urlscan.io logo urlscan.io
SecurityTrails logo

hi.dn.ua Open in urlscan Pro
78.109.29.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hi.dn.ua/
Effective URL: https://hi.dn.ua/
Submission: On December 11 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 16 domains to perform 114 HTTP transactions. The main IP is 78.109.29.56, located in Ukraine and belongs to HOSTING-AS hosting.ua, UA. The main domain is hi.dn.ua.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.
This is the only time hi.dn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

36    78.109.29.56 (Ukraine)

ASN41665 (HOSTING-AS hosting.ua, UA)
PTR: 56.29.109.78.hosting.ua
hi.dn.ua
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
adservice.google.co.uk
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
15    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
googleads4.g.doubleclick.net
18    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    2a03:2880:f01c:202:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
ad.atdmt.com
2    213.254.244.108 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
tpsc-frc.doubleverify.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
36 hi.dn.ua
hi.dn.ua
2 MB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
326 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 269
227 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
78 KB
5 gstatic.com
fonts.gstatic.com
89 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 429
tps.doubleverify.com — Cisco Umbrella Rank: 454
tpsc-frc.doubleverify.com
111 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
94 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
89 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 449
55 KB
1 atdmt.com
ad.atdmt.com — Cisco Umbrella Rank: 3929
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 7344
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 840
693 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
114 16
Domain Requested by
36 hi.dn.ua 1 redirects hi.dn.ua
18 s0.2mdn.net hi.dn.ua
s0.2mdn.net
15 tpc.googlesyndication.com googleads.g.doubleclick.net
hi.dn.ua
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 pagead2.googlesyndication.com hi.dn.ua
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
9 googleads.g.doubleclick.net hi.dn.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com 1 redirects connect.facebook.net
2 cdn.doubleverify.com s0.2mdn.net
hi.dn.ua
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 connect.facebook.net hi.dn.ua
connect.facebook.net
2 www.google-analytics.com hi.dn.ua
www.google-analytics.com
2 s.yimg.com hi.dn.ua
1 tpsc-frc.doubleverify.com cdn.doubleverify.com
1 tps.doubleverify.com cdn.doubleverify.com
1 ad.atdmt.com googleads.g.doubleclick.net
1 googleads4.g.doubleclick.net hi.dn.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com hi.dn.ua
114 22

This site contains no links.

Subject Issuer Validity Valid
hi.dn.ua
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-28 -
2023-01-18		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh

This page contains 16 frames:

Primary Page: https://hi.dn.ua/
Frame ID: F6007B18EFEB4F8D184BBBAD23172FA8
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: D74E31A6B956ADEE41CBBDA4A3227664
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Frame ID: 7E0FDF7186AEC0ACC982A5B6F535FF18
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&slotname=7070383555&adk=266901632&adf=505200489&pi=t.ma~as.7070383555&w=0&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=12&format=0xnull&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199859&bpp=1&bdt=1234&idt=320&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=423&ady=2777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aexQzqk8HY&p=https%3A//hi.dn.ua&dtd=324
Frame ID: DAAA1CBE8FE74516F48C772A3352B440
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=327&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=FFGp8LARVz&p=https%3A//hi.dn.ua&dtd=330
Frame ID: 339A06F77159A7CEFF211CB80DA3493F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Frame ID: 2F91CAEA90E45D559E9580D440415EB6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&adk=1812271804&adf=3025194257&lmt=1670724307&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fhi.dn.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199861&bpp=1&bdt=1235&idt=341&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280%2C363x280&nras=1&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=346
Frame ID: 9BC8428C9BD2551E07F59D90BE0A629A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E6B8E97FDB26D7769A453B203FF850A8
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8XsXHfy0r7L6a08Zd3LD-zQytZxQYUutZbPmXDL2EmvrS4FbdD0vvKPlUBzk0K6DbsMBSifNV0decTGQBy-eHt1lJKGjfMC-2CRLwZSnNeH6L3RdlBWRfQWsQ01A19NmR8g0qLqfxNdwoNm_FD2WW0qjTHi1W-t45LNQkFxckTZdcU8Rlcp7SlATXxDysnGGFtaO9I2Fc0qoqMoachxpPJO7F8NsXQ_5DdfJUSnFkuXMh7rY-28F21jFxYTU6C3IkU1HIo9VWJSnR2Cg49gGQuDlNRQNTD7MDT3m0u7LrT4xP2D4I720hs3y_LsJXcHoD89TnWdiO7m8XDFGAPyPfeFMRZSB4pslNAY2ElnlD4yMxEXj0cOVdA8aUZHsqvWcHGcEDSCDqKJ0cYuNIXcD22mdj-umv-P7ZV3secJYUoicsBN9GOqY-XZ1cP9P6q6G7HT_vwbX49ZLCB-l7nyrfq5XXDK8wRfRGTGHKNXjNJgBDlVGho1aciMgmSHaxusyPd53r37RTpKq1T6xyYoJRm53a-HixNLEQJWDL-Ulb63_MvjXWK7WTJu2G__W6osIoQfJnjTfwmhNgVsLxXi6p0__-j0K9TkUYTxsP0WutsJsAkg1m-RAe0QRs_xrRKgIl4tkG1aKNXJXY6S-c9HKCvHTJ8YNCS2pgszEjYnY3GKlkXQiMM4I7Anvm-ZVCKvNfhh9MJQUIhmNTK6S_FQagJhQP1Rmn1q7CjiTvtiaBrwQxX9uW518DdzTiylvfMQNX7UKWfUfMpZPNZrq3uPmwHAZ6MkhIvMS-hwOK2YatOcnMc69Uica-p2tgnwhS95G5MyNLNFvN_rKSNvdz3WDmwJrgE7yYi4EA6Vt6x8Y8TAWSPkqEfFIhVTPyg_UjUOvXDlcPaGRr3PaDjBRxjlyGRMRrtWGPkLHw-ejxLJL3KaF6FKGYAKwbOyXFHOnTCYQoc9S-dfbFDigXYWXjfX8GoV8lKBB2aA&sai=AMfl-YSH-hMAPhCWAqFUr11NX8b6XNQiKf6w1iMmuGsbpxxukp89Vdv94HWuEjMLVXcgcb5HO1qSuyVCKA8IPD8MXPvuNKu1ftfVjwqBovnD9tYBB8ZheWIPd8qxM7ykJVNslyX62OKzY0a5PcauoAD0dT6bgNtLCu4SreThek-WdhYYODYsW4Xyx8Swa_Bb3KmbqJGmerZc7k6i49WBIaBFm9uCWq8N2l_TWy3OJtq9JU5fjgwUHyKXzg&sig=Cg0ArKJSzF2q5I-npUH-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 92434F3A539F6492430B6542F658EE43
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 35F267972587ACCC4807EE28F96DFFFF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F94BCE7C5EFA906022A7488BB128B933
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Frame ID: D3E2A0A377FE1EAA19FAA8CA5C826998
Requests: 18 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3317.js
Frame ID: 48E2B115CD2E51D2D6B9D677269C9BA3
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fe8f2ee43b838%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffc634c091d859c%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Frame ID: D89FD94C6C2A524B8C3DB94ABA1576B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED898BBAA3991CF47A47A770900175ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37B80BD24A15A2273FF4B1B10C74578D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини Краматорська, газета Привіт - Оголошення Краматорська

Page URL History Show full URLs

  1. http://hi.dn.ua/ HTTP 301
    https://hi.dn.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

114
Requests

99 %
HTTPS

85 %
IPv6

16
Domains

22
Subdomains

21
IPs

6
Countries

2630 kB
Transfer

4987 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hi.dn.ua/ HTTP 301
    https://hi.dn.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 106
  • https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fe8f2ee43b838%26domain%3Dhi.dn.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhi.dn.ua%252Ffc634c091d859c%26relation%3Dparent.parent&container_width=363&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FNovostiKramatorska&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false&width=500 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fe8f2ee43b838%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffc634c091d859c%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hi.dn.ua/
Redirect Chain
  • http://hi.dn.ua/
  • https://hi.dn.ua/
157 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx / PHP/7.3.25
Resource Hash
5882101b42f8516706ecbc0b0b32406691f29d24adb10e1f1c2da35a70a8fa72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, public
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 11 Dec 2022 02:22:39 GMT
ETag
"3bd91b98e619563c677967b1d34cf2ba"
Expires
Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified
Sun, 11 Dec 2022 02:05:07 GMT
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.3.25

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 11 Dec 2022 02:22:38 GMT
Location
https://hi.dn.ua/
Server
nginx
X-Frame-Options
SAMEORIGIN
css
fonts.googleapis.com/ 		43 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic&display=swap
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44539af67ca707df62cf9fcd03acb3bf8c1bb890b6eae85a66aea9be7fc92283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Dec 2022 02:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 02:19:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Dec 2022 02:19:58 GMT
0781d4ba7535016dacff3c02daa732b98e7d3c73fe253320b75c9962647b4f4c.css
hi.dn.ua/media/com_jchoptimize/cache/css/ 		666 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/media/com_jchoptimize/cache/css/0781d4ba7535016dacff3c02daa732b98e7d3c73fe253320b75c9962647b4f4c.css
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
872fb631ce0ba6479d706175d13bcf396df6a86f3b1f3366fad8aa088f1727f5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Dec 2022 02:05:07 GMT
Server
nginx
ETag
W/"63953ad3-a6814"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=1296000, public
Connection
keep-alive
Expires
Mon, 26 Dec 2022 02:22:39 GMT
metprom_perspectiva.gif
hi.dn.ua/images/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/images/metprom_perspectiva.gif
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
1e9caa55ac982451d0d59d00ccdf3eb97004a7bd337ad5c7566f60717ea8243f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Fri, 22 Feb 2019 18:18:39 GMT
Server
nginx
ETag
"5c703cff-a15a"
Content-Type
image/gif
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41306
Expires
Mon, 26 Dec 2022 02:22:39 GMT
metr_plus3_1908.jpg
hi.dn.ua/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/images/metr_plus3_1908.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
48bb1e43025685415b478082c09115ba3a6dac3018552b29dd01051f05440101

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Thu, 20 Aug 2020 05:45:03 GMT
Server
nginx
ETag
"5f3e0ddf-54eb"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21739
Expires
Mon, 26 Dec 2022 02:22:39 GMT
Privet_1301_Elma-theBest.gif
hi.dn.ua/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/images/Privet_1301_Elma-theBest.gif
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
a59e132b1c2fb6b74efb031c5b158c6d501d769762786683aa2a9c85cb8d3653

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Thu, 13 Jan 2022 10:32:49 GMT
Server
nginx
ETag
"61dfffd1-30a7"
Content-Type
image/gif
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12455
Expires
Mon, 26 Dec 2022 02:22:39 GMT
logo.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo.png
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
4e89c38189dd2e61117834de251e624e572e4ceef3e14f43f9341fa65036f709

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 19 Jun 2022 06:27:45 GMT
Server
nginx
ETag
"62aec1e1-224f"
Content-Type
image/png
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8783
Expires
Mon, 26 Dec 2022 02:22:39 GMT
logo@2x.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo@2x.png
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
a0f0704fa49cf78b86a1beec93e28c5e1f6ca1aed094300b696fc3b1f086c626

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 19 Jun 2022 06:30:39 GMT
Server
nginx
ETag
"62aec28f-4b4c"
Content-Type
image/png
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19276
Expires
Mon, 26 Dec 2022 02:22:39 GMT
bankcarhtygfhgbuuuhjnt.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/bankcarhtygfhgbuuuhjnt.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
474db728131b60ee8259579ab23ac26a530bd870976b1182f78ff826505c6913

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:40 GMT
Server
nginx
ETag
"639534dc-24f5"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9461
Expires
Mon, 26 Dec 2022 02:22:39 GMT
318528921_694317905584100_4586745866747836714_n_820x360.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/318528921_694317905584100_4586745866747836714_n_820x360.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
d85f41458b18b7047c5d5dfc593e2e49640bc4693bd87145bd8e5d1abb7cd305

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:40 GMT
Server
nginx
ETag
"639534dc-18f7"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6391
Expires
Mon, 26 Dec 2022 02:22:39 GMT
tyf1ofkrynlo38o7778a.jpeg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/tyf1ofkrynlo38o7778a.jpeg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
61a58a8bfae475fc43bacda1ccaeabad4a1823206156b10fec51d152b2e252f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-1bfc"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7164
Expires
Mon, 26 Dec 2022 02:22:39 GMT
36f1982d_c7fc_4990_abba_6bedf24a9981_650x410.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/36f1982d_c7fc_4990_abba_6bedf24a9981_650x410.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
f209697e92bcb7e6c6bada284e5e909d4e76a19c738ae315eb72cc5f0483461e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-2ced"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11501
Expires
Mon, 26 Dec 2022 02:22:39 GMT
Holodnyj-borshh-s-kolbasoj-2.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/Holodnyj-borshh-s-kolbasoj-2.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
dbe49d736b94b4b20db3ca8e188a99c8c61517bdfda0218d3997b548e5e627b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-1b2b"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6955
Expires
Mon, 26 Dec 2022 02:22:39 GMT
bursssya.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/bursssya.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
e21cb2b0c13961ca081bc3879f4afcff347ea5bc665dbd9f6ae8adfa1f3f8de5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-1a4b"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6731
Expires
Mon, 26 Dec 2022 02:22:39 GMT
dronccd1dd2.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/dronccd1dd2.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
200e66ede98736134aa3354b9c361463155adf4bf9540386b5bced13dde45460

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-1d79"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7545
Expires
Mon, 26 Dec 2022 02:22:39 GMT
robuihgggd2.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/robuihgggd2.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
ac214d8f80416684b7ebdc138c5f8d1c19f9b0a6282d92f922a0d0cf0b34c28f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-128d"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4749
Expires
Mon, 26 Dec 2022 02:22:39 GMT
c68ecbcb-9329f18c75a8766c5c9649255db5aa2f.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news133/c68ecbcb-9329f18c75a8766c5c9649255db5aa2f.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
bc43e2e09fa056b58509ce3323b02026fc450fc829e442f2549830d915d802c9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-1e86"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7814
Expires
Mon, 26 Dec 2022 02:22:39 GMT
632eaf1a59be6.jpeg
hi.dn.ua/cache/rsca/243x160/images/news132/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news132/632eaf1a59be6.jpeg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
b980127387edbc14545c838b85002dfc8c687b766d08483cd8b76269235a1f2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-2f59"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12121
Expires
Mon, 26 Dec 2022 02:22:40 GMT
budgeqgggt.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news132/budgeqgggt.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
be17907b215c53089d69f2dc8420851d9f327413e8779b5d17489bb419aa7a71

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-28f0"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10480
Expires
Mon, 26 Dec 2022 02:22:40 GMT
1653920924-5454.jpg
hi.dn.ua/cache/rsca/243x160/images/news131/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news131/1653920924-5454.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
b3fb7bcddf609e070abce11b5c1181034f77cb86da0ab0bbb9dce0cfa1fdb6a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-245f"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9311
Expires
Mon, 26 Dec 2022 02:22:40 GMT
smvmvmiggldkfjmqqdq1g.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news132/smvmvmiggldkfjmqqdq1g.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
96a7522ba9b70604dd8d53ae09a87628aacb1c8b9561135c653666c9aebe6a19

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-2599"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9625
Expires
Mon, 26 Dec 2022 02:22:40 GMT
50_main-v1663622506.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news132/50_main-v1663622506.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
1a36b98ad1e34d6cc6e485ce9a3de0a2a4ce4e1d4ce42c8e732371e0ae022b93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-29a6"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10662
Expires
Mon, 26 Dec 2022 02:22:40 GMT
1643489684630f5f52b7053.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/cache/rsca/243x160/images/news132/1643489684630f5f52b7053.jpg
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
1cf9b1f7172f446f8f461b873e61c7189f02a90b403210215febe76b8627c0b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 01:39:41 GMT
Server
nginx
ETag
"639534dd-277b"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10107
Expires
Mon, 26 Dec 2022 02:22:40 GMT
7a3e18c2a78f3818e2ec07ed39e9c566f1098be47d84a21630d07640085bfc75.js
hi.dn.ua/media/com_jchoptimize/cache/js/ 		537 KB
537 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/media/com_jchoptimize/cache/js/7a3e18c2a78f3818e2ec07ed39e9c566f1098be47d84a21630d07640085bfc75.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
09a707f84e66375017dd968516b68edca1de5e227b8ef7b8dcad33a1f517c5bd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 02:05:07 GMT
Server
nginx
ETag
"63953ad3-8630c"
Content-Type
application/javascript
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
549644
Expires
Mon, 26 Dec 2022 02:22:40 GMT
sppagebuilder.js
hi.dn.ua/components/com_sppagebuilder/assets/js/ 		72 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/components/com_sppagebuilder/assets/js/sppagebuilder.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
df9d06b9ad5f1e00724a0efa904888ac078fd9a69713b838f67b9496fd39d481

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Fri, 24 Jun 2022 09:31:34 GMT
Server
nginx
ETag
"62b58476-12125"
Content-Type
application/javascript
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74021
Expires
Mon, 26 Dec 2022 02:22:40 GMT
7a3e18c2a78f3818e2ec07ed39e9c566e679e3723dac99058eb3333b49bc2670.js
hi.dn.ua/media/com_jchoptimize/cache/js/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/media/com_jchoptimize/cache/js/7a3e18c2a78f3818e2ec07ed39e9c566e679e3723dac99058eb3333b49bc2670.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
173a07d2a0cf6488a4f1f5e52a11d743cda4ef8c817ee5c8ae02f58ff4c50914

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sun, 11 Dec 2022 02:21:04 GMT
Server
nginx
ETag
"63953e90-218e"
Content-Type
application/javascript
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8590
Expires
Mon, 26 Dec 2022 02:22:40 GMT
fontawesome-webfont.woff2
hi.dn.ua/templates/shaper_newskit/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/templates/shaper_newskit/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hi.dn.ua/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 02:22:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 04 Dec 2017 05:08:40 GMT
Server
nginx
ETag
W/"7d40382-12d68-55f7cb624c600"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Cache-Control
public
Connection
keep-alive
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70913036fdbfc1b2a902e535bff651e5b572624db941dfb283b0080506591f00

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		74 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd8e7e1f5f0c4ba65b80cff3dc4f146dfb57a7dcd4d3a0a18acce70c1e986e5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
newskit.ttf
hi.dn.ua/templates/shaper_newskit/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/templates/shaper_newskit/fonts/newskit.ttf?9ymzo3
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
81b7b2f584dcfe1c72be286287e21f6258f621fed241d139793108e1cdbefc7c

Request headers

Referer
https://hi.dn.ua/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:39 GMT
Last-Modified
Mon, 04 Dec 2017 05:08:40 GMT
Server
nginx
ETag
"5a24d858-66dc"
Content-Type
application/octet-stream
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26332
Expires
Mon, 26 Dec 2022 02:22:39 GMT
wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 08:45:52 GMT
x-content-type-options
nosniff
age
408846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22768
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:50:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 08:45:52 GMT
wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfLtrftV.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfLtrftV.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428fc11a6adab7e89d3a97a824d85fd2e639a68c2fb8760b3916b6fed0bc9bcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 09:46:44 GMT
x-content-type-options
nosniff
age
145994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10312
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 09:46:44 GMT
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 05:31:51 GMT
x-content-type-options
nosniff
age
334087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22760
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 05:31:51 GMT
wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMB0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMB0ciZb.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d2d1df62f88b61869b7c5b83aed486fbd7eb569497f02a3a1b830b90e4319a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 20:46:28 GMT
x-content-type-options
nosniff
age
192810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10240
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:46:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 20:46:28 GMT
logo2.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo2.png
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
40922aa70b57730608904f5cfefa3b0aaa885e0c872caa310a4961af10c7f0e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Mon, 16 Nov 2020 11:30:32 GMT
Server
nginx
ETag
"5fb262d8-205d"
Content-Type
image/png
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8285
Expires
Mon, 26 Dec 2022 02:22:40 GMT
galis_odeghda.gif
hi.dn.ua/images/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/images/galis_odeghda.gif
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
125888320d828f42ac010da9ef94ec7172c54d468266502bbcb220299c611778

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Tue, 18 Aug 2020 07:24:28 GMT
Server
nginx
ETag
"5f3b822c-7db8"
Content-Type
image/gif
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32184
Expires
Mon, 26 Dec 2022 02:22:40 GMT
8n-100567.png
s.yimg.com/os/mit/media/m/weather/images/icons/l/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/os/mit/media/m/weather/images/icons/l/8n-100567.png
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
ebba5542fc22a4318f730bfc3263014f058ceea6c9e6044c9e0dce97759620b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:59:35 GMT
x-amz-version-id
null
x-amz-meta-created-date
Mon, 11 Jun 2012 23:36:44 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
70RN3PTQADJ44N9F
age
138025
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1339457804699813
content-length
24333
x-amz-id-2
7ek5OoXNuCjAFjW3TtGlHP3A5Fd+c0yGhYteV63FddjiU+CUeL7wo1aK6B9d1HFRGsGsJvPDs8M=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 May 2018 21:13:59 GMT
server
ATS
etag
"e13340797df2664c3362d9f347515d51"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=567648000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:97914ca6-15fc-4e5d-ab3c-de1802ed61a40004c23ad2a408a5"
x-amz-meta-x-ysws-access
public
expires
Sat, 10 May 2036 21:13:58 GMT
27d-100567.png
s.yimg.com/os/mit/media/m/weather/images/icons/l/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/os/mit/media/m/weather/images/icons/l/27d-100567.png
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1c3e1a26bff762e758008d219a90f4f0e46084d268b2f8deab98c2f1d9ffe899
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 06:01:15 GMT
x-amz-version-id
null
x-amz-meta-created-date
Mon, 11 Jun 2012 23:36:41 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
ERBQRHPABST41316
age
2665125
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1339457801272919
content-length
30602
x-amz-id-2
4OEV3+KfaEEe1YQMOeiqDX0GIVa7ZrfDkPWgXXy7uK42luLTaNlM+4R0zYXa8rl6omM1e8wZdp0=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 22 May 2018 22:41:41 GMT
server
ATS
etag
"708340434517891f81b49f0d12c0bd2e"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=567648000,public
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:5eae7bfa-6bf1-41c6-aba3-7a97226966ea0004c23ad26fbe57"
x-amz-meta-x-ysws-access
public
expires
Sat, 17 May 2036 22:41:40 GMT
gorod_masterov18_05.gif
hi.dn.ua/images/ 		281 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/images/gorod_masterov18_05.gif
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
80273fc1aee79a2241ad5a484aa3f6eaa4931bdd242b545f2f40c5d7de8842fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Mon, 18 May 2020 06:18:29 GMT
Server
nginx
ETag
"5ec228b5-462aa"
Content-Type
image/gif
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
287402
Expires
Mon, 26 Dec 2022 02:22:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/media/com_jchoptimize/cache/js/7a3e18c2a78f3818e2ec07ed39e9c566f1098be47d84a21630d07640085bfc75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 01:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3853
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 11 Dec 2022 03:15:46 GMT
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/media/com_jchoptimize/cache/js/7a3e18c2a78f3818e2ec07ed39e9c566f1098be47d84a21630d07640085bfc75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84b7ec54a1dfa5b048251d5eb487ad46cc6e1eae8d024bfc30f15a242816fddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 02:19:59 GMT
content-md5
ea/89IBwPnR5gMEKJhdR+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
vRgalyzh/hTb25cbUyvI6k/FuPU03tL8ttkKrP2WkAGCVZ7uOaUrOeSnKW2eWyTOUMuUYPMJpEiAtFwJ/NPf2Q==
x-fb-trip-id
1679558926
x-fb-content-md5
27b69b59cff937954df2255086b41330
cross-origin-opener-policy
same-origin-allow-popups
etag
"b1ac0181888932bba79a8a6ebfd43755"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 02:28:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame D74E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/media/com_jchoptimize/cache/js/7a3e18c2a78f3818e2ec07ed39e9c566f1098be47d84a21630d07640085bfc75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
44674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 13:55:25 GMT
etag
10353107486223812946
expires
Sat, 24 Dec 2022 13:55:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ 		356 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/media/com_jchoptimize/cache/js/7a3e18c2a78f3818e2ec07ed39e9c566f1098be47d84a21630d07640085bfc75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bbc6961cbee67afce64f67c9c4e3a26e810cb18111b2374d7804f9de0ebbe4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:19:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119777
x-xss-protection
0
server
cafe
etag
12954648082032248504
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 02:19:59 GMT
camera_skins.png
hi.dn.ua/modules/mod_responsive_slider/assets/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/modules/mod_responsive_slider/assets/images/camera_skins.png
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/media/com_jchoptimize/cache/css/0781d4ba7535016dacff3c02daa732b98e7d3c73fe253320b75c9962647b4f4c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
42931bd149d230ca9ab1e72b1a914543dc108e3098673d339c1c3d32ccf2d776

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/media/com_jchoptimize/cache/css/0781d4ba7535016dacff3c02daa732b98e7d3c73fe253320b75c9962647b4f4c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Mon, 15 Oct 2018 18:26:48 GMT
Server
nginx
ETag
"5bc4dbe8-5e8a"
Content-Type
image/png
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24202
Expires
Mon, 26 Dec 2022 02:22:40 GMT
IcoMoon.woff
hi.dn.ua/templates/shaper_newskit/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hi.dn.ua/templates/shaper_newskit/fonts/IcoMoon.woff
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Request headers

Referer
https://hi.dn.ua/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Mon, 04 Dec 2017 05:08:40 GMT
Server
nginx
ETag
"5a24d858-6350"
Content-Type
font/woff
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25424
Expires
Mon, 26 Dec 2022 02:22:40 GMT
wEOjEADFm8hSaQTFG18FErVhsC9x-tarUfPdr-NR.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasanscondensed/v10/wEOjEADFm8hSaQTFG18FErVhsC9x-tarUfPdr-NR.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1ad2c431573b94173dd97d42c82274437f2f2bf1313b6e9260db92233e5913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 12:51:09 GMT
x-content-type-options
nosniff
age
221330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23708
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:49:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 12:51:09 GMT
318425251_1794174124283750_7179952462197151895_n.jpg
hi.dn.ua/images/reslidercon/755x384/images/news133/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/images/reslidercon/755x384/images/news133/318425251_1794174124283750_7179952462197151895_n.jpg?1670725199895
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
9e211327fdd1b0a3c15a5dd71cd4ca839e0b271dd7b88c19220604aa0f6d596f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sat, 10 Dec 2022 14:50:40 GMT
Server
nginx
ETag
"63949cc0-99e0"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39392
Expires
Mon, 26 Dec 2022 02:22:40 GMT
sdk.js
connect.facebook.net/ru_RU/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=838bcfdd092b09e13f2a12409252df71
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfbdac5ebae892737f66d2de02c770a7b4a6fa1d0d126e6b9938325c46a6f5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hi.dn.ua/
Origin
https://hi.dn.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Dec 2022 02:20:00 GMT
content-md5
UNs2HcDAB00PzMk0X7Pgjg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88698
x-fb-rlafr
0
x-fb-debug
QZyvK3S46UGVgUEFtlz2JuMT7TSX0BX00hPI466DrpAejX3XA2RdvfxUZG7tIgga+KxGbroqK8Ly1xYS0Y/LnA==
x-fb-content-md5
9f6eb6518adb55539d1174972cc897f3
cross-origin-opener-policy
same-origin-allow-popups
etag
"7ec10116ca56eb091cfa77dd37bd91b8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 11 Dec 2023 01:48:01 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=124623386&t=pageview&_s=1&dl=https%3A%2F%2Fhi.dn.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9A%D1%80%D0%B0%D0%BC%D0%B0%D1%82%D0%BE%D1%80%D1%81%D1%8C%D0%BA%D0%B0%2C%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%B2%D1%96%D1%82%20-%20%D0%9E%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D0%BD%D1%8F%20%D0%9A%D1%80%D0%B0%D0%BC%D0%B0%D1%82%D0%BE%D1%80%D1%81%D1%8C%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=835739265&gjid=617875749&cid=2100420178.1670725200&tid=UA-10437307-1&_gid=1991844341.1670725200&_r=1&gtm=2oubu0&z=1087832271
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hi.dn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 02:20:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hi.dn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
318528921_694317905584100_4586745866747836714_n_820x360.jpg
hi.dn.ua/images/reslidercon/755x384/images/news133/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/images/reslidercon/755x384/images/news133/318528921_694317905584100_4586745866747836714_n_820x360.jpg?1670725200116
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
533d1ea23a8f51ea10d6490d3e206786d83c5b4e0175cf44796461199600ae0f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:40 GMT
Last-Modified
Sat, 10 Dec 2022 09:54:47 GMT
Server
nginx
ETag
"63945767-8cf8"
Content-Type
image/jpeg
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36088
Expires
Mon, 26 Dec 2022 02:22:40 GMT
cookie.js
partner.googleadservices.com/gampad/ 		383 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=hi.dn.ua&callback=_gfp_s_&client=ca-pub-4643767719705239&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
753c318c5cceec424d0edfa5daf8d3faf14cea029dc747fe3ba90a46aa738f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=hi.dn.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hi.dn.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7E0F 		101 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0656770f6810974ddb792de15a8325a24cf201e44672a3c447b619ebf114cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33597
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:00 GMT
expires
Sun, 11 Dec 2022 02:20:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DAAA 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&slotname=7070383555&adk=266901632&adf=505200489&pi=t.ma~as.7070383555&w=0&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=12&format=0xnull&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199859&bpp=1&bdt=1234&idt=320&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=423&ady=2777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=aexQzqk8HY&p=https%3A//hi.dn.ua&dtd=324
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e59996338dc517313f704edc72c1f6d67e0c642a926778bb72a662e8f70d84ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:00 GMT
expires
Sun, 11 Dec 2022 02:20:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10437307-1&cid=2100420178.1670725200&jid=835739265&gjid=617875749&_gid=1991844341.1670725200&_u=YEBAAUAAAAAAACAAI~&z=1490611867
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hi.dn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Dec 2022 02:20:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hi.dn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 339A 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=327&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=FFGp8LARVz&p=https%3A//hi.dn.ua&dtd=330
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fe911eb0a0cd854966228b81085e5ef35aaffd2f6007089b1f05025de9e0f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:00 GMT
expires
Sun, 11 Dec 2022 02:20:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2F91 		113 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac0f2eb5183545981b76c353befd384f0e5503e57e173b8b505bc6f152f2bf64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
40606
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:00 GMT
expires
Sun, 11 Dec 2022 02:20:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9BC8 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&adk=1812271804&adf=3025194257&lmt=1670724307&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fhi.dn.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199861&bpp=1&bdt=1235&idt=341&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280%2C363x280&nras=1&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:00 GMT
expires
Sun, 11 Dec 2022 02:20:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
blank.gif
hi.dn.ua/modules/mod_responsive_slider/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hi.dn.ua/modules/mod_responsive_slider/assets/images/blank.gif
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/media/com_jchoptimize/cache/css/0781d4ba7535016dacff3c02daa732b98e7d3c73fe253320b75c9962647b4f4c.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS
56.29.109.78.hosting.ua
Software
nginx /
Resource Hash
aee8c07608f2afc59c654360702b207236006a9adfd0abeb287fe33b362c7293

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/media/com_jchoptimize/cache/css/0781d4ba7535016dacff3c02daa732b98e7d3c73fe253320b75c9962647b4f4c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
public
Date
Sun, 11 Dec 2022 02:22:41 GMT
Last-Modified
Mon, 15 Oct 2018 18:26:48 GMT
Server
nginx
ETag
"5bc4dbe8-449"
Content-Type
image/gif
Cache-Control
max-age=1296000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1097
Expires
Mon, 26 Dec 2022 02:22:41 GMT
7812871359764871840
tpc.googlesyndication.com/simgad/ Frame 7E0F 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7812871359764871840?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnywN20yvU5JhD6AKv2UXUpZm0veg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ecdab6bddbeea29122bd20ef2557858fdbb74fc627a6d6a176197018c1b3d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 00:36:10 GMT
x-content-type-options
nosniff
age
92630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50572
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 01:10:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 10 Dec 2023 00:36:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 7E0F 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 23:50:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
8958
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 23:50:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 7E0F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 22:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
13934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:27:46 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 7E0F 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:08:41 GMT
x-content-type-options
nosniff
server
cafe
age
72679
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Sun, 11 Dec 2022 06:08:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 7E0F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 13:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
45280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 13:45:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E0F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 02:20:00 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 7E0F 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 21:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
15903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13740
x-xss-protection
0
server
cafe
etag
2612990788289469886
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 21:54:57 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7E0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4BZuUD6VY9DFEof73gPe0rWYBODXnuJpu9j7mbcQv5HD1K8sEAEg8uTTGWC7hoCA0AqgAcWX_-cDyAECqQJ-xmmqDZG0PqgDAcgDyQSqBLgBT9CsUyNmHjZLpMeCvOoZpjFDGcYcr6YKfP5HeojJp2O9ohkV6J2AG7kGgujfjqInazLxqJ4pWZ0wlsOcHlBYERKCE6crobPkKjWwvV7qSnnbFAX4JepvY4tjUEZ1GB6S4DLfJYxWrhjQpQi91S4SxuCMbaXucaVQmos7NXcUOLwlSkupzFa63LE-6pHxysaFz6Ux7KfpJrZO21Csz3Waau1Oz1d3sbBalDqCSqmCWg8Y1alulq5iyMAE19WahekDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB6PogBioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDNtQPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NjQzNzY3NzE5NzA1MjM5GAA&sigh=bjQ1tir0yLo&uach_m=[UACH]&cid=CAQSGwDq26N9bSnBwaLESEmtWdIJ5CESxN6UxB8oUBgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 11 Dec 2022 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 11 Dec 2022 02:20:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E6B8 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 01:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7E0F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
101d936797348adeff0ecbd1f04458f495ae23c674fa5e3ff707efbe8b2a57b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame E6B8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:01 GMT
expires
Sun, 11 Dec 2022 02:20:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9243 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8XsXHfy0r7L6a08Zd3LD-zQytZxQYUutZbPmXDL2EmvrS4FbdD0vvKPlUBzk0K6DbsMBSifNV0decTGQBy-eHt1lJKGjfMC-2CRLwZSnNeH6L3RdlBWRfQWsQ01A19NmR8g0qLqfxNdwoNm_FD2WW0qjTHi1W-t45LNQkFxckTZdcU8Rlcp7SlATXxDysnGGFtaO9I2Fc0qoqMoachxpPJO7F8NsXQ_5DdfJUSnFkuXMh7rY-28F21jFxYTU6C3IkU1HIo9VWJSnR2Cg49gGQuDlNRQNTD7MDT3m0u7LrT4xP2D4I720hs3y_LsJXcHoD89TnWdiO7m8XDFGAPyPfeFMRZSB4pslNAY2ElnlD4yMxEXj0cOVdA8aUZHsqvWcHGcEDSCDqKJ0cYuNIXcD22mdj-umv-P7ZV3secJYUoicsBN9GOqY-XZ1cP9P6q6G7HT_vwbX49ZLCB-l7nyrfq5XXDK8wRfRGTGHKNXjNJgBDlVGho1aciMgmSHaxusyPd53r37RTpKq1T6xyYoJRm53a-HixNLEQJWDL-Ulb63_MvjXWK7WTJu2G__W6osIoQfJnjTfwmhNgVsLxXi6p0__-j0K9TkUYTxsP0WutsJsAkg1m-RAe0QRs_xrRKgIl4tkG1aKNXJXY6S-c9HKCvHTJ8YNCS2pgszEjYnY3GKlkXQiMM4I7Anvm-ZVCKvNfhh9MJQUIhmNTK6S_FQagJhQP1Rmn1q7CjiTvtiaBrwQxX9uW518DdzTiylvfMQNX7UKWfUfMpZPNZrq3uPmwHAZ6MkhIvMS-hwOK2YatOcnMc69Uica-p2tgnwhS95G5MyNLNFvN_rKSNvdz3WDmwJrgE7yYi4EA6Vt6x8Y8TAWSPkqEfFIhVTPyg_UjUOvXDlcPaGRr3PaDjBRxjlyGRMRrtWGPkLHw-ejxLJL3KaF6FKGYAKwbOyXFHOnTCYQoc9S-dfbFDigXYWXjfX8GoV8lKBB2aA&sai=AMfl-YSH-hMAPhCWAqFUr11NX8b6XNQiKf6w1iMmuGsbpxxukp89Vdv94HWuEjMLVXcgcb5HO1qSuyVCKA8IPD8MXPvuNKu1ftfVjwqBovnD9tYBB8ZheWIPd8qxM7ykJVNslyX62OKzY0a5PcauoAD0dT6bgNtLCu4SreThek-WdhYYODYsW4Xyx8Swa_Bb3KmbqJGmerZc7k6i49WBIaBFm9uCWq8N2l_TWy3OJtq9JU5fjgwUHyKXzg&sig=Cg0ArKJSzF2q5I-npUH-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 11 Dec 2022 02:20:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9243 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 15:32:31 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 9243 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 19:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
24265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 19:35:36 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9243 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:32:31 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9243 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 18:32:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
28052
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14217
x-xss-protection
0
server
cafe
etag
13612117104345174519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 18:32:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9243 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 22:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
13935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 22:27:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 9243 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 13:45:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
45281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 13:45:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9243 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 02:20:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 9243 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 23:50:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
8959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 23:50:42 GMT
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame 35F2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2690419178&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199855&bpp=4&bdt=1230&idt=303&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&correlator=4278280713188&frm=20&pv=2&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GQx9s4Pk3h&p=https%3A//hi.dn.ua&dtd=319
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 15:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 15:59:21 GMT
truncated
/ Frame 9243 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dde9555f2eac4d134a9ffe4549e6820f686a04291a837c379c6d1da091b441ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F94B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
470837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 15:32:44 GMT
expires
Tue, 05 Dec 2023 15:32:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvtp_src.js
cdn.doubleverify.com/ Frame 9243 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=352921691&num=&adid=&advid=8650961&adsrv=1&btreg=544401850&btadsrv=doubleclick&crt=182018373&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 02:20:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 11:39:13 GMT
Server
Microsoft-IIS/10.0
ETag
"8065f8730ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3315
index.html
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/ Frame D3E2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a2c81932873500bc113572e5b7212e9e473b1e8c0f10499e8092a55937df050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
157316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1746
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 06:38:05 GMT
expires
Sat, 09 Dec 2023 06:38:05 GMT
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921691;a.a=544401850;cache=2904109249;
ad.atdmt.com/i/ Frame 9243 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921691;a.a=544401850;cache=2904109249;
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:202:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame F94B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 15:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 15:59:21 GMT
style.css
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/ Frame D3E2 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc196f8a908960ed2108371fc671938181c14d38b87ef2eb047147d543888cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 12:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308969
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1673
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 12:30:32 GMT
brand.css
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/ Frame D3E2 		0
0
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D3E2 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 02:20:01 GMT
easepack_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D3E2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Dec 2022 02:20:01 GMT
initialLoader.min.js
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/ Frame D3E2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/initialLoader.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 12:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308969
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1989
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 12:30:32 GMT
fontfaceobserver.standalone.js
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/ Frame D3E2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/fontfaceobserver.standalone.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 12:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308969
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1674
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 12:30:32 GMT
custom.js
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/ Frame D3E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baa65d81f48c211672e20e98cf0d7add2ee8d6e5484155afa46a02c1a63cf606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 12:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308969
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1203
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 12:30:32 GMT
logic.js
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/ Frame D3E2 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7bded8a179b31d2795703f0fb8c7e7b46a8f427789d1bb11eec24dfddb4da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 15:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124849
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2256
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 15:39:12 GMT
messaging.js
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/ Frame D3E2 		3 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/messaging.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 12:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308969
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
941
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 12:30:32 GMT
dv-measurements3317.js
cdn.doubleverify.com/ Frame 48E2 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3317.js
Requested by
Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 11 Dec 2022 02:20:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 09:45:11 GMT
Server
Microsoft-IIS/10.0
ETag
"80ad389920ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108147
config.js
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/config/ Frame D3E2 		862 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/config/config.js?r=0.36495064949401756
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c342ccac622c973b4b047ea70de457a8e79e9477ea916ce1e27957cb58acb29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
521
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Dec 2023 02:20:01 GMT
chevron.png
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/ Frame D3E2 		190 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/chevron.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 11:56:07 GMT
x-content-type-options
nosniff
age
311034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 11:56:07 GMT
aldine_light.woff2
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/fonts/ Frame D3E2 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/fonts/aldine_light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 15:57:02 GMT
x-content-type-options
nosniff
age
123779
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24316
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 15:57:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F94B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcqqRUD6VY6LKEpeX3gOIlJbwAwAAAAA4AeAEAg&bg=!KSqlKm7NAAYgquz3AKo7ACkAdvg8WsPyQcmFGk33H88mF6EJ4gV5YHe6J458uulZpOaBDzR5ShkGIgIAAACcUgAAAAJoAQcKAKqFh8klBpvykaGnODCIfYFvKJulgWeB7opsXs2GnWUeN3sEzOAL5NljDg0gBKRRhct7NItNqK7nJWl9sgvrTExF4pvWlumeW6f1qnUvjwglfy54D_ZeEgIlhbbWRTFz32bQutVT1HrCXbCtBiEW8dAjpuHbORrAlV73pEEqD1mgDdtIuCEPObMtvvqBSanpps_qiqTBR1avVIZCYb8Ua4GSoqs_dLNyoBld3JkC79iOHqFIhF4PsECKaYOrwEwNbyx9NpOrSBd6W5eHjaV4AcJiEICry4tBDdYYNyXIfBoEN19_71PGx6ysQiqLHYAa1nyXIHHLP_aYTWsib2kVChqmCbTctj_rPGYfEzaQz4v6klgnRCkiSz_DVpqWVKNGa0EXchO3KZYiVIlf-asaDUqPTpn9YLeH9po7xSuDOkGQjxoFNTvJFNoj7zxf5WFmBUzl_OKty72foRUDwTtD_A3vAx97FQBZHPR6KlkM2hvkHQbtG8wIl4a43YuRBPA4jdLwVKDeQLttgxexzGLiwlRJDIOhaNjlM-cUSdUWB4IP0at0AoPjyv-sYxv5EC7C1EXiQrVZ9KPIMHwVQ-31yLQwyTrNctEVmPq7k5zw34Gw9UOzafXqP6SM-9Rn7thhjANLAIt5u2ymCC_O9XIERQ9qiUOo3RcP-s8a28f9qS20SZhMLEUHCjN6z1RhPq0lx4aMLbwAWl2V_3znGJNU3zuWwlh-2-9A-Ft_UsuoR9f9L7Hr0lFhrC3TKdodvBc24LCNSA2TmLyIa7ViQX_-x3utdHpIw0AWT9hnxUJsC_QEJ2lbLHxe7kClaBrqPvy-h0Po_acWjTxuS5vQr-TwUuxkjY6niYyVRBLMuwXWCHKB9Ncm_kABW8QKo5GpGhnT0Mj5pHssB1htQPuwMHNQor_Zs3_cs_m2GPc0GuqMsEtVo13ds3IbV-HCUH2jdR7Don-H2TwIQZQ8Bz8vMb67xAhi9NiZ6TjNNqwZnfSGZVgndREhwlDvxZmumvIaGv7m79zK5N01ExJU0JL6jBXnR4OG8tRAJSzyyL1bJkSJWiqATtFiL169r2Q8OAM4eMbh5B2Ssd81i1S-86o5WPG6Q3cPnpsxYIb4QK8xKIJ1Ho76KaykTtW3SibJ2VvC1Q3itdU7coMqwGZjwv-F1Tq6tZTzxK_AxWcAJ3Ex_3psb8U40Qv9GjVTeKN7oY09kDpZe07K8GMW2zr0PbTW_0Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4264711690&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1670724307&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670725199860&bpp=1&bdt=1234&idt=336&shv=r20221206&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=4278280713188&frm=20&pv=1&ga_vid=2100420178.1670725200&ga_sid=1670725200&ga_hid=124623386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=809&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071261&oid=2&pvsid=2523352661959068&tmod=2142577813&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=omfwN5diBy&p=https%3A//hi.dn.ua&dtd=338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 02:20:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 48E2 		978 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=136&ttfrms=28&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau9%3A%5D5%3F%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau9%3A%5D5%3F%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=250&ddur=191&uid=1670725201581402&jsCallback=dvCallback_1670725201581824&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3317&tgjsver=3317&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4643767719705239%26output%3Dhtml%26h%3D280%26slotname%3D5196745422%26adk%3D3565012385%26adf%3D4264711690%26pi%3Dt.ma~as.5196745422%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670724307%26rafmt%3D1%26format%3D363x280%26url%3Dhttps%253A%252F%252Fhi.dn.ua%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1670725199860%26bpp%3D1%26bdt%3D1234%26idt%3D336%26shv%3Dr20221206%26mjsv%3Dm202211300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D363x280%252C0xnull%252C785x280%26correlator%3D4278280713188%26frm%3D20%26pv%3D1%26ga_vid%3D2100420178.1670725200%26ga_sid%3D1670725200%26ga_hid%3D124623386%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1208%26ady%3D809%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31071261%26oid%3D2%26pvsid%3D2523352661959068%26tmod%3D2142577813%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DomfwN5diBy%26p%3Dhttps%253A%2F%2Fhi.dn.ua%26dtd%3D338&fcifrms=6&brh=2&sdf=2&dvp_epl=224&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=352921691&crt=182018373&btreg=544401850&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=22449257381.815823&dvp_tukv=89243419505.06909&dvp_uuid=656604475.2228708&dvp_strhd=0.6999998092651367&dvpx_strhd=0.6999998092651367&dvp_tuid=1375783790894&jurtd=3566387442
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
83ebbca18b0c5e20e9f2e0b439356af579e51a5a97580a775e9a0a6fdf9aa638

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Dec 2022 02:20:02 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Expires
12/10/2022 02:20:01
coupleHoldingHands-tier1-360x300.jpg
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/ Frame D3E2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/coupleHoldingHands-tier1-360x300.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2befec74b8d36fa0179323d94b3feacaebfa79ebb3e1347aba5bcd1b02160ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 11:56:07 GMT
x-content-type-options
nosniff
age
311034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26865
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 11:56:07 GMT
connector.png
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/ Frame D3E2 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/connector.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:00:15 GMT
x-content-type-options
nosniff
age
109186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76141
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 20:00:15 GMT
aldine_light_italic.woff2
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/fonts/ Frame D3E2 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/fonts/aldine_light_italic.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 11:56:07 GMT
x-content-type-options
nosniff
age
311034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26720
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 11:56:07 GMT
hotel_names.json
s0.2mdn.net/json/ Frame D3E2 		43 B
62 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/json/hotel_names.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/scripts/custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:13:55 GMT
x-content-type-options
nosniff
server
sffe
age
366
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 11 Dec 2022 02:28:55 GMT
/
www.facebook.com/login/ Frame D89F
Redirect Chain
  • https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3fe8f2ee43b838%26d...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fe8f2ee43b838%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffc634c091d859c%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=838bcfdd092b09e13f2a12409252df71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 11 Dec 2022 02:20:02 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
t3KE1DAy9Ri2J6pNUFS5nKJ53BD5ptmI2IhtxuEiF3QLoLgVbDmYqSFrIg6HZgqtMDhD90G2mXhfSsThBqKsBg==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 11 Dec 2022 02:20:02 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3fe8f2ee43b838%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffc634c091d859c%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
EBzQWep3RDlqcbvvg/UL0G9QT+RR5aeQt+jWNsIt1y+9vSsng24gS9DkrKiiNNiZt+4afYUOQIdEz33UqS7aGA==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c772e182e9be0e99797c3c578744342bea6cd9666b2a03b9356c31704cbb3199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11221
x-xss-protection
0
logo.png
s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/ Frame D3E2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/images/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
153d6542dae5652359907e7fd4b060afd3e648cc10f0cf1c1f866d0c69f7e3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 11:56:07 GMT
x-content-type-options
nosniff
age
311034
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:23:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 11:56:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 02:20:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED89 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
13849
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 22:29:13 GMT
expires
Sun, 10 Dec 2023 22:29:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 37B8 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3321c5f49826a0a8623bfcfb21bd6b2b6ce692f5758d5665fd04ee328e49cf1e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fEss_1c3iYaXEvkJZmvEnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hi.dn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-fEss_1c3iYaXEvkJZmvEnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 11 Dec 2022 02:20:02 GMT
expires
Sun, 11 Dec 2022 02:20:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
pagead2.googlesyndication.com/bg/ Frame ED89 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 15:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15923
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 15:59:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 37B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=2523352661959068&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame ED89 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?W02K9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 02:20:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9243 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp7zJgoeLOgxIQImwprwzdZpJnxOC2801TaaM7HnwZqBAGSlwWvlbd-nRf9cN_rjucj-1wxLVNgra959HlNpBQwmKtBgU04YmzyR0TwgdXIzHBmy0rliKyAYIlHnYXNyKPe9VDv8VGCilowIeu9Y1EU-r-eR-doiIZ6XfVGOYYfJ4uY-U6xWxIFx0lzmKCdg&sai=AMfl-YQygwmeBrtBgJ1maYxV5ymcs27rin3_zasbGYLXXFllibquebyz3hvjItFjH-GMj2khGhCjfdp0bgfHTGI&sig=Cg0ArKJSzC8EKDVA5LMzEAE&cid=CAQSGwDq26N9QyxgfzV0WYpbqBDoG1nVvzmmMS9fkBgBIBM&id=lidar2&mcvt=1032&p=0,0,280,336&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3565012385&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670725200974&rpt=852&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Dec 2022 02:20:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=2523352661959068&bg=!vL-lv_vNAAYgquz3AKo7ACkAdvg8WhG7OOhNVd_uX-cHzTJjRINTbMW9mAD8lB9jdJzIPjzO_1tgPgIAAABZUgAAAAhoAQcKAA3hVMnH045s7BpOaOD0mQKdFkB4BAFPUUr_Iab61H5JsihR7jFTGfYk0DV2Cg9j5C7Nc0uq3LD8U8tIb8yf4yfVMt0sHAEBR8MVJMWWK2olTBP5nMy5_fub23kyucivE9u5esDEEH7RuSR5jpbMpsDZP7GNtKf2rwcMxwOvUHFmpxnQct0MCy7L6dmENQ3Aq9QrPWWzqjjUBZB8y3rq7gEWOTokN0oyCu4oROsI7nCqclWBmAU-8oZFwZDGCAWNvrSr9Gx8N2bw_8CeMaeP6H0dh1t2B0mVPPftxOxIb2uIXMnw8Jb7kWZzevLBHBPc2BZddDZNzu2fpU7JbwfCPebPQr1QNUYr0zTeoK1uV370S0E0RjstphCyjxrZ_iQKB4XFrSQS32TU9lBlGx3rvc5Ih1a9uXp3gvHq4BvLX6ytd7CLshaFaJajVFhPUyfam7KK3SeBpxwZ-wcfWWzmYGFTRslxbTi3iUssvLIudIh_a1O8M_zjUelsRPwFQhhDSEUxF-KgL8oeZxatbd--ozDrwRbTg9lHsi3AqrvfErZy_lX2I78iqEbdWHmi1xnZ7vxIFu5mB3_zOLB1tbbKoa1SncQSVMiNqNmhAuUNLCsVSm7rz8jM7pVnh8q6y1paH25z2BdYPjRw9InialKuu8r46b-Pa19iHe7tbfEwKTnSrljdUZVtTE5ttkoyGKdYHMUDoSH3ngpRGeEGWulKiprCWZ3yfsw8rAOcNOJ4fs9JNV1a1y1vNLGO2pkAKno5-YSvNgWuRrGQfruDHtui0ZtIItiXF9exfx-GidRZLHfo3LpVZ9xHtVmOf_bdk7DzmQJRDAxkMrJ1ioZsm2OL0QicTRNbeVpxrBEHCIhqGDNZEP1CrC9OsFtmvUAxvs5maisR845t1coCMntQ2oPy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hi.dn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
event.png
tpsc-frc.doubleverify.com/ Frame 48E2 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=96bbce09803a44e582889be9345a6d03&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=227&eoid=14&msrjs=3317&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=191&tetms=10&msltms=110&vltms=227&sei=290&vetms=4&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=38&isumms=37&nvr=6&isgmmims=38&isgmv4mims=38&elmtp=1&isbxdms=2338&b0=100&b11=2393&adhgt=280&adwdth=336&norwdth=336&norhgt=280&vsos=5&dvp_vsosnmr=16&lftb=2493&sftb=2493&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=280&cwdth=336&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1062&isuiabvms=1062&isgmpims=153&isgmv4dpims=1062&ispmxpms=1062&iscvmvms=1062&engalms=36&engscrlms=153&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=2&metp=2&meeid=1&ttfurm=3259&cbust=1670725204815505
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.108 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 11 Dec 2022 02:20:04 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
12/10/2022 02:20:04

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/brand.css

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontentvisibilityautostatechange object| lazySizesConfig object| lazySizes object| $jscomp string| sp_preloader string| sp_gotop string| sp_offanimation function| gtag undefined| $ function| jQuery object| jQuery112406063292835757437 function| define object| Joomla function| writeDynaList function| changeDynaList function| radioGetCheckedValue function| getSelectedValue function| listItemTask function| submitbutton function| submitform function| saveorder function| checkAll_button object| google_tag_manager object| dataLayer object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| carousel function| _createClass function| _classCallCheck function| SPPBWOW function| sppbVideoBackgroundResize string| google_user_agent_client_hint object| FB object| gaplugins object| gaGlobal object| gaData undefined| dataEasing undefined| mobileEasing number| height number| width object| __buffer function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
hi.dn.ua/ Name: 04e0a671eda8eb9ef13ae0eb17b76657
Value: s8khbdspnjl57ie86op2s5hhg6
.hi.dn.ua/ Name: _ga
Value: GA1.3.2100420178.1670725200
.hi.dn.ua/ Name: _gid
Value: GA1.3.1991844341.1670725200
.hi.dn.ua/ Name: _gat_gtag_UA_10437307_1
Value: 1
.hi.dn.ua/ Name: __gads
Value: ID=d81dfcafeb6bf7df-229cd06ef1d9001c:T=1670725200:RT=1670725200:S=ALNI_MYfvzEgmkNf6PbX8xq8VYeAMJexhg
.hi.dn.ua/ Name: __gpi
Value: UID=00000b90b4c023f8:T=1670725200:RT=1670725200:S=ALNI_MZp2qnJIO55e6D_dpKZAEzeFYfaSQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmDI7nV0XNzqJmNJJmwAPTHNyw7AG0fYwbEdAOxfv_HWSO5oHVXwh63QeO04YY
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA

4 Console Messages

Source Level URL
Text
network error URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921691;a.a=544401850;cache=2904109249;
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/index.html
Message:
Refused to apply style from 'https://s0.2mdn.net/sadbundle/16841153356619468895/Marriott-Global_Marriott-APD-2022_Display-Tool_300x250_V4Z3FY/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://s0.2mdn.net/json/hotel_names.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
adservice.google.co.uk
adservice.google.com
cdn.doubleverify.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hi.dn.ua
pagead2.googlesyndication.com
partner.googleadservices.com
s.yimg.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
s0.2mdn.net
172.217.18.2
213.254.244.108
2a00:1288:80:807::2
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9b
2a02:26f0:6c00::210:ba11
2a03:2880:f01c:202:face:b00c:0:8c
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
78.109.29.56
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
09a707f84e66375017dd968516b68edca1de5e227b8ef7b8dcad33a1f517c5bd
101d936797348adeff0ecbd1f04458f495ae23c674fa5e3ff707efbe8b2a57b8
125888320d828f42ac010da9ef94ec7172c54d468266502bbcb220299c611778
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
153d6542dae5652359907e7fd4b060afd3e648cc10f0cf1c1f866d0c69f7e3ea
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
173a07d2a0cf6488a4f1f5e52a11d743cda4ef8c817ee5c8ae02f58ff4c50914
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9
1a36b98ad1e34d6cc6e485ce9a3de0a2a4ce4e1d4ce42c8e732371e0ae022b93
1c342ccac622c973b4b047ea70de457a8e79e9477ea916ce1e27957cb58acb29
1c3e1a26bff762e758008d219a90f4f0e46084d268b2f8deab98c2f1d9ffe899
1cf9b1f7172f446f8f461b873e61c7189f02a90b403210215febe76b8627c0b5
1e9caa55ac982451d0d59d00ccdf3eb97004a7bd337ad5c7566f60717ea8243f
200e66ede98736134aa3354b9c361463155adf4bf9540386b5bced13dde45460
20e61b393e246051ebe36f186c4c5a8a0ab4efa227f16ec0c4cf57d60e0388d1
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3321c5f49826a0a8623bfcfb21bd6b2b6ce692f5758d5665fd04ee328e49cf1e
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3ecdab6bddbeea29122bd20ef2557858fdbb74fc627a6d6a176197018c1b3d40
40922aa70b57730608904f5cfefa3b0aaa885e0c872caa310a4961af10c7f0e0
41d2d1df62f88b61869b7c5b83aed486fbd7eb569497f02a3a1b830b90e4319a
428fc11a6adab7e89d3a97a824d85fd2e639a68c2fb8760b3916b6fed0bc9bcc
42931bd149d230ca9ab1e72b1a914543dc108e3098673d339c1c3d32ccf2d776
44539af67ca707df62cf9fcd03acb3bf8c1bb890b6eae85a66aea9be7fc92283
474db728131b60ee8259579ab23ac26a530bd870976b1182f78ff826505c6913
48bb1e43025685415b478082c09115ba3a6dac3018552b29dd01051f05440101
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4e89c38189dd2e61117834de251e624e572e4ceef3e14f43f9341fa65036f709
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
533d1ea23a8f51ea10d6490d3e206786d83c5b4e0175cf44796461199600ae0f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
5882101b42f8516706ecbc0b0b32406691f29d24adb10e1f1c2da35a70a8fa72
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
5d1ad2c431573b94173dd97d42c82274437f2f2bf1313b6e9260db92233e5913
61a58a8bfae475fc43bacda1ccaeabad4a1823206156b10fec51d152b2e252f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a7bded8a179b31d2795703f0fb8c7e7b46a8f427789d1bb11eec24dfddb4da2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbc6961cbee67afce64f67c9c4e3a26e810cb18111b2374d7804f9de0ebbe4e
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
70913036fdbfc1b2a902e535bff651e5b572624db941dfb283b0080506591f00
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
753c318c5cceec424d0edfa5daf8d3faf14cea029dc747fe3ba90a46aa738f20
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
80273fc1aee79a2241ad5a484aa3f6eaa4931bdd242b545f2f40c5d7de8842fc
81b7b2f584dcfe1c72be286287e21f6258f621fed241d139793108e1cdbefc7c
83ebbca18b0c5e20e9f2e0b439356af579e51a5a97580a775e9a0a6fdf9aa638
84b7ec54a1dfa5b048251d5eb487ad46cc6e1eae8d024bfc30f15a242816fddf
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
872fb631ce0ba6479d706175d13bcf396df6a86f3b1f3366fad8aa088f1727f5
96a7522ba9b70604dd8d53ae09a87628aacb1c8b9561135c653666c9aebe6a19
9a2c81932873500bc113572e5b7212e9e473b1e8c0f10499e8092a55937df050
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e211327fdd1b0a3c15a5dd71cd4ca839e0b271dd7b88c19220604aa0f6d596f
9fe911eb0a0cd854966228b81085e5ef35aaffd2f6007089b1f05025de9e0f7b
a0f0704fa49cf78b86a1beec93e28c5e1f6ca1aed094300b696fc3b1f086c626
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59e132b1c2fb6b74efb031c5b158c6d501d769762786683aa2a9c85cb8d3653
ac0f2eb5183545981b76c353befd384f0e5503e57e173b8b505bc6f152f2bf64
ac214d8f80416684b7ebdc138c5f8d1c19f9b0a6282d92f922a0d0cf0b34c28f
aee8c07608f2afc59c654360702b207236006a9adfd0abeb287fe33b362c7293
b3fb7bcddf609e070abce11b5c1181034f77cb86da0ab0bbb9dce0cfa1fdb6a3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b980127387edbc14545c838b85002dfc8c687b766d08483cd8b76269235a1f2e
baa65d81f48c211672e20e98cf0d7add2ee8d6e5484155afa46a02c1a63cf606
bc43e2e09fa056b58509ce3323b02026fc450fc829e442f2549830d915d802c9
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be17907b215c53089d69f2dc8420851d9f327413e8779b5d17489bb419aa7a71
bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c772e182e9be0e99797c3c578744342bea6cd9666b2a03b9356c31704cbb3199
cd8e7e1f5f0c4ba65b80cff3dc4f146dfb57a7dcd4d3a0a18acce70c1e986e5b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2befec74b8d36fa0179323d94b3feacaebfa79ebb3e1347aba5bcd1b02160ac
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d85f41458b18b7047c5d5dfc593e2e49640bc4693bd87145bd8e5d1abb7cd305
dbe49d736b94b4b20db3ca8e188a99c8c61517bdfda0218d3997b548e5e627b1
dc196f8a908960ed2108371fc671938181c14d38b87ef2eb047147d543888cf5
dde9555f2eac4d134a9ffe4549e6820f686a04291a837c379c6d1da091b441ac
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9d06b9ad5f1e00724a0efa904888ac078fd9a69713b838f67b9496fd39d481
dfbdac5ebae892737f66d2de02c770a7b4a6fa1d0d126e6b9938325c46a6f5e9
e0656770f6810974ddb792de15a8325a24cf201e44672a3c447b619ebf114cd7
e21cb2b0c13961ca081bc3879f4afcff347ea5bc665dbd9f6ae8adfa1f3f8de5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e59996338dc517313f704edc72c1f6d67e0c642a926778bb72a662e8f70d84ed
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4
ebba5542fc22a4318f730bfc3263014f058ceea6c9e6044c9e0dce97759620b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f209697e92bcb7e6c6bada284e5e909d4e76a19c738ae315eb72cc5f0483461e