD&google_push=AXcoOmT7kpo6NdYzs6PX8PK2P8ud-tfBXPeYtrIRyGokvhKSe3vLNJXU46Z9ypsW2Iku7bEF7fL0QXtpM2NuHa3OyV-qmtYdS8zGKmA

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:24:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=82E3EE07D6B74E12A5CC6FC88122EEBD&google_push=AXcoOmT7kpo6NdYzs6PX8PK2P8ud-tfBXPeYtrIRyGokvhKSe3vLNJXU46Z9ypsW2Iku7bEF7fL0QXtpM2NuHa3OyV-qmtYdS8zGKmA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 05 Dec 2023 10:24:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3906 70 B
149 B 101ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECyF1ALsf0Im93bntJVmLos&google_cver=1&google_push=AXcoOmSDET1fjmgWu3sP2lqfBEzhjFNoUSSeMZ9bJ7hjNSI-93k-M5nT--Uc2VHyux8LvF_hdY3y7hriattzJZaF3C_E0WarSBO5wuY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3906
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN48CPIFtyibw29y7puH9Zg&google_cver=1&google_push=AXcoOmQlQrfDhzZz7QHdqzfKR13u87avSqh-SHkSKFdWsv6q0uDyYeJpGMGTgzuUEtcHP4oge8jxEdnaih7vJVm5...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4RhCiC7jTskRl3HhH_V-yw&google_push=AXcoOmQlQrfDhzZz7QHdqzfKR13u87avSqh-SHkSKFdWsv6q0uDyYeJpGMGTgzuUEtcHP4oge8jxEdnaih7vJVm5jJIb422fxJlgH8w

170 B
188 B

19ms
19ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4RhCiC7jTskRl3HhH_V-yw&google_push=AXcoOmQlQrfDhzZz7QHdqzfKR13u87avSqh-SHkSKFdWsv6q0uDyYeJpGMGTgzuUEtcHP4oge8jxEdnaih7vJVm5jJIb422fxJlgH8w

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:24:10 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4RhCiC7jTskRl3HhH_V-yw&google_push=AXcoOmQlQrfDhzZz7QHdqzfKR13u87avSqh-SHkSKFdWsv6q0uDyYeJpGMGTgzuUEtcHP4oge8jxEdnaih7vJVm5jJIb422fxJlgH8w
x-host: tde-deliveryengine-production-5989b845bf-lxvlv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 3906 43 B
146 B 45ms
7ms Image
image/gif 3.69.41.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGwDhMDQ0KuN0BVDFvDL8sc&google_cver=1&google_push=AXcoOmS9RLWrm5MZWdtdmGIeVLIxKoqDVkasm8Hx6C1xU0BASWqkSxESeFW0zgbGi_S_Wh7xdLFQseM1qStfuUCC4yt0WE8jL4Upxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3906
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENTrfukT0S2hmfbauaHmTwE&google_cver=1&google_push=AXcoOmTLn1hplELGkn32IOVEdGk-v7ApFsEEHJPXna-xpwXHjTExdVwCTuRyZBalQOFN3TOl22HHdTHE_Myd7Eht7lJQ1N2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLn1hplELGkn32IOVEdGk-v7ApFsEEHJPXna-xpwXHjTExdVwCTuRyZBalQOFN3TOl22HHdTHE_Myd7Eht7lJQ1N2807X0VQ&google_hm=eS1PZ0hlWE5GRTJwR3ZL...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLn1hplELGkn32IOVEdGk-v7ApFsEEHJPXna-xpwXHjTExdVwCTuRyZBalQOFN3TOl22HHdTHE_Myd7Eht7lJQ1N2807X0VQ&google_hm=eS1PZ0hlWE5GRTJwR3ZLZk1pQ3cuSWoxejJLSXZFVlRVQ35B

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:24:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTLn1hplELGkn32IOVEdGk-v7ApFsEEHJPXna-xpwXHjTExdVwCTuRyZBalQOFN3TOl22HHdTHE_Myd7Eht7lJQ1N2807X0VQ&google_hm=eS1PZ0hlWE5GRTJwR3ZLZk1pQ3cuSWoxejJLSXZFVlRVQ35B
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3906 0
12 B 24ms
23ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2YrQ_9wp_IFg4xJVIHZF7tfpEojFsZnXfXuE_QoJ82MrvVQkLDyluTdYYIlnzAPkNFSYy

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 495B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1393a21b42584d1b39a1730ce4270175fe99a7a0fdafa22fdc4e9d044c21ce3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 464E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WHZQek9IN1kxUmFQNEM1&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&google_cver=1&google_push=AXcoOmTyyJP42EJw9ELu9NftMmjCLMqQhoncWqVQX1DJNXI...

170 B
188 B

19ms
19ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WHZQek9IN1kxUmFQNEM1&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&google_cver=1&google_push=AXcoOmTyyJP42EJw9ELu9NftMmjCLMqQhoncWqVQX1DJNXI8V7qC5vkZ6stE9JQKLP7mrkS6WZWoYR1kNunb4c7GcU73Z-sVuQmD8trzYlfWKacxgmLjtn2IRyO3MPzYGfKw0dQp6DOl8lvzqj1EIiYo7AddJ-Q

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Dec 2023 10:24:10 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WHZQek9IN1kxUmFQNEM1&google_gid=CAESEC9mim1BIiKlEKKMmi3MlKc&google_cver=1&google_push=AXcoOmTyyJP42EJw9ELu9NftMmjCLMqQhoncWqVQX1DJNXI8V7qC5vkZ6stE9JQKLP7mrkS6WZWoYR1kNunb4c7GcU73Z-sVuQmD8trzYlfWKacxgmLjtn2IRyO3MPzYGfKw0dQp6DOl8lvzqj1EIiYo7AddJ-Q
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 464E 42 B
204 B 51ms
17ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESECxYZU_bkX8izsNGW7wZOmk&google_push=AXcoOmT0d0KZc7--L8CqpuXZ68YIexhidSC4ZtG_0g0jRBsWX2XejOOuqai4ZK539AtuVYCQuQDSbrewZDkpZyVxXZ3WhQgNqonJY_B8xMupwM6N8geaVQrELX44CPBa26I-p0wXwDvZpYU4f4_9QgSV75XRzOU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 464E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGv2eMw7FOEVWlFlCGCVcDs&google_cver=1&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOGr4R3w...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGv2eMw7FOEVWlFlCGCVcDs&google_cver=1&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOG...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYxNzUzOTQ1MzQ5Mjc0Njc0OQ&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOGr4R...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYxNzUzOTQ1MzQ5Mjc0Njc0OQ&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOGr4R3w7QthHuQAB6dhIVm6V40ct-Yqz0Bw61aEdfIjc5Zzq4H7YLSnt2f_0W9oJWK-4Zrhb6DUaFLCKvYdRA

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDYxNzUzOTQ1MzQ5Mjc0Njc0OQ&google_push=AXcoOmSqgS2wue_c7Fq3Y9TpFdz9ip4eYQAbeEG9cpAaPVY4-ic6m2lyEd270KNtkmfGm5A2WOGr4R3w7QthHuQAB6dhIVm6V40ct-Yqz0Bw61aEdfIjc5Zzq4H7YLSnt2f_0W9oJWK-4Zrhb6DUaFLCKvYdRA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 464E 43 B
297 B 259ms
23ms Image
image/gif 2a05:d01c:1d8:8100:9449:420b:1a77:b906
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOWoIafzZGOilQvQd7A9_BI&google_cver=1&google_push=AXcoOmS4aX1p4J0moA6k8f6_Cp9YQBnar9RnB4HAaS8_7jgtkgNfbUxc-ra2voQ3yRT0JS_OefWtGOnmDawOXbjRlVY_yXyGFA6q09uEi2X5EHGPSysmD4qeaQBJalk8QOQMG2uC236CmK-_8dEzNaS2xX4ybVQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:9449:420b:1a77:b906 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 464E 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 464E
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEPpSQFpVUCBZI9M8nbMvFFs&google_cver=1&google_push=AXcoOmRRyEBo2uJODNUKSxTycEsKmlg5HJeSnbqWX1oGqPOZrxbAe_Mf6-3_vm6H4C...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRRyEBo2uJODNUKSxTycEsKmlg5HJeSnbqWX1oGqPOZrxbAe_Mf6-3_vm6H4Cns_eR9eEGNDhGIfeHiSSUuih2A_pLAXC2e2572GEepfFUe7L...

170 B
188 B

20ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRRyEBo2uJODNUKSxTycEsKmlg5HJeSnbqWX1oGqPOZrxbAe_Mf6-3_vm6H4Cns_eR9eEGNDhGIfeHiSSUuih2A_pLAXC2e2572GEepfFUe7LKzB25GjWxRGfUTYmD8JQdDCP5VBu6b90k8Y1a85Rmh6Q_f&google_hm=jppyeGfNR4OMujagPk_bk0o

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRRyEBo2uJODNUKSxTycEsKmlg5HJeSnbqWX1oGqPOZrxbAe_Mf6-3_vm6H4Cns_eR9eEGNDhGIfeHiSSUuih2A_pLAXC2e2572GEepfFUe7LKzB25GjWxRGfUTYmD8JQdDCP5VBu6b90k8Y1a85Rmh6Q_f&google_hm=jppyeGfNR4OMujagPk_bk0o
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 464E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFi0oH7gI6eF...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQrybhxyHYWoSTJq3mU4PbFTteIiys1rmPsdFJ5psNPZe-73OlIVcO22zFyWYR12lpKXcsJXxaq0nJ-ShkkHLftayWC78aH7Xa6qrTQahh_f_iqK...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

53ms
53ms

Image
image/gif

2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=574172758&adf=3417930811&pi=t.aa~a.1142920907~rp.1&w=481&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=481x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=1444&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=9
Protocol: H2
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 06 Dec 2023 10:24:10 GMT
pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 464E 0
12 B 18ms
18ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5VlUsQZYe-wSUfpXlrriPxfSNdlq2f3NmGzeoVoltNKT5I7YwhSvWIL9TvhG7JcHlvcpbM6kt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7A28 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 90765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B55F 134 KB
34 KB 20ms
19ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28d76b4a4ec9614dc564bef56c3ec33515fa57b82066b06b9a06bd248a9ddb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:24:10 GMT
expires: Thu, 05 Dec 2024 10:24:10 GMT
last-modified: Tue, 07 Feb 2023 13:03:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 495B 0
0 77ms
51ms Fetch
image/gif 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssfmNznZYRXLwB-NIda2-EIOcD9yn9ci5B2LA49ZujdagopQo_tokKY0FxTcgJ8nryhVtm2oKyOSwCFuLHmHPrKLRdKm8t4x2qVUYv5OMlmPJHAXQpzdHAHVbSg9o_ANGysI3FdhnFZqE_JPnKdupXRtaJhMA1RN9dr6K1iiqoKorwbBcyMpIPO6RuLpX0bY3EyiPMcI2EawVFGCCjw2GtEzP-GB940oin53eJo_0KIOfnaFWw-NMVmhA1cn-s0X0SPI8Kh4H774sY4FplzfxAff3545RRC2Jphz76d88oHXAKAAiEquUuprS-qc8jG8MvXZAj-Wj9MXwjN7rvbIPyFlSZy4zUNEbvB8UjAPWZtTcMukSQPD9qbh8sZ2_XbPfZ8hC3In5y3z1sDkUJgc8kb33YR-tvlhIvGJuJYSO5jBD8m3lwJ1EFDdpn_18mD6axIqlu6ukUipUj_E2EBki1Ukf-ZX_pNJmV4XNZW3VxK3AMJ5WK7bHKeCRRt1Np8K5bYFE0rzXbd-AyLTGeoJNnn6nWOFD-6ol1uu-WGeNnEDvg2D5Iv7HLM-zO8N332jVIYj1Qtdd3TH3bXQjcwFPRHxW5AT_6QhwwwKGWHw5dPaHN1NPu6e6JuNzIImJ9deMXGtc9u5InzZB499EBb0DJBwXtCn1PojM83MTE6GxpvD5dPYPGkxQTyU89v5ZQUk1rk-gGh4Tdh6k5rjw8lC4-CFvO4m5rJkVgpg_ToiDEpOTm6OqkYO-E1mpYXDZQzGEq4yqopMfNWtVc9D0W5EEWmcP699BR4_AmzevBTe-ATo0LUmx91UAFlD1cIUz91neu-ynF5OmB0U6fhbYdw1gtGdLz4uAKQBecgD_23zb7ltA8xJBn900i8pkftK3pBSWbJBt4BVVDnUZ4ayn0B56X3T5i5wIY8JVyS6Yr_6jHEbDBLIRkGydlD_eSY3RloYF_LFj3ek8jl8HyrvC4FZ3BGMXYiZtadYXRljcgbud5suXd0gVjsePc0SY_d6h_P5o4v2v8ozjZmGDCk_OzHpZS7plbnY_sk3SU3k9UF3Zr8RvIvgmRPjUKXFTfsWSGLx9FZGOjenXRal5g1mktaegxra3Ec9sDlt8w314LXaesjUx1W68c2t9aKbeCe0JRPvlIPUed5Ra73NCDu7KwI0bnSUja6i6BFYe05GXvUBd4cpHv73aCaLgGLKDNB2DZRtGA5OO1UP6unJViduNcpSO9OMbnBaHtDVwOvSe0EoEku_L-i6sKHhQy1EJbMsTpPIcbtpz2LHqhspKxGTUmu6ur2LCM2wn61m-N3YoapHNz6D4LFQkMQTjSEf4Z9DBK5TFhS9eOD7TTjJSXaRVI9SOpOihewy3B5StQ2rtc_X-6ccPhk6PtYc5r2QyVn5sVVy8WT&sai=AMfl-YRgs-RavmigJ_0i3FBRGiZ-ts7TG7rAFyz-IFBSl2ey2REm1TFB6_8UaSPmQQq1HCoYiMsiMaImZYOOHlbZRusJ-k_AFI1MaEISRDR9g0KRFKR2u1Tvq2nXLTxxormkPW1TYJ8Qig3KQAqq6kzx0Dlebv0aDMtF6f1bPMiiHeZcy1HEelVmDuPHFMBhun9_K8KpurIReIgtsW_R18-TXzK7XY_K6GaOIBX3w4lUsG5qxYy0cwsBBTMeI2-m_9UyovcrTIfGsrXq5HASQZJ7xdsamYuhUPNB-xC94VjsoMIFk3RDNu0AtgFrkiSZvBo2Ubq6Pl03aD_F5TROk4F9afUCT3UXOcBdcdAgVdR6jJolGRNJGPuKHfxxn0lH-tZvV3wJU99kh4la1G9Oa9BMuOk0IpOYZOiSWMafEdQt&sig=Cg0ArKJSzC6zag5nSJZHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=45&cbvp=1&cstd=36&cisv=r20231204.12608&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 29D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1

43 B
731 B

29ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNWeNo64QDiKeDlptIAD3rwsbNwxKqGsezqNAxHLvHBVLlFNOWlRPxjG7QUXZZGgo2yBUMFLOLKQibm2d8_jaKD6Rz0lkCvrYkYisQPB50GdugjajRia6472uMYrydbqMGzraFSQkb4SYBOWRdaHRrnve5pjAyK3gwfiZfGitl9nng2YaiU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwqreYEBpr1PCISig5gpH%2BvVolOTirPvzkh7x17tLYAaXtMbRBgj9WNEc1hLm018Ka1XNctmY7fF8s29prn3sB%2BzvjrUR%2FpovS3gg19t7QytQ2EQxHXdaUFihUgPg7U6drqNMrLC%2F92LuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8313d151bada35e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 29D2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXBLySu2RCG1xsQcWAp6oAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1

43 B
733 B

21ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNWeNo64QDiKeDlptIAD3rwsbNwxKqGsezqNAxHLvHBVLlFNOWlRPxjG7QUXZZGgo2yBUMFLOLKQibm2d8_jaKD6Rz0lkCvrYkYisQPB50GdugjajRia6472uMYrydbqMGzraFSQkb4SYBOWRdaHRrnve5pjAyK3gwfiZfGitl9nng2YaiU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN5Lb%2FyMh1e99jeqRdWdHtHjApAe91C4SKZcqJ%2FKNNGX0dxQwAtqLts0V5FRypUPqEljKwEOymbMs5Ka4DgxJp0jtBbUJueF77bI2X3VT81%2FqlDg6xYcQm7PYMSpHilJTR%2Fq9Eq7lF9lEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8313d151db0235e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFEaD2igq4djLLzn04dN0Oo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 29D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENz_vHjGVORJ99KBsNnE2lI&google_cver=1

43 B
847 B

13ms
13ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENz_vHjGVORJ99KBsNnE2lI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNWeNo64QDiKeDlptIAD3rwsbNwxKqGsezqNAxHLvHBVLlFNOWlRPxjG7QUXZZGgo2yBUMFLOLKQibm2d8_jaKD6Rz0lkCvrYkYisQPB50GdugjajRia6472uMYrydbqMGzraFSQkb4SYBOWRdaHRrnve5pjAyK3gwfiZfGitl9nng2YaiU

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
an-x-request-uuid: b0c4c3c6-2f31-4bd5-8aed-7b441eaf879f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.74; 45.141.152.74; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENz_vHjGVORJ99KBsNnE2lI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 29D2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D

170 B
188 B

22ms
21ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
an-x-request-uuid: b2fe87cf-a59f-4740-9b39-8a1aed65010d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzMjQ4MzU0NzQ0MzYwMzgzOA%3D%3D
x-proxy-origin: 45.141.152.74; 45.141.152.74; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B55F 118 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 04:12:33 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A28 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 09:29:39 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2249 2 KB
1 KB 39ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXBLyQAOL9AGdhQjAAK2j0LKgdoJifRsk_0xgg&u=%7CxlsBPFcKyB6GJmupHSqK1VWWCo7vZi4DBfdjbLdqqIQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi62r3jSRVOZjJaaQQfUWgbhidXWPfZLYllRf53OzsuKUUfPHChFcqkeuBBKg5rpWkYnIOL4plM0AZBbFIKSDFphEaGIIy1EFveRJTfCEw1LHunrhZufkN16nDcS5ooPJiNfOTq5BpVdZm0erixqLZ4BflbiVG_CeLWNWjmGtqaTZVIvGxfU2hlXZ_yj_OBLwhdMuo9ACFic29QZIBV2UMITWt8ZAOAy9NK9w29Q4vcJoLe-IXB5LQH4K1-BwQ9TFS0FSCt7EE5dS33ERFJrrqraxfaJRnVJbEwjABCL9sBXvzN4mWrFjc15W7Vs0cAs5HGIjES8jop1weDdiIbKYv0IixiFNJ3NUug3odmUPsBcEhoXK10O_hOYNiaHg86_pxvbuxNECIJqccyvtD8Owh-lxHN3T7CjoZWLbhlmqj6TSc_rFPfoamiCPBQ7rY9OwayTANexCR0lR-r8612JJIjiqGFSN2M7eVt7zuyGojV5trGgw4uqeHrG-4KhX8dhabdI3gIO673FgDeFrtDAEM22-f5sJ0qqIWww90k0oe61FewJ2xU_hw3KHUdUXrwckJzw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbHnMyUtwZdDfOKOo2OMPj-2KCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyMTY4NDI0NDkxMjczNjXIAQmpAnu7jSsxHbI-qAMByAMCqgTlAU_Qur7QuJ_K04pqAy7Z0GRRigg1fmRkk_l7RQXydltpBy_5qO2D5NJ9FpKuqlJQzx0p6UBZwewsGuonFu3Bcfj_c037RJ3a8hBDiOO9K5abQMI6UyUmbQ3sqZQ661pXokbDmuQPc34HgCRbfp9SZsYPV25500azDTKPbkpn9ZM8ANncVXCs8ONcxyqXM60cst2wpNUVgyCjOCgbOzAS1ms538ftMzt67CfURAJd10MiBguPWohVumnccoMSXToLz6-Oi3yPv31MHUwXGWyjxVqiY4FYaCKF212zy7UCwTpTNzMFCFSABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIusODzPqCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ATcPZpcQhy1Hcw119DN2eEDwzIA%26client%3Dca-pub-1216842449127365%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:24:10 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2249 2 KB
1 KB 40ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:24:10 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2249 308 B
636 B 35ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 30 Nov 2024 10:24:10 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2249 293 B
621 B 33ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 30 Nov 2024 10:24:10 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2249 43 B
348 B 52ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=dvoXWt6CE6D-1zVCyUDLT1rTLHQO6QmzQ3cWrZHdbPef1WIeM9pABuI2_hKj4hgY2h4JpbzxTi4gN0Po_j9uXZZkxjo4F8Anff9fUM1UtD2CnXkuVstWROnC0r3u5eExbyEsebdUSbrxwqv_v0nVDX41L1burjBqJhKhDiwv602QbfGFQe2fKcRQQU0dC5kKRLIM2BMAQMXyh22qrLhYwDsbtT6JJXr2BH6KQQDMc29h8X3dBn3DpNtx-QpdmE3_4DNZK6Z_SSQJg2CV9mYvQDaskh_RKJM-5I0Bj9EX_VqdHNWHjuNcUG3P4qSg-sMEjmHYtIN_ZM2uoK90B1v3X9O7R2xRxIyoxMz6lOISEeILCcPAd6O3QNl-c_68SaAJK2M_QdXireSe1ojVw1riQW_hZkMv7_gouNC_Zo_4ZEndOVlgGUMyrMUfQEMIFFjOoAGSkg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1558189
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2249 12 KB
6 KB 31ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:24:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231204&jk=2213315020667298&bg=!qqmlqebNAAY3kmNgF5I7ADQBe5WfOIfPKu7o8KRBZp0056YzGP5DfrXGMQKNOPGQy119_wOSrsdAdWqeHW66aEoxWcU5AgAAADVSAAAAAWgBBwoAY6Z2IW_SuWIaV7FGgR7053uKyzvV9wg_Wt0ghnKQVG_OZ9mR60WCARbjFek3yxRxglvOvka0x7S42QHpnjf8bidQZyRYe_RSDSMPwN-vjgx7Sah3T1kyAVJ3khMQ43dgDFsRoZkCooEnAasbq4n-KrQNxKGkXgbhJ7Fy-xLwOPE3uSeCOipl5BUxXO2z3Vj87rvrCraI6MDlbnBY0T8laZMugnPTunvZTy3kZIrIoGjYomiYyoJZ58kR0F5MH5wJ9hNAdq55FzX5AJOR8UEaFec5Ldm6GgoHaf7ahlBl6dHesPXRst2V1MmiiE6W8WOjKWKpEjsF0vUYWb5Hw-oTvicpYJ-Vav1czAE-_I504LNp5ttanfzzWRmDYfcTTyYqvkv-8EyR101OAXnHxVYjqvhAODcgWLV5u07pAfX6_0UQgX_H-FMcaauhLY3Yt2Z_W-WJ2nO-DDLMIYDoH9UHHBQqwxhKr-ARbDHC43m6gdUY1d2O9CoEq-7ZvQ3ZoWwxBraCAU86tRvpcdPT_Y3L2LLzk7onXllGqCwTSGSM2YcaS_2AeO_71Cx1x4jm7MdnltrLjYP9M6vvryB5sB26JqFNr3AIzO9ZMp3kL14z4hlP0VfbKjNGYRUxtW36dOjWFRbnvZR7vuUe9I_VcGRXStRBrCRwe3to_5H_O3tyDX-USyq7yXKcAV3XHq4EkWT38jVd9TZqxmqnnu-wniWKxYLAT34Fsfi0dpxfe9VHpCqs0fRu7v6gVQYu0v7GF2rUtmgx0tbZaIQY928GMddhcCf8LC1XpRjxtyFSyx4n5fZzbqK3PzN1c6C_XxnPyik8LShxkMsFNfs6N6hKWnj30GfQR1hkdpcveaPVG3slBxknKPHrIn1hieWMom4qDnVK0lFJjm9y0FuPCni9aIeRbf-tku6z8go25TkIDVVOpPb0LSZ6xSJlFhNMHglR25SD_MXVgw_MZx4n9_di6PnPZ_yDmAzvMEaNoqeirh3yAvNTpoJo-2EDJ9YKNuV6wfZyy-1Dy33-8pG9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B55F 23 KB
23 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1484961235833605488/GenesisSansHead-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:38:16 GMT
x-content-type-options: nosniff
age: 128754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23900
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:38:16 GMT

GET
H3 200 GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B55F 23 KB
23 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1484961235833605488/GenesisSansHead-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 10:03:37 GMT
x-content-type-options: nosniff
age: 519633
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23636
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 10:03:37 GMT

GET
H3 200 GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B55F 37 KB
37 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1484961235833605488/GenesisSansText-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:38:12 GMT
x-content-type-options: nosniff
age: 89158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38296
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 09:38:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2249 54 KB
54 KB 76ms
47ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 55005
expires: Sun, 03 Nov 2024 06:07:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2249 15 KB
16 KB 72ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F9747_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=dESFwfgFNt8i_fOOuP22fOhi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

09f7dc31b1a1d2f0dcf49f8e4b1779b5cfc564cfb2805d51ff1f2f2ed2a5b3d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15804
expires: Thu, 04 Jan 2024 00:00:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2249 24 KB
24 KB 64ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F9759_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=3_rRX1cv2EqG181tzIIwEs36&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

abc3e5b7c4f477ff2289ebccbba4d30443495451f9a51c7cb7bd5fca87fbfc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 24196
expires: Wed, 03 Jan 2024 12:06:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2249 15 KB
15 KB 71ms
42ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F14345_102.jpg%3F1660025517_2&v=3&w=400&rid=4&s=3-o09WX0lA8Ctj7mI9tOkEaM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

36c4f072d3c0284654277f864fb3c2d4ae52dcb98a5004ed49a502c58dd3c20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15454
expires: Wed, 03 Jan 2024 22:03:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2249 12 KB
12 KB 48ms
19ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F13430_102.jpg%3F1652958217_2&v=3&w=400&rid=4&s=cGo3sfQ2yd_MzDLy8b4piPL4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

109586e1723757908c2bcd8a0fb78d4dc4fe5fd5e04589b9fcca888d2a97b907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12578
expires: Wed, 03 Jan 2024 11:21:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 2249 8 KB
9 KB 59ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=N2-N3FEOfepReAgBnHPPF5ZX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 8586
expires: Wed, 03 Jan 2024 12:47:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2249 0
128 B 45ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=b3T3xsxFJhXfPXNuCizMEhAFeQQoaIbYduV800TG3EBCAlBuDnrKptA6Jf7UNJZDJhBaChWa4zPaYrb6Tif07vA33ed4ZVUBUr5vqQhT9FnL3UXE2KwqdzSAcd9y8AAjtdApR5emm0Z6OxWNAmHIBo-BzB0hVvAmyJL9tZDFpYpcsvQaWdkQkIPOLR4Yq-k9VbB8WRygJgvkUxn4qtc51oK4rtKrB0qEkI4ow8c0sMawX7QorkRynMjfi3fNpALQPM5hKA&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 06 Dec 2023 10:24:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2249 2 KB
1 KB 20ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:24:10 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2249 2 KB
1 KB 18ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:24:10 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 495B 0
0 43ms
43ms Fetch
image/gif 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssfmNznZYRXLwB-NIda2-EIOcD9yn9ci5B2LA49ZujdagopQo_tokKY0FxTcgJ8nryhVtm2oKyOSwCFuLHmHPrKLRdKm8t4x2qVUYv5OMlmPJHAXQpzdHAHVbSg9o_ANGysI3FdhnFZqE_JPnKdupXRtaJhMA1RN9dr6K1iiqoKorwbBcyMpIPO6RuLpX0bY3EyiPMcI2EawVFGCCjw2GtEzP-GB940oin53eJo_0KIOfnaFWw-NMVmhA1cn-s0X0SPI8Kh4H774sY4FplzfxAff3545RRC2Jphz76d88oHXAKAAiEquUuprS-qc8jG8MvXZAj-Wj9MXwjN7rvbIPyFlSZy4zUNEbvB8UjAPWZtTcMukSQPD9qbh8sZ2_XbPfZ8hC3In5y3z1sDkUJgc8kb33YR-tvlhIvGJuJYSO5jBD8m3lwJ1EFDdpn_18mD6axIqlu6ukUipUj_E2EBki1Ukf-ZX_pNJmV4XNZW3VxK3AMJ5WK7bHKeCRRt1Np8K5bYFE0rzXbd-AyLTGeoJNnn6nWOFD-6ol1uu-WGeNnEDvg2D5Iv7HLM-zO8N332jVIYj1Qtdd3TH3bXQjcwFPRHxW5AT_6QhwwwKGWHw5dPaHN1NPu6e6JuNzIImJ9deMXGtc9u5InzZB499EBb0DJBwXtCn1PojM83MTE6GxpvD5dPYPGkxQTyU89v5ZQUk1rk-gGh4Tdh6k5rjw8lC4-CFvO4m5rJkVgpg_ToiDEpOTm6OqkYO-E1mpYXDZQzGEq4yqopMfNWtVc9D0W5EEWmcP699BR4_AmzevBTe-ATo0LUmx91UAFlD1cIUz91neu-ynF5OmB0U6fhbYdw1gtGdLz4uAKQBecgD_23zb7ltA8xJBn900i8pkftK3pBSWbJBt4BVVDnUZ4ayn0B56X3T5i5wIY8JVyS6Yr_6jHEbDBLIRkGydlD_eSY3RloYF_LFj3ek8jl8HyrvC4FZ3BGMXYiZtadYXRljcgbud5suXd0gVjsePc0SY_d6h_P5o4v2v8ozjZmGDCk_OzHpZS7plbnY_sk3SU3k9UF3Zr8RvIvgmRPjUKXFTfsWSGLx9FZGOjenXRal5g1mktaegxra3Ec9sDlt8w314LXaesjUx1W68c2t9aKbeCe0JRPvlIPUed5Ra73NCDu7KwI0bnSUja6i6BFYe05GXvUBd4cpHv73aCaLgGLKDNB2DZRtGA5OO1UP6unJViduNcpSO9OMbnBaHtDVwOvSe0EoEku_L-i6sKHhQy1EJbMsTpPIcbtpz2LHqhspKxGTUmu6ur2LCM2wn61m-N3YoapHNz6D4LFQkMQTjSEf4Z9DBK5TFhS9eOD7TTjJSXaRVI9SOpOihewy3B5StQ2rtc_X-6ccPhk6PtYc5r2QyVn5sVVy8WT&sai=AMfl-YRgs-RavmigJ_0i3FBRGiZ-ts7TG7rAFyz-IFBSl2ey2REm1TFB6_8UaSPmQQq1HCoYiMsiMaImZYOOHlbZRusJ-k_AFI1MaEISRDR9g0KRFKR2u1Tvq2nXLTxxormkPW1TYJ8Qig3KQAqq6kzx0Dlebv0aDMtF6f1bPMiiHeZcy1HEelVmDuPHFMBhun9_K8KpurIReIgtsW_R18-TXzK7XY_K6GaOIBX3w4lUsG5qxYy0cwsBBTMeI2-m_9UyovcrTIfGsrXq5HASQZJ7xdsamYuhUPNB-xC94VjsoMIFk3RDNu0AtgFrkiSZvBo2Ubq6Pl03aD_F5TROk4F9afUCT3UXOcBdcdAgVdR6jJolGRNJGPuKHfxxn0lH-tZvV3wJU99kh4la1G9Oa9BMuOk0IpOYZOiSWMafEdQt&sig=Cg0ArKJSzC6zag5nSJZHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=175&vt=11&dtpt=130&dett=3&cstd=36&cisv=r20231204.12608&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B55F 8 KB
6 KB 51ms
51ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f83e5604b5aeb6e2250bad8e3ce90f823035cedb9253c334b087e907611ddae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5837
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B55F 8 KB
8 KB 9ms
9ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1484961235833605488/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:55:45 GMT
x-content-type-options: nosniff
age: 138505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8111
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 19:55:45 GMT

GET
H3 200 60015186_20230202011649420_award_logo_300x250_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame B55F 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011649420_award_logo_300x250_default.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5aedc8850b65270522a00e0f6a65196ec804be7ae19531af2b137cd0df7ac30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 22:38:17 GMT
x-content-type-options: nosniff
age: 42353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 22:38:17 GMT

GET
DATA 200
OK truncated
/ Frame B55F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 60015186_20230712053523014_300x250_GV70_image2.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame B55F 201 KB
201 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230712053523014_300x250_GV70_image2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ebb60e3f14eac084949fe2f142074bf95282b9655a01eef96d913416a618d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=pBWzC5rLhV&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:23:27 GMT
x-content-type-options: nosniff
age: 79243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205886
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 12:35:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 12:23:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C9E 0
19 B 51ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLiMJyUtwZdDfOKOo2OMPj-2KCMme0rFczYbj1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyMTY4NDI0NDkxMjczNjXIAQmpAnu7jSsxHbI-qAMByAMCqgTiAU_Qur7QuJ_K04pqAy7Z0GRRigg1fmRkk_l7RQXydltpBy_5qO2D5NJ9FpKuqlJQzx0p6UBZwewsGuonFu3Bcfj_c037RJ3a8hBDiOO9K5abQMI6UyUmbQ3sqZQ661pXokbDmuQPc34HgCRbfp9SZsYPV25500azDTKPbkpn9ZM8ANncVXCs8ONcxyqXM60cst2wpNUVgyCjOCgbOzAS1ms538ftMzt67CfURAJd10MiBguPWohVumnccoMSHzgqXS8dW0Epb1qWkWz-vWKEz-yoTZna3Oq4fa8M1ZkaWfDHF9qABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIusODzPqCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMjE2ODQyNDQ5MTI3MzY1GAA&sigh=KDEYfttuuvI&uach_m=%5BUACH%5D&cid=CAQSPADICaaNkqEw3euj-k-880zgq019dvq35utkVX2JedKNe-npsJDY2Xyn08l0YzSPNnsXYOYjwTL90u4FshgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1C9E 0
126 B 54ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGMz6RLAJmAKdg2ICAgAAAB4wQPk2nFbiwtF_kBDJS3BlP7lqdX1karNl5gAAEgAACgpBUVVCRHdFQkR3&wp=ZXBLyQAOL9AGdhQjAAK2j0LKgdoJifRsk_0xgg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 208498
server: Kestrel
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4BA9 43 B
215 B 231ms
179ms Image
image/gif 2600:1f13:800:7781:74ad:d26b:3a38:f963
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=f90f3e97-d2c6-0431-a5e6-891459bef969&tv=%7Bc:w0Yq6G,pingTime:-10,time:335,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701858250662%7C%7C598af990044706f50ec150920263450d%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C64dacc1a2bca30e5fc7d5ca49d10811c%7C%7C21dc467c849b792563ccefa3f6fe5900%7C%7C4f46a7d119806c2a7f51177a6fc6a43f%7C%7C07797b8ae3171c0b48f0fcd519a93517%7C%7Cce179cb53d1c03f8fe51679652436505%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:74ad:d26b:3a38:f963 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B55F 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 10:24:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A28 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9l38yUtwZavhNpvAn88P15C_0AYAAAAAOAHgBAI&bg=!4eKl4q3NAAY3kmNgF5I7ADQBe5WfOKgm55Vfk-VNn_MJZEt254MiEPiKr1CIaRxYWhNWGVIotmp_woSXxWVqIe6Bei2QAgAAADxSAAAAAWgBB5kDA6Tbi2hqGUuiZIrV8fLUp12FikjGGEPAB1WSzhaB9FvUawHp9yFMWiKSdSXpvPizibQTnd3Ca3iB_XcDcmcO6hwf9EOfs1RN9b6KdFxhzxMErEGaW21Pmh_2UuhC4Mdn1sF1C4bBDqH9aTiQsm0faUzbeSUWvhuTydp5qska3d7Yj3EIQtvPx1UgxsuNNdlmFsY6wO4L1ExtBhXTmGV5DpG6hDaMv7TRjVRxShFDhwB2O24j3CDMS65lH1B4uWM-NZGVwcd2E-i-eMuce6ke7tzPAm3W9RueNoKv-XXvqb3mAmoa50rLgyG2z8P_5ep3bCN9wyi18Z0Gqyo1Z0btxD4WTJkmVwoTHirZF0ShwceO7HAnr30AmQyIa2CeY629pDQ38amndm8zBEtTGMDwLjgDMs9gGSGWIJiKt0gznNsKrvw-Pb9MVcAYtytfruOU20qwCqr5bttl4wLioK_XV_G3nycANwfpWXvQQADZ-_XF2jSowsRC1Sdi8oAbPC59WosICiHRra0qTeA1cdgYAgxv6Tv4GurUIAH7wbHU1z9leH4U1VlWO3J231tjfxzxd2u6E22x_Ju8bu4qzFNCJjNXAlUvL8uz06WD0gp-mzbPVUIG3qSoVEvqp0zbFvpJcPXOF8o3Ga7e1TROOVANhcXAo8PJr5267a3p4k_o7-lNVjHySGZB6XvzlVyKqAn3sipOj2gHfi6M7v1T510f7rV-LUeJByCPK7YlbHNe1hbk8m3ZVK447S-ZygTe0p6HYL6-ycKBsHrZ5zS4FR4iOhPvol_rOXpDauh2X9qHyyZ2dYbW8YVvid2fpH-oYClB_DCtmAjWU8S_z_87MtGuMvT_RrJuKVDVXKFD5BZadqBmqjnpU7DKjwkcsmJ3-gEg1_JNLlyr-VEPx42XGfOTgCV6nMP7IuGbB7vRhiH5Gyqbizi57k0aU3VeJefULxFyykNLalSTBPXgNg1s_eJbxx15vqHwu4qRMZPm-JsOk-LY1w5NlYJi917q7D0TBnE6OaTCWQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C04 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 09:29:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BA9 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0WCppG08pcR5mAcsBZf6pBkzAH5I2Q3Kga_mLCs7-gm9UBi9nzErdoj6bElwYfT1UC5KI4A1F5D1e9QpTumw-vN-OpII-W0v0uGJU8l4p4XKcVCv4V2NmlMqooPuWQ8f2oN9JgLrLQ081&sai=AMfl-YT4CVm_SUHi9n_lO3IbAdO1zqpUD9OzlXcOVv7KMG9w_HSfaSikl5W_a37kG-M2pF4xMn6wY-x6heXnEZirzkFU8tpmcXc2_Sy75PnbS-BXFlS3kR3ucKmOEvAW-2sWdWb_yAjpHPqJycVaGu-ROomDHLFKfMHQXGk&sig=Cg0ArKJSzGHLZD7hGQBTEAE&cid=CAQSTgDICaaN8TlPV9R9gxbVFbcPPaa13s61vTY3QYFtAUjQrXbu8Rzg5gBzzqraIMmG6esE9Nqh8JQHbPjvjm4JdelKsAThS3Lyp-qCpgm_6RgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=317,816,1000,1041,1041&tos=317,499,184,41,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701858249896&rpt=264&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4BA9 43 B
215 B 175ms
175ms Image
image/gif 2600:1f13:800:7781:74ad:d26b:3a38:f963
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=f90f3e97-d2c6-0431-a5e6-891459bef969&tv=%7Bc:w0Yqi7,pingTime:1,time:1044,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:70,vs:pp,r:,t:44%7D,%7Bpiv:80,vs:i,t:155%7D,%7Bpiv:100,t:644%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:889,o:44,n:0,pp:111,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D,%7Bsl:pp,t:44,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:70,obst:0,th:0,reas:,bkn:%7Bpiv:%5B111~50%5D,as:%5B112~728.90%5D%7D%7D,%7Bsl:i,t:155,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B489~75,400~100%5D,as:%5B888~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:530,fm:tXEzMub+11%7C12%7C13%7C14%7C151*.1627455-73523875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:13,sis:105%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:74ad:d26b:3a38:f963 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:11 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BA9 0
22 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2761187955405&version=m202309260101&ct=76&x=1&cor=14129960269013608000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4BA9 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7781:74ad:d26b:3a38:f963
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=f90f3e97-d2c6-0431-a5e6-891459bef969&tv=%7Bc:w0YqrN,pingTime:1,time:1644,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:70,vs:pp,r:,t:44%7D,%7Bpiv:80,vs:i,t:155%7D,%7Bpiv:100,t:644%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1489,o:44,n:0,pp:111,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D,%7Bsl:pp,t:44,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:70,obst:0,th:0,reas:,bkn:%7Bpiv:%5B111~50%5D,as:%5B112~728.90%5D%7D%7D,%7Bsl:i,t:155,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B489~75,1000~100%5D,as:%5B1488~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tXEzMub+11%7C12%7C13%7C14%7C151*.1627455-73523875%7C1511%7C1512%7C1513%7C16%7C17,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:13,sis:105%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:74ad:d26b:3a38:f963 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:24:12 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEG14QUArgVB5GTZDEZJKhV0&google_cver=1&google_push=AXcoOmQrQCe3pbd7tdJ1AEAjVI5YXfbcfyBWi_uS6_twN9NKwfIDFXW0B8E3w3DSuUgOdqd17ni0ZO41LekaSyiTHvRs8Z_X9SZoxwZNdjkHtesvEVA6UgqF08KDAOXneagQ9MxeB5Jc9wfmMhRaVIi3M13-nOjr

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ye.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 066c226796d5814cfcf159bcea1992f6
ye.ua/	1969-12-31 23:59:59	Name: check_cookie Value: 01489dc6fed91a859d15deb3b0269633
.ye.ua/	1970-01-21 02:20:18	Name: _ga Value: GA1.2.1168823755.1701858249
.ye.ua/	1970-01-20 16:45:44	Name: _gid Value: GA1.2.227756442.1701858249
.ye.ua/	1970-01-20 16:44:18	Name: _gat_UA-23402213-1 Value: 1
.maxrilla.com/	1970-01-21 02:20:18	Name: uuid Value: 1701857845764254282
.ye.ua/	1970-01-20 16:45:01	Name: u_count Value: %5B0%2C0%5D
openx2.ye.ua/	1970-01-21 01:29:54	Name: OAID Value: 01000111010001000101000001010010
.adnxs.com/	1970-01-20 18:53:54	Name: uuid2 Value: 4832483547443603838
.casalemedia.com/	1970-01-21 01:29:54	Name: CMID Value: ZXBLySu2RCG1xsQcWAp6oAAA
.casalemedia.com/	1970-01-20 18:53:54	Name: CMPS Value: 2195
.casalemedia.com/	1970-01-20 18:53:54	Name: CMPRO Value: 2195
.doubleclick.net/	1970-01-20 21:03:30	Name: APC Value: AfxxVi4samJZM0P9WbULZvwj7MLV6HIhJazJC6Vb6DH8Chz4F9Y8bA
.ye.ua/	1970-01-21 02:05:54	Name: __gads Value: ID=68a5742015402b54:T=1701858249:RT=1701858249:S=ALNI_MYb35mMV0NyrZYOtXyPMPSONkvQPw
.ye.ua/	1970-01-21 02:05:54	Name: __gpi Value: UID=00000d0c65797745:T=1701858249:RT=1701858249:S=ALNI_Mb9OEYgKK2HtNkUEWxbGR5E7IRgrA
.doubleclick.net/	1970-01-21 02:05:54	Name: IDE Value: AHWqTUlRDCYGREMI-ZY21dmIgMZJjCUYQxwMshpNOr8XihTM5Eg-otLkQ5gSuuPTf_E
.ye.ua/	1970-01-21 02:20:18	Name: _ga_7MCF8X4X0H Value: GS1.1.1701858248.1.0.1701858250.58.0.0
.ctnsnet.com/	1970-01-21 01:29:54	Name: cid_8e9a727867cd47838cba36a03e4fdb93 Value: 1
.ctnsnet.com/	1970-01-21 01:29:54	Name: gid_CAESEPpSQFpVUCBZI9M8nbMvFFs Value: 1
.simpli.fi/	1970-01-21 01:31:20	Name: suid Value: 82E3EE07D6B74E12A5CC6FC88122EEBD
.travelaudience.com/	1970-01-21 02:15:59	Name: _tracker Value: %7B%22UUID%22%3A%22E1184288-2EE3-4EC9-1197-71E11FF57ECB%22%7D
.adnxs.com/	1970-01-20 18:53:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$KMJI@`!@wnfH8K6pQK`!5=E<L5?%Ld1df.Sg@A)9fRR$`lWwl^hifKf?wL3yO@-_RbpRzqF1`b^<$)n^28
.w55c.net/	1970-01-20 17:27:30	Name: matchgoogle Value: 5
.w55c.net/	1970-01-21 02:15:59	Name: wfivefivec Value: XvPzOH7Y1RaP4C5
.adform.net/	1970-01-20 17:28:56	Name: C Value: 1
.everesttech.net/	1970-01-21 01:29:54	Name: everest_g_v2 Value: g_surferid~ZXBLygAE6AK7oABH
.adform.net/	1970-01-20 18:10:42	Name: uid Value: 4617539453492746749
.yahoo.com/	1970-01-21 01:30:15	Name: A3 Value: d=AQABBMpLcGUCEAvd82N4aV7oZxzQPjZHJpYFEgEBAQGdcWV6ZQAAAAAA_eMAAA&S=AQAAAgbYGQ1913eVgkB8_HVkNss
.innovid.com/	1970-01-20 18:53:54	Name: uuid Value: 17614db5-55af-48e5-9493-865adcb81d98-20231206 05:24:10

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=280&adk=3809598800&adf=289630305&pi=t.aa~a.299122542~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1701858249&rafmt=1&to=qs&pwprc=2003152153&format=1200x280&url=https%3A%2F%2Fye.ua%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701858249799&bpp=1&bdt=1232&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C481x280&nras=3&correlator=7291214964486&frm=20&pv=1&ga_vid=1168823755.1701858249&ga_sid=1701858249&ga_hid=863838190&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3528&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079826%2C31079864%2C31079922%2C44806140%2C44807763%2C44808148%2C44808285%2C44809071%2C95320230&oid=2&pvsid=2213315020667298&tmod=1116737852&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=12 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
ads.travelaudience.com
ag.innovid.com
c1.adform.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
imageproxy.eu.criteo.net
img.youtube.com
ius.ctnsnet.com
match.adsrvr.org
maxrilla.com
odr.mookie1.com
openx2.ye.ua
pagead2.googlesyndication.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
s0.2mdn.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
streetuptowind.com
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ye.ua
googlecm.hit.gemius.pl
15.197.193.217
151.101.194.49
172.217.18.2
172.64.151.101
178.250.1.6
185.89.210.20
193.200.64.24
193.200.65.68
2.19.104.4
2001:4860:4802:34::36
216.58.206.34
216.58.206.38
2600:1f13:800:7781:74ad:d26b:3a38:f963
2600:9000:223f:d400:8:48e:53c0:93a1
2606:4700:10::6816:3dfa
2606:4700:10::ac43:2bd5
2606:4700::6811:180e
2a00:1450:4001:801::2004
2a00:1450:4001:806::200e
2a00:1450:4001:808::2006
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a04:4e42:400::282
2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
2a05:d01c:1d8:8100:9449:420b:1a77:b906
3.69.41.2
34.160.236.64
34.247.14.54
35.186.193.173
35.190.0.66
35.204.158.49
37.157.5.84
52.29.13.21
019d45c006cc31018fef793d375ab33931033206c1d3e5e411ea8d783c1999bd
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
068917acc478a59da9adcced8e6cbd028e0b4dc63ea0fde3a33167faea6c931c
0854243cee262b5de8673e332e533bcf232cda58cc48405d79998d6888ada200
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09f7dc31b1a1d2f0dcf49f8e4b1779b5cfc564cfb2805d51ff1f2f2ed2a5b3d3
0af64ad95ac92253b8a6aa9f2b1262b5e273af3cba6f87f141d4d5c89c23a11f
0b6e442e0162e2c67d3cf272012edd38a95076ecb4b71f54c28a8810f4dbbb59
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e62797b3a27901154e260c5cd5544bef1d3a049431333b6944e694d6ea7a8eb
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
109586e1723757908c2bcd8a0fb78d4dc4fe5fd5e04589b9fcca888d2a97b907
1393a21b42584d1b39a1730ce4270175fe99a7a0fdafa22fdc4e9d044c21ce3c
1584f73335b49befc4498e16438efc4973f99b0090cc32931fb4c46d5e419e7f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1674e516c036a0ee105c3e7a2378332530206c330dbb5ccdd301f1cc4a1fc183
1ac0c44e962362e044f2df416f2553775b38b1b8064470f648825aa8d2a8996e
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
1ebb60e3f14eac084949fe2f142074bf95282b9655a01eef96d913416a618d39
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2298ae8bb0a9fc2963da0ce71624d7f36ee1a8cfdec547593d48437d26fca0a1
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28d76b4a4ec9614dc564bef56c3ec33515fa57b82066b06b9a06bd248a9ddb0d
2b7289e87efca5ffb67ebbed1e980d4a56b842fe0fe58140a34e31edc152d700
2dd2bc32e766754718771fbbd323bd27ae4e64f71b28d87a619368ebf52a3c75
2ddaf573663b8243cc0e85098b1723ace007f1c13d83f6a1a95c554e37162fe6
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
2f50f0a2d6671013dd590af18c00d26c6547ae6b1640375c2125c42e3386a4a2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
36c4f072d3c0284654277f864fb3c2d4ae52dcb98a5004ed49a502c58dd3c20e
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3f1e36884a78472a85677b14b1e42b1fe4e04be076dfd288a46a613454995d01
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
526dc6f5bdfb11d075dcdeddf0d4c1a875ce25e7864a4ee9573b39c2f04a2b68
533584c44b006ee4f9cc7acf92c55f345e822b5c73f19f45ce4e306ac6614093
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a29055bcc2279469ce07a5b0739407f884be8ea5d709892a66061d6ead1729b
5c7c176af91f6fc30c3e49051636d4b456531b4e75245a62d931c9a8bb77ea4b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
7b57c9c945be047bbac4054c9bb5b813c25cf319f2a0f297b57eef11aee194db
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
7ecb66f6a93940ba8cbb3264a7a795397bc954bbbe67f0565227121d1e86c72a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
890d81648be2bed4a1da49a1bab308041e26f3f6267f4dd41a76f3e2541e6fb4
8a63b4c28e91cbc0a9536a564018dfc5ea91b748188a1eccfa98b8537d0e9518
8adebfd685a1b2fe5148e65f71830e4e6a1d843b6c9f0d86b285d59cfb6d2080
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b49df55acb1072af429ec4f155107c35de1921d9053fabb2693b0e57749f224
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4f446181457bb27f139c1cc45a0a2cfb9d01d5692eabda4d9c64987c2261e61
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a93c2df80e7f526d57df3f84126131148285d98f09cbce1c302cbd248f9d5cf9
abc3e5b7c4f477ff2289ebccbba4d30443495451f9a51c7cb7bd5fca87fbfc4f
acb464609085552cc2e887342df8c030a2ce5c53253800bae364b7efbdb7e2f3
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b59270e2d2a3730d00b61b36541001751277b940d73846e9f44ee7f189c60b5f
b9c8bbc744ba1991b7a07e0d835a12af0af46d6a52c9c81ee88bf5d1e9f8893e
bb31c365d6de3fb11a3a61024ace5305db4e01e1efe0e93a2ca05d4c1c577b7e
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
bc3f72b5fd9d8db2907974cf2c815903dd438134ab524f6c9be1d3c8a8fa84f4
bd8fe10f28fa2e884b988f4ef91390487f598e21fb54eb9c1a11ed39d647288a
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf133eee860c02b0692d5332367178d4b79a7dc094ac40378169d0a97018195c
d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e18bd78013338f10fa6e96f28a13c8bb6a64cfeb099c3ca15b2e98613d407d45
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5aedc8850b65270522a00e0f6a65196ec804be7ae19531af2b137cd0df7ac30
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e69d35045681a2497b8aa40ea9e0eeaab3dc0295bb97bfd3ebf7fc1768291e21
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e94e274617dd12daa61f94f74bcd2a3ceb82ad275b53ef797946a3608b0e1222
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebb97b5e4484a9540ceecf811bfdead000ad86732e491b82b75889eeb1552b6a
ecf9ebe86e3cba43326de7a3c09449fa5474c96a0dccd71a100b774b110960f9
eeab609fee90fc342e5abbc68022a90e130e58d8ade76571effcb42a44d73e93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f3b5932558e6a765f1bfc3fb5ee364013cd03588adcf0f22293a77ddf2e90df0
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
f57b2dea18480654773265e9f5bfe4dabc2d81b7a4e01b7d57fc761ff0a0f96a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6ea2d344b056cccc8e5f1d80407e42fc9c55d9477400c3b2152e1908effbaf0
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f83e5604b5aeb6e2250bad8e3ce90f823035cedb9253c334b087e907611ddae5
f8a21d7aa6defd016972a2f9c344010930e36acccac9045f051b700b562abbb8
f9709ded853fd7afa138a6cc220636adde9877762728d0a2469d647b8ed8ee56
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
fd232a84d8fc00f5f1054256e510260118646a2809c6c68b63d6dad671c6df6a

ye.ua Open in urlscan Pro 2606:4700:10::ac43:2bd5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

90 %HTTPS

57 %IPv6

32 Domains

45 Subdomains

37 IPs

8 Countries

2912 kBTransfer

6045 kBSize

29 Cookies

16 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ye.ua Open in urlscan Pro
2606:4700:10::ac43:2bd5 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

90 %
HTTPS

57 %
IPv6

32
Domains

45
Subdomains

37
IPs

8
Countries

2912 kB
Transfer

6045 kB
Size

29
Cookies

197 HTTP transactions
5 data transactions