liza.ua Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://liza.ua/
Effective URL:
https://liza.ua/
Submission: On August 15 via api (August 15th 2022, 5:07:17 am UTC) from GB — Scanned from GB

Summary HTTP 136 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 37 IPs in 11 countries across 29 domains to perform 136 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is liza.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 7th 2022. Valid for: a year.

This is the only time liza.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.216.194.18 95.216.194.18	24940 (HETZNER-AS) (HETZNER-AS)
3	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	188.40.114.52 188.40.114.52	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
5	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:303... 2606:4700:3036::ac43:c9e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1 4	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:1a::9	15169 (GOOGLE) (GOOGLE)
3 4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	52.58.218.78 52.58.218.78	16509 (AMAZON-02) (AMAZON-02)
1 1	168.119.168.202 168.119.168.202	24940 (HETZNER-AS) (HETZNER-AS)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
136	37

35 2a06:98c1:3121::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

liza.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.194.18 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.18.194.216.95.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.40.114.52 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.114.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c9e4 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:1a::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edndz.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.218.78 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-218-78.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.168.202 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.202.168.119.168.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	liza.ua 1 redirects liza.ua	282 KB
30	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	392 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	257 KB
8	admixer.net prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 231762 cdn.admixer.net — Cisco Umbrella Rank: 41533 inv-nets.admixer.net — Cisco Umbrella Rank: 2584	118 KB
7	gstatic.com www.gstatic.com csi.gstatic.com	75 KB
6	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16084 tt.onthe.io — Cisco Umbrella Rank: 13078	22 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	11 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	8 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	creativecdn.com 1 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951 creativecdn.com — Cisco Umbrella Rank: 630	847 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	56 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1736 r4---sn-4g5edndz.gvt1.com — Cisco Umbrella Rank: 762599	1 MB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	87 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8117	914 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3659	403 B
2	websitepolicies.io cdn.websitepolicies.io — Cisco Umbrella Rank: 101260	8 KB
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 77882	351 B
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 577	42 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com — Cisco Umbrella Rank: 26374	221 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	94 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4710	538 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	412 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5331	1 KB
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 39791	721 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	48 KB
136	29

	Domain	Requested by
33	liza.ua	1 redirects liza.ua
14	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	pagead2.googlesyndication.com	liza.ua pagead2.googlesyndication.com 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com liza.ua
5	tt.onthe.io	cdn.onthe.io
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	1 redirects cdn.admixer.net googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	inv-nets.admixer.net	cdn.admixer.net
3	www.google-analytics.com	www.googletagmanager.com liza.ua www.google-analytics.com
3	prebid-inv-eu.admixer.net	liza.ua cdn.admixer.net
2	creativecdn.com	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.admixer.net static.criteo.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	www.google.com	20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com
2	adx.adform.net	cdn.admixer.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	cdn.admixer.net	prebid-inv-eu.admixer.net
2	cdn.websitepolicies.io	liza.ua cdn.websitepolicies.io
1	mug.criteo.com
1	m.trafmag.com
1	image8.pubmatic.com
1	bidswitch-eu.splicky.com	1 redirects
1	s0.2mdn.net	20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
1	r4---sn-4g5edndz.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ghb.adtelligent.com	cdn.admixer.net
1	prebid-eu.creativecdn.com	cdn.admixer.net
1	ads.adnuntius.delivery	cdn.admixer.net
1	bidder.criteo.com	cdn.admixer.net
1	www.googletagmanager.com	liza.ua
1	cdn.onthe.io	liza.ua
136	44

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
t.me
naprobu.ua
burda.ua
vaccination.moirebenok.ua
topicrem.moirebenok.ua
happynewyear.liza.ua
diabet.marieclaire.ua
www.tarla.info
www.temyiz.biz
www.temmuz.biz
www.terminoloji.biz
www.tekrar.biz
www.tesekkur.biz
www.tahmini.biz
www.yolculuk.info
tombalak.biz
titrek.biz
www.temsil.biz

Subject Issuer	Validity	Valid
liza.ua Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://liza.ua/
Frame ID: B9C9675E8E2FE7E0CAC6F700C7804F71
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: 6F1B8CBD8771F5950FCBD576DCF39BD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=3025194257&lmt=1660540032&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fliza.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660540031957&bpp=3&bdt=379&idt=317&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5152011530873&frm=20&pv=2&ga_vid=1601988409.1660540032&ga_sid=1660540032&ga_hid=1313797039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767667%2C44760911%2C31068738%2C44770765%2C21066430&oid=2&pvsid=3612715590378833&tmod=1715419948&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
Frame ID: 4ED9F08A2EF188A0D5F32357A80C3DB4
Requests: 1 HTTP requests in this frame

Frame: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0118323D6F37D813478C26825871C984
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1
Frame ID: 07714E313EC22B7E4080AC5B387E319A
Requests: 5 HTTP requests in this frame

Frame: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A52BADB3536DCD514C477A165A77C33
Requests: 15 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019
Frame ID: 71AA6B7886571EDF2277C1710CE07529
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHMbxCLqdvAAhj9ivnOATAB&v=APEucNVAdFmk_p3hrBOD2ytWjKdO3uwk7gB1l6CfCfmOWgKDwzwjFqVYZRMF9kQoHb-N7Y1gClhBuBHeCGQgGBk5GRantLd_OsxcGY2vMAv4B1bRtvvq_ImKF1LqtG7njqViIMqiWQIFlWlAZytGVLUK4iJKPbrcmI8BrR9yRRe-2HPRzGAlrac
Frame ID: E5381027C2DFD6C77D4EADED8AFC1D53
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B3C366148C3275137194745D42ACBED5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js
Frame ID: 26C1AEF9953C72327697DBD46D001FE6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 303477173094D367A63B94D243AC1624
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17CFE2DACF33CDE7041EDA14F2137525
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=liza.ua
Frame ID: 4D411EB74A165719F042E0521F06D67B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Женский журнал Лиза — женский сайт для современной женщины

Page URL History Show full URLs

http://liza.ua/ HTTP 301
https://liza.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

136
Requests

93 %
HTTPS

56 %
IPv6

29
Domains

44
Subdomains

37
IPs

11
Countries

2823 kB
Transfer

4851 kB
Size

37
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Liza.Ukraine/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/liza.ua/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCM8tJ9eiaXXTb_159XF3UkQ

Search URL Search Domain Scan URL

URL: https://t.me/liza_ukraine

Search URL Search Domain Scan URL

URL: https://naprobu.ua/
Title: NAPROBU

Search URL Search Domain Scan URL

URL: https://burda.ua/uk/projects/magazines
Title: ЖУРНАЛЫ

Search URL Search Domain Scan URL

URL: https://vaccination.moirebenok.ua/
Title: Поради та секрети для батьків <img width="135" height="96" src="https://liza.ua/wp-content/uploads/2021/12/600-400-135x96.jpg" class="attachment-project size-project wp-post-image webpexpress-processed" alt="" loading="lazy">які хочуть захистити свою дитину від грипу

Search URL Search Domain Scan URL

URL: https://topicrem.moirebenok.ua/
Title: Особливості догляду за шкірою дитини <img width="135" height="96" src="https://liza.ua/wp-content/uploads/2021/12/nashi-proekty-138-h-98-135x96.png" class="attachment-project size-project wp-post-image webpexpress-processed" alt="" loading="lazy">Питання та відповіді

Search URL Search Domain Scan URL

URL: http://happynewyear.liza.ua/
Title: АДВЕНТ-КАЛЕНДАРЬ <img width="135" height="96" src="https://liza.ua/wp-content/uploads/2021/12/anons-kalendar-1200-h-800-135x96.png" class="attachment-project size-project wp-post-image webpexpress-processed" alt="" loading="lazy">Готовься к Новому году вместе с нами! Заходи каждый день и получай новый контент!

Search URL Search Domain Scan URL

URL: https://diabet.marieclaire.ua/
Title: Діабет не вирок <img width="135" height="96" src="https://liza.ua/wp-content/uploads/2021/11/600-400-135x96.jpg" class="attachment-project size-project wp-post-image webpexpress-processed" alt="" loading="lazy">Знищуємо стереотипи навколо діагнозу, та пропонуємо зазирнути залаштунки життя хворих на діабет.

Search URL Search Domain Scan URL

URL: http://www.tarla.info/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.temyiz.biz/
Title: sikiş

Search URL Search Domain Scan URL

URL: http://www.temmuz.biz/
Title: porno izle

Search URL Search Domain Scan URL

URL: http://www.terminoloji.biz/
Title: porn

Search URL Search Domain Scan URL

URL: http://www.tekrar.biz/
Title: sikiş

Search URL Search Domain Scan URL

URL: http://www.tesekkur.biz/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.tahmini.biz/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.yolculuk.info/
Title: türk porno

Search URL Search Domain Scan URL

URL: http://tombalak.biz/
Title: porno izle

Search URL Search Domain Scan URL

URL: http://titrek.biz/
Title: erotik hikaye

Search URL Search Domain Scan URL

URL: http://www.temsil.biz/
Title: porn

Search URL Search Domain Scan URL

URL: https://burda.ua/
Title: Burda Ukraine

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://liza.ua/ HTTP 301
https://liza.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3kobW7AEQiQQYiQQyCGLLwVDOJoVr HTTP 301
https://tpc.googlesyndication.com/simgad/12654640335103831053

Request Chain 102

https://redirector.gvt1.com/videoplayback?id=8b7ba866f7cd387c&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1660547232&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=2C34B41CFCFF3A0D1482B6456C55549992F2936C.49815EBF2DD59795497D1F33C1EE79DF052A14FD&key=ck2 HTTP 302
https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=8b7ba866f7cd387c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660547232&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=3C1064EB86DA6F6532E0BB45E66DF2D98EF971B5.7C2E43F2C298A6041CAC8D1B599E61B1C4716E4C&key=cms1&cms_redirect=yes&mh=jU&mip=2a01:4a0:2c::11&mm=28&mn=sn-4g5edndz&ms=nvh&mt=1660539536&mv=u&mvi=4&pl=29

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvnUge1KHj6J1YxTM9ZxEQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELmO6vTVRM8uUyXuh0gzmas&google_cver=1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5NDgxNzM5NDAzNDEzNQ%3D%3D

Request Chain 139

https://x.bidswitch.net/sync?ssp=admixer&user_id=20aeb90c7055494db445c974feae9fd2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=20aeb90c7055494db445c974feae9fd2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=fd380b40-9402-454a-a4ab-6d7720463eb8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=fd380b40-9402-454a-a4ab-6d7720463eb8 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=fd380b40-9402-454a-a4ab-6d7720463eb8&gdpr=&consent=&gdpr_pd=

Request Chain 141

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 144

https://gum.criteo.com/sid/json?origin=publishertag&domain=liza.ua&sn=ChromeSyncframe&so=0&topUrl=liza.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aBmwVHxrWWNEVmVWa1FYNmc1a2NTV1FWNEZTcFVSbDI4WE1DZ012UTBuTHBBL1diOHdGUU9FK29zWnBsT0JKSnpOOVZObTgvbjJoQ1pFN1FjMG93eEpnWjdkOWFFV0dUcFJKcEdYOFJnbWUzSExjMFR1VXVGaGwzTlFBOUNhcTd3QzYrTHV4NEVlanh1MHJFMzE0cStNa2owbzRaczhZV1dFSXNCbVlrMmxhVkdxempZODVyRERheFUyd1pYSFJ0VFlkTkVQSTkvQnhSdGNzZ1IrM1lBRXBERzdBUlZlL1RXR1BieEJDOUhLNkpqOUpRcTRjaU5UZTBEcHM5QkQzUDk1em5BSm5tTkVnTXdwcEh6VEFib2dqYkpidz09fA&cppv=2

136 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
liza.ua/
Redirect Chain

http://liza.ua/
https://liza.ua/

106 KB
16 KB

348ms
253ms

Document
text/html

2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c43e4e46dd36135dfb3d0cfe94b7b77c6c3dbfb4f50217cfaacf2adb84f0e4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73af67bbe9f276a4-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 05:07:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
li-fastcgi-cache: HIT
link: <https://liza.ua/wp-json/>; rel="https://api.w.org/" <https://liza.ua/wp-json/wp/v2/pages/271774>; rel="alternate"; type="application/json" <https://liza.ua/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB8GNlXhLvggqxLBtcIVxiVhvqg2rVkDtA01gGxo7B1lGwnJNQesdsKmNjA5QzgsyTAvYSXcs%2FtojUdsKOkVNsT4lSLSP4cPhpyhk83f2kajJfO2%2BZDHDIUx8BaGfDvQSs5f38gn"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 73af67ba7fac7531-LHR
Connection: keep-alive
Content-Length: 185
Content-Type: text/html
Date: Mon, 15 Aug 2022 05:07:11 GMT
Location: https://liza.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXZEAoyatt6pT4dGUZzGEdQYZrZd8HQ4ky8WvgzVv42l8PPxS7k7NZfMwZ8C70ratGXcnImbhOgzBAlP1HKSYv3e5gQdfxLmjxQv1hDwhdqp1L33owIYbKju97nl7NvHh0xEzOo1"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK w4DCFjlsD5Lg Show response
cdn.onthe.io/io.js/ 64 KB
20 KB 328ms
157ms Script
text/javascript 95.216.194.18
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/w4DCFjlsD5Lg
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.194.18 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.18.194.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 7475da55a6ebbe0dd9d04c915b8dbbf2acd763551277135f8794e43bf740ceca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 05:07:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:22:54 GMT
Server: nginx
ETag: W/"60e6fc2e-fe03"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Tue, 16 Aug 2022 05:07:11 GMT

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 9 KB
10 KB 217ms
57ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=9d226841-99b0-4500-b6c6-2476f3ba14a0
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: e97f2776ffabb5f570807833d06867f6924d51c3b66c592adc1adb722c395414

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 05:07:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 lazysizes.min.js Show response
liza.ua/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
4 KB 55ms
53ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5706454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 01 Oct 2021 09:08:04 GMT
server: cloudflare
etag: W/"6156cff4-2655"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhUSsab0iEKF99kBp%2BEJ%2BZ2jL8yaikb1XPgOiinXPVLhhnIhR0TqwjhtmHhVGhhkIZxXxeiqxPR92j9s7Omrkbd3fgJSZMcgiZT3GE0CGVfpw%2FsPRPaK2Vtmvma1w0kbteCL4xUS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73af67bdab4f76a4-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookieconsent.min.js Show response
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 11 KB
6 KB 160ms
51ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Requested by

Host: liza.ua
URL: https://liza.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding: br
vary: Accept-Encoding
age: 1476556
cdn-pullzone: 403741
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
cdn-proxyver: 1.02
etag: W/"60b50a6f-2bec"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode: GB
expires: Wed, 27 Jul 2022 17:26:30 GMT
date: Mon, 15 Aug 2022 05:07:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 886
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 17:09:15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 16:10:23 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUagDZKiBcIP13hur3HmXHr8C0hDe5V73E3c6i%2F%2FtvSEFWcsizbPc5lDYBEWkgdS4sqv0LDImqKB5kD48DQl94ohGH5Sz0kVlV%2FOLds%2BaVW9QQi1OHXgZgm9%2B2WWXDODQIWcFZxIlnyD"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 4e00b711d410d5e0eadb285112ec2a98
cf-ray: 73af67be4dc28883-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
57 KB 210ms
81ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Requested by

Host: liza.ua
URL: https://liza.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0f0b7f49feb3e70df7281daab8a35cc6945d00dcadb1253621f7743f627939a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57471
x-xss-protection: 0
server: cafe
etag: 2290200871118209557
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 05:07:11 GMT

GET
H2 200 autoptimize_c0428d1cad2e774edc1c4a8667c023ee.js Show response
liza.ua/wp-content/cache/autoptimize/js/ 8 KB
3 KB 51ms
50ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/cache/autoptimize/js/autoptimize_c0428d1cad2e774edc1c4a8667c023ee.js
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14cd082c483d44d922c130eb384a16ce1f7fad82fee12df160a4156a720c18c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Aug 2022 04:47:56 GMT
server: cloudflare
etag: W/"62f9cffc-1f2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpOagNL%2BYupzExLevZOq2hDpktnR%2Fw0M6ZWzDEV%2BSfZzH9NVrXlzDbg87GPl%2FzN%2BuqG0XvqbRuhdf%2BtTvpPbasU1ttH79EC0fbwO6gasCgUL5HoSjIzQjDVePnsQk3P%2FOqMIB0OD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73af67bdab5076a4-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtranslate-style24.css
liza.ua/wp-content/plugins/gtranslate/ 693 B
584 B 52ms
50ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/plugins/gtranslate/gtranslate-style24.css
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19151883
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 13:27:57 GMT
server: cloudflare
etag: W/"619e3ddd-2b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FMqtpV2f01C59h27FEPWbW11Hr2R5kVhyAWEGT4QG5GkcI0egzcQEUql6Nu6uaVXvjkYl7isJr%2BsOSHs197e6pe0XsD8vjSM00Qe%2B3URVRbOlZEMFBXSoz4qSRSXJdqlRbhgOe9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73af67bdab5176a4-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 critical.css
liza.ua/wp-content/themes/liza/css/ 28 KB
6 KB 54ms
53ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/critical.css
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7c74d46cfcbd5caad31ed8797d356859ec63752016377b5c255e554ddae6e39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Aug 2022 04:40:53 GMT
server: cloudflare
etag: W/"62f9ce55-7124"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tru4yGM%2FTVkigwzg%2BgQbajJk9WllnxcyCIpIFYwYN44kv5yN5B0A1hvyPk8vLAgf3dzhzo83Aj8N11%2BRnszxokOsa%2FCuYJiLrhgKHlT2omPk78nqbE%2Bw%2BoSxC5cNVFCTa6f2iutM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73af67bdab5276a4-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.css
liza.ua/wp-content/themes/liza/css/ 7 KB
2 KB 52ms
51ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/main.min.css?30&ver=1
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683118570f09249ac2e586ddeb49b9b4eb88ab82af972a7f1cd4c57346460460

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 385897
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Apr 2022 12:08:08 GMT
server: cloudflare
etag: W/"625ff7a8-1dee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWUt75B%2B2IUpbQwrVPhkSE3CsDXPvT7bZ4bOj%2FXjb%2BmPXdZwM7vsef2BPzZtnZU0CeaW4kKPz%2F5HHMnuH%2FZ0bJnu9T5fUQ1vtkUfc%2Fn4RkKfdWXiIJe%2F%2FLqUYgQFsqr%2BH8JoXsO8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 73af67bdab5476a4-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
48 KB 179ms
62ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5K8VL

Requested by

Host: liza.ua
URL: https://liza.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

694ba62dae49e2b24665b917a711e727a72b3445aec201d6959839538c23b13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48618
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 05:07:11 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 180ea5f164f121543aae24b07a428ec35ddbc4248163f8045d763bf2f0608931

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b969dc1093725598bc03b53fcc09a7ea413980f2731b8910ed0201f6611ca1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2ab73600d7f99088cde8cbeacd3440c4495ecfed6202831aa61633f463ff7e3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57452f5671046a2b2ab27b1f0f37de03760fb2d5d1569ae2e462f90fcf00551d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 engin-akyurt-uum_yv16ofs-unsplash-640x400.jpg
liza.ua/wp-content/uploads/2022/08/ 21 KB
21 KB 251ms
250ms Image
image/jpeg 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/uploads/2022/08/engin-akyurt-uum_yv16ofs-unsplash-640x400.jpg
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f3ccd2fb06c99b2ee3b1a96d916d348887153f9390af01edd84d93eb5e86f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21261
last-modified: Fri, 12 Aug 2022 11:22:52 GMT
server: cloudflare
etag: "62f6380c-530d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9XCNoR4K6X569bDBD8iqsRc4UZJueMRBegaU66hOtG%2BW7zQllYniXnkDpIj1DWpRvbbPSMM4Yr%2FLdvVNYM%2Bxdz5lpKODFuF%2B8PdiqNprNhRp6JnQtZhtmsiAjovUnVGPVWZxs%2B4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 73af67bdcb7476a4-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 837 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8784c29e4e6e831efe8f94858c09d270429b4b424409073011539d0e2abebb4e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c5b0b139e4a81fd8ffa7bb8890a4cb849722da1fea028b5e6ca4a25ed01d4d1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ef9032131f7a47dc913517d02a62c354a15643b7456331a047416db84dc25c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 597 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66c7519be28ebebc5d650d586169105615b96fc6d4e105688ad309e55fd7467

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 liza-logotype.svg
liza.ua/wp-content/themes/liza/images/ 2 KB
1 KB 54ms
53ms Image
image/svg+xml 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/themes/liza/images/liza-logotype.svg
Requested by: Host: liza.ua
URL: https://liza.ua/wp-content/themes/liza/css/critical.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdae3f09c7f7037d038f1afb1dfa0fb6a354ce6ab48f786980b33d5c0d8412ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/wp-content/themes/liza/css/critical.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2022 06:11:36 GMT
server: cloudflare
age: 5819
etag: W/"625fa418-795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUhzEBmXeh8synaptxyKhvEkmdY0cWe%2F3F5WHXYnHjOlPtzp2rh0DbdfjNlzdRe0MYw9oIIT5popwdsRetsdknOqCgxjeK%2FveXcXtnUiuXUmJjQSY3qYQjxhEFdtQNKUxFj6vvCI"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73af67be1d824083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 344 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70b79e5a81d147e88cf332ac8b8430fb1a55c000050d39207ad23c7ac3b2b713

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ 276 KB
102 KB 297ms
67ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adnuntiusBidAdapter,adtelligentBidAdapter,criteoBidAdapter,currency,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=570143519-
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=9d226841-99b0-4500-b6c6-2476f3ba14a0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 434f4988526417625b24ac88b943d9d7ebbf3337ee9803070b46f7a680d149dd

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 09:54:25 GMT
server: nginx
etag: W/"62d67f51-44e23"
vary: Accept-Encoding
x-cached-since: 2022-07-26T14:25:33+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Thu, 27 Jul 2023 14:25:33 GMT

GET
H2 200 load-gpt.js Show response
cdn.admixer.net/scripts/ 561 B
602 B 290ms
61ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts/load-gpt.js
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=9d226841-99b0-4500-b6c6-2476f3ba14a0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 12:25:34 GMT
server: nginx
etag: W/"61e5603e-231"
vary: Accept-Encoding
x-cached-since: 2022-07-06T13:25:36+00:00
content-type: application/javascript
access-control-expose-headers: content-range
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Fri, 07 Jul 2023 13:25:36 GMT

GET
H3 200 roboto-regular-webfont.woff2
liza.ua/wp-content/themes/liza/css/fonts/ 19 KB
19 KB 54ms
54ms Font
application/octet-stream 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/fonts/roboto-regular-webfont.woff2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d804f3d5f06692d9a5771ef28e41f06c1741d18a5f84cc0d9d4d8e3b201f0d

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4608
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19320
last-modified: Thu, 07 Apr 2022 09:16:56 GMT
server: cloudflare
etag: "624eac08-4b78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsAP%2FL1jHJVAM8eQ%2F6mD6IFtgsK24v20Ar5jkW1B6%2FB4xaWSm8VXj5z%2BLiZoV3KkdtISYdfh8xrWMiFbW8PwsQkS2OavASMfS5t%2BC9bQg%2FlcgIRnEo%2FjH5yhn6s24US6j2Ho3os9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73af67befe3e4083-LHR

GET
H3 200 Do-chogo-snyatsya-groshi-135x96.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2019/04/ 6 KB
6 KB 231ms
228ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2019/04/Do-chogo-snyatsya-groshi-135x96.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25179821050612d6fcbdd008fd9e23828f9c390729f1f5c21933a69639125a9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Jun 2021 08:45:32 GMT
server: cloudflare
etag: "60d2f4ac-16dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cLwNf7bx7W29wh6yC66HrqAbDOmhyJGYi42xcQmO8i0AEHXeZjRkkkVCRG4u%2BBe0DaNXHhVHYOHWe1zJgwndlYJYdgn6p35oD62IDo3N%2F9h3t%2FJW5NtEC8l2ecgLH0UBLYrdT0Z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e634083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5852

GET
H3 200 pille-r-priske-xmuigjuqg0m-unsplash-135x96.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/ 2 KB
3 KB 233ms
230ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/pille-r-priske-xmuigjuqg0m-unsplash-135x96.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c6d6bb59f19af8f640677213d2ceab91f1500de0c13302377cd29c4fcae86b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Aug 2022 09:20:13 GMT
server: cloudflare
etag: "62f4c9cd-972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFuecMce2rVTNHKseTiPgye1MJj2DLbSBISBc3XskguD4S5KCyZxL%2BwDFkRl9jL2Is8jNqfdhd%2FhS5Le9BsRDyfp5dE8SNEuDGThGhEV%2FD%2BQnfBhMaWn7ncsB4Q5sVzYbfhsfqdO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e654083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2418

GET
H3 200 logan-jeffrey-cjarbdnrdfs-unsplash-170x112.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/07/ 4 KB
5 KB 231ms
228ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/07/logan-jeffrey-cjarbdnrdfs-unsplash-170x112.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9c560385bfa168850ec8c4f34af09d9476080a588668a6c8ab87d62fe9667dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Jul 2022 11:51:43 GMT
server: cloudflare
etag: "62bedfcf-1078"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ni7zDWdf1UgTPF1HbhrCejbK99VZJhvZZPtf62z5dkDTZer%2BM2xTN%2FLwnz8bbf3oVU4A1HYRw03xY5XZPF6CMSyZLb9rVe6K1IRuRQxf%2F8qWz8lFOKsYYkyYRQeXiUOlBGuokAv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e664083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216

GET
H3 200 daniele-franchi-z6pxiohevce-unsplash-170x112.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/ 834 B
1 KB 233ms
231ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/03/daniele-franchi-z6pxiohevce-unsplash-170x112.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1101c8541a9a5e28efe3f94d9f54cb131bc5d4c071089c4dd8fc407a5027d164

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Sun, 27 Mar 2022 12:31:26 GMT
server: cloudflare
etag: "6240591e-342"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbDdJlF9WA%2F3E5Fl%2FtWofcaqaVcw8%2BDK8Q7N0nJ7kqlu5yKW240guoM3LVVoiFmR1OEFiyshOu4EnMPISsdkedhVMwzqUsOSMBvNoHbDPKHMFqs2Ar6%2FOjeNKV6N%2FvoWYVova2V5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e684083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 834

GET
H3 200 bud-eko-170x112.png.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/11/ 7 KB
7 KB 238ms
236ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/11/bud-eko-170x112.png.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c542c96d147161d150e19744b304ff91e7a4de6a367b25758648a82dc750bba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jan 2022 14:21:15 GMT
server: cloudflare
etag: "61eac15b-1aa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkBecLOrX2QUoiw0G6wf5BmRGoeynK1%2F9k6vM6JfqJZ0JWXdDz7bCQsvcddxnyiQMebCsgTaQKtaWdZCxrjc%2BLJ3cmu6QunE0Tz86pb5WgCQrCzBvZ2yK9MgQQdIvKiKqV%2B4Hh6r"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e694083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6822

GET
H3 200 engin-akyurt-uum_yv16ofs-unsplash-320x210.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/ 3 KB
3 KB 231ms
229ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/engin-akyurt-uum_yv16ofs-unsplash-320x210.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c5534dcedc1d5c021a111ec449dec202cb5959dc5018df884bddfb665080cee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Fri, 12 Aug 2022 11:22:52 GMT
server: cloudflare
etag: "62f6380c-a46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEx6p4LCbFzTTxsU%2FQPzW%2FiFWLwDxSXBKoxEcEp7DtO96sZi8hHO2isj%2FDslXbYuCpe%2BnNqSoxE8tOr6xgQpeq%2B3oPSg67d0FMERibGr5mt1UqgLJRdplfDXXOzfFl2ZsCiiakFy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e6a4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2630

GET
H3 200 pille-r-priske-xmuigjuqg0m-unsplash-320x210.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/ 6 KB
7 KB 243ms
241ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/pille-r-priske-xmuigjuqg0m-unsplash-320x210.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a537ab8f3ab7993fd1ad979953885703c755fd8ab105cfeddeec65361a6b927

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Aug 2022 09:20:13 GMT
server: cloudflare
etag: "62f4c9cd-19e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvnsBASbiTxnYs2y0kRBJPv1ZJjeArvJSjU8w0%2Br42zJdkR%2Fh%2BFDA%2F1oflS0aesBtuaicE83D2SNiuEdw9Flzg5dz1pA941cRpoV4aym14wyojnVAUazq5MtsFyY5rNPJu%2BN4Fgf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e6b4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6628

GET
H3 200 600-400-135x96.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/12/ 2 KB
2 KB 233ms
231ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/12/600-400-135x96.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea621ae34c08e13f723b65054e625d590e535880485cab60a1511cf1fadc714

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Fri, 24 Dec 2021 10:34:22 GMT
server: cloudflare
etag: "61c5a22e-7b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYhomiPpj3gse1xXkv2q8xRhtqUJQynKB5AiieWTVYYB76R7CYC8L9GFph658944%2FjK%2FmwtDtm2rmRLILZqjCDR8klW5ZNzeFjGOjGor5VVwjazRAHvxaNrpC6Pi3qVP2kRByRwe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e6c4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1968

GET
H3 200 nashi-proekty-138-h-98-135x96.png.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/12/ 3 KB
3 KB 234ms
232ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/12/nashi-proekty-138-h-98-135x96.png.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4fe92f518caa28f213518b4a62a9b721a22850e0161729bb01fb3b0b507eac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 06 Dec 2021 12:22:06 GMT
server: cloudflare
etag: "61ae006e-aee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bic9XcxEfU85Zh0Z4debr5%2FdWT9KT%2FqW0wLNUnfmeVZGdy0yurpuj4jgPmy8Elksciwc%2BzgdPei%2BEe00Mw8Dsyf%2B2nSxT7QwUoAizizoOMULRkS2tq1aMBvum9%2BXXLIdVS3Ue9gG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e6e4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2798

GET
H3 200 anons-kalendar-1200-h-800-135x96.png.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/12/ 2 KB
3 KB 234ms
233ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/12/anons-kalendar-1200-h-800-135x96.png.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03f841d0ec0a6c43040ff607880051623716dfc3f382f33ba573608080cc8a4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Dec 2021 13:21:44 GMT
server: cloudflare
etag: "61a776e8-7fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3oA59JlQ7ahCoP3ZB9pnYiSiFAf1TgO2O%2BgDzcUuEG9j1tRZx%2FSYPqtwP2o1uM0vWZakzRHI%2Fo%2Be9RDMrwfVb6%2BZIpETO2M9KosrqNmG1ygjr673FihpuaI0MFw3Q2RqiSsa4P1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e6f4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2042

GET
H3 200 600-400-135x96.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/11/ 2 KB
3 KB 239ms
239ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/11/600-400-135x96.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c52d36bfe978da9595258abc82d96a24447a181d785ae46a08afabbc37d071

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Nov 2021 09:17:11 GMT
server: cloudflare
etag: "618e3117-7e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsFNdYJm9ajj9emu4tOGGsvlRzzjF5Y4Q8oyr8deXBkPfS9iSW6F5BZw9vL9deibslTqvPvF%2BMKqcKaE1b%2B3EF007o3j8NSo%2FPOkBkHcwJEsBiEooI0w3NF1AsDDLgGRISl9%2BK9%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e724083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2024

GET
H3 200 young-sexy-woman-black-lingerie-posing-bed_273443-2453-135x96.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2018/07/ 2 KB
2 KB 231ms
231ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2018/07/young-sexy-woman-black-lingerie-posing-bed_273443-2453-135x96.jpg.webp
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f7714f823505d271c15875ea58f007b7ca00e30d94b0801e5b9847a9dc10f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: MISS
last-modified: Sat, 19 Jun 2021 09:10:44 GMT
server: cloudflare
etag: "60cdb494-790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2wLbBn6%2F6G%2FBQq0rGpXWRh4li%2FRy2SNIzlefd%2FvKrz8LRNeZEW3zBoMdD49IOy5t4nWRbz9XR7TkpoI2ewlAKdY%2FbMfJ%2BErZikP9V53U8%2BPucCX1J8LN7p7HudGjFHlBqGCta0i"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67bf2e734083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1936

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 181ms
53ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5K8VL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 312
date: Mon, 15 Aug 2022 05:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 07:02:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 208ms
58ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12614:uniques_instantly[url:%2F,domain:liza.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%9B%D0%B8%D0%B7%D0%B0%20%E2%80%94%20%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%B6%D0%B5%D0%BD%D1%89%D0%B8%D0%BD%D1%8B,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:076d6fb20.f0a68ea96_1660540031923,session_id:973f1ac1e.237ad889c_1660540031924,cdn_version:24]&s=a4d62c0cb0dd75b828e1b11f1f678c34&1660540031928
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/w4DCFjlsD5Lg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:12 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 209ms
60ms Script
text/html 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=15&holding=a6a85e8b8a3a49782382de2f9949a9f0&hash_user=076d6fb20.f0a68ea96_1660540031923&1660540031929
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/w4DCFjlsD5Lg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:12 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 206ms
59ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12614:visits_instantly[url:%2F,domain:liza.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%9B%D0%B8%D0%B7%D0%B0%20%E2%80%94%20%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%B6%D0%B5%D0%BD%D1%89%D0%B8%D0%BD%D1%8B,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:076d6fb20.f0a68ea96_1660540031923,session_id:973f1ac1e.237ad889c_1660540031924,cdn_version:24]&s=a4d62c0cb0dd75b828e1b11f1f678c34&__io=076d6fb20.f0a68ea96_1660540031923&1660540031931
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/w4DCFjlsD5Lg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:12 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 204ms
59ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12614:pageviews[url:%2F,domain:liza.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%9B%D0%B8%D0%B7%D0%B0%20%E2%80%94%20%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%B6%D0%B5%D0%BD%D1%89%D0%B8%D0%BD%D1%8B,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:076d6fb20.f0a68ea96_1660540031923,session_id:973f1ac1e.237ad889c_1660540031924,cdn_version:24]&s=a4d62c0cb0dd75b828e1b11f1f678c34&1660540031933
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/w4DCFjlsD5Lg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:12 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 4 KB
2 KB 106ms
54ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.css

Requested by

Host: cdn.websitepolicies.io
URL: https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding: br
vary: Accept-Encoding
age: 1476543
cdn-pullzone: 403741
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy: no-referrer-when-downgrade
cdn-proxyver: 1.02
etag: W/"60a7e46d-ffa"
x-frame-options: SAMEORIGIN
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode: GB
expires: Wed, 27 Jul 2022 17:17:13 GMT
date: Mon, 15 Aug 2022 05:07:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 901
access-control-allow-origin: *
cdn-cachedat: 06/27/2022 17:10:29
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 May 2021 16:48:45 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1hXNx7jXSD52DABtnO2j15ScB%2FDXFpMv8qm6Nz6hs1TD91NYPQe%2B8WUruP1ZhqPhb9nWmCsUqNg3aSLLjhX3FQqvDz7dYyO9ckjZyfQ3aqJZ527HkMbrs9RfTtqSDkUPitmRmnwiq7D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 1c621f343aac655655c89146742a2fe6
cf-ray: 73af67c019b9f3ff-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 roboto-mediumitalic-webfont.woff2
liza.ua/wp-content/themes/liza/css/fonts/ 23 KB
24 KB 54ms
54ms Font
application/octet-stream 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/fonts/roboto-mediumitalic-webfont.woff2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daeae91a41b038dd9873a5b2aabe447b5d140e73df7473c8c2860184f5743942

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23996
last-modified: Thu, 07 Apr 2022 09:16:56 GMT
server: cloudflare
etag: "624eac08-5dbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bF9YsBkvObR3PfivhXiQLF%2B05AX9WG7Ixg1opBjs1xkT1C24N1RFnB%2Fv6WN631QV3BOiyIN4Vf%2BIy4UHGVMlGkaNdXWQShFSceaqbOqwBiAH05NK8mWSPgsXeOxOTTHA7pnSCZ8P"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73af67bfdeef4083-LHR

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
120 KB 191ms
82ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=liza.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32b5de8292ae103abbee25b0067fe44f62cd019d000a8f627a1bd4c28dd0f769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122753
x-xss-protection: 0
server: cafe
etag: 13457618475822436668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 05:07:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame 6F1B 10 KB
5 KB 180ms
53ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 82404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 06:13:48 GMT
etag: 8616628553774171045
expires: Sun, 28 Aug 2022 06:13:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 roboto-medium-webfont.woff2
liza.ua/wp-content/themes/liza/css/fonts/ 19 KB
20 KB 50ms
50ms Font
application/octet-stream 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/fonts/roboto-medium-webfont.woff2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40c965830f59160ade02c20682723c33623c8fac73da9fea5a0eb7af404f10c

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4608
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19468
last-modified: Thu, 07 Apr 2022 09:16:56 GMT
server: cloudflare
etag: "624eac08-4c0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htkDsvzmKCpuDdwNz4jfpe4%2B5rF7xda%2FND%2BcOL%2BINusTzE4TJ%2FsggBmzGFLemohKkfhamLRW%2FahC1cVfOhqHC%2FbuAm3MPKi3sXpAY1%2FJMwDGtgCEpk5z7KRUy3Kl5MK79TpbXaLN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73af67c08fef4083-LHR

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 180ms
55ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59638469-1&cid=1601988409.1660540032&jid=1986328056&gjid=1041600780&_gid=1187908372.1660540032&_u=YGBAgAABAAAAAE~&z=1169291291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Aug 2022 05:07:12 GMT
content-type: text/plain
access-control-allow-origin: https://liza.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 162ms
53ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1313797039&t=pageview&_s=1&dl=https%3A%2F%2Fliza.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%9B%D0%B8%D0%B7%D0%B0%20%E2%80%94%20%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%B6%D0%B5%D0%BD%D1%89%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1986328056&gjid=1041600780&cid=1601988409.1660540032&tid=UA-59638469-1&_gid=1187908372.1660540032&gtm=2wg880N5K8VL&z=862272298

Requested by

Host: liza.ua
URL: https://liza.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 10:52:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65676
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 190ms
63ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

sffe /

Resource Hash

bad9221cd6c3bab6a01d8a1b2d491633ade1d43fe41a0b3a33d5ce5524996fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28772
x-xss-protection: 0
server: sffe
etag: "1304 / 278 of 1000 / last-modified: 1660341915"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Aug 2022 05:07:12 GMT

GET
H3 200 roboto-lightitalic-webfont.woff2
liza.ua/wp-content/themes/liza/css/fonts/ 24 KB
24 KB 49ms
49ms Font
application/octet-stream 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/fonts/roboto-lightitalic-webfont.woff2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2cd5a8072aaf75336794ef5451000fd6f8da9b1dca1010ccca3cbb14d1511b0

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24240
last-modified: Thu, 07 Apr 2022 09:16:56 GMT
server: cloudflare
etag: "624eac08-5eb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ic%2BAzkXOqv6lZyYTziBF8cjutjffr6i8sguYiIshtMdG1D%2BcSg9FW5asT2e7hAqD7xG0q7COQsSHNuVQ5lRACeZjh92OskoVkr0Ey78WwKwuXtV2o8txp6AKBDFTdt8HArOpcUe0"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73af67c0f86c4083-LHR

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 58ms
58ms XHR
text/javascript 188.40.114.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12552:uniques_holding&s=a4d62c0cb0dd75b828e1b11f1f678c34&__io=076d6fb20.f0a68ea96_1660540031923&1660540032186
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/w4DCFjlsD5Lg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.52.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:12 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 roboto-light-webfont.woff2
liza.ua/wp-content/themes/liza/css/fonts/ 19 KB
19 KB 56ms
56ms Font
application/octet-stream 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/fonts/roboto-light-webfont.woff2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07dc095a4f2662b8ac45b0bccd1478bc5ea5878b985e598aaa92bb91d4a5637a

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19056
last-modified: Thu, 07 Apr 2022 09:16:56 GMT
server: cloudflare
etag: "624eac08-4a70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PI6uuodfOejoP3lk4sUb6eITsZ43%2BhmBZecv85UrgXu5VgkfBH4ihmjD%2FbQjjHAMsVBz6tSkXIfmdeHQTJZ0Rgz%2Bg8d%2BTlEWLhjmqK%2Bw7IOZDKluFdgDabzIImzo6cEkkNYpLQ9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73af67c168d84083-LHR

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 240ms
70ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://liza.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://liza.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Mon, 15 Aug 2022 05:07:12 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
209 B 355ms
57ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.2.0&cb=92068530064

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adnuntiusBidAdapter,adtelligentBidAdapter,criteoBidAdapter,currency,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=570143519-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 05:07:09 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://liza.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 400 i Show response
ads.adnuntius.delivery/ 45 B
721 B 243ms
137ms XHR
text/html 2606:4700:3036::ac43:c9e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adnuntiusBidAdapter,adtelligentBidAdapter,criteoBidAdapter,currency,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=570143519-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a3134711dd68e8e191c469b7d865ac956daa818266dc5d9a45ed84bd956933

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGiL1ta%2BSooiMEqK5gbRc9qqzKbeVOXRA2flz9IqO6cQgNn%2FSZoU1gZBzm9s%2BYVPaFMwIZZUUIv93SEYFX%2F1YoMWXqmv1yaaVKdLxktiQ3%2FbwClNYRW2tI81ttAt1z7NYuuY8B5kS45HfSvgfpBm4IYSF0hf"}],"group":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: bb2edf82b4a8c0ec6d9d4b40156a7bc2
access-control-allow-origin: https://liza.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: must-revalidate,no-cache,no-store
access-control-allow-credentials: true
x-adn-backend-server-id: h430c951
cf-ray: 73af67c23ed871ba-LHR
content-type: text/html;charset=iso-8859-1

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
403 B 250ms
109ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://liza.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 4 KB
4 KB 208ms
69ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

8fcccc8681b308f9e33473f6cc51bf580465edcfb53a72bc8991f6e585a0d009

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 05:07:12 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://liza.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 3729
X-Xss-Protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 188ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adnuntiusBidAdapter,adtelligentBidAdapter,criteoBidAdapter,currency,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=570143519-
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://liza.ua
date: Mon, 15 Aug 2022 05:07:12 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 212ms
63ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adnuntiusBidAdapter,adtelligentBidAdapter,criteoBidAdapter,currency,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,rtbhouseBidAdapter,schain&dev=true&rnd=268435462&hash=570143519-
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8f6c244eb9cd4e493dec518980f20c7a48e35a475080faf97c0c8aaee2eaae5b

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 05:07:11 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://liza.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 750

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 16 KB
8 KB 272ms
125ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d3ab77811dbf2c57cdc271430b225745c0722ab1fd60637b42d4a2174b70621b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 05:07:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2e0ae092-b077-4743-ae5d-bd2983718bb4
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://liza.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 roboto-italic-webfont.woff2
liza.ua/wp-content/themes/liza/css/fonts/ 23 KB
24 KB 50ms
49ms Font
application/octet-stream 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/fonts/roboto-italic-webfont.woff2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10fb9227e16c6b006b3a2e9279200b060d3ab15e864f0a88bf047cd80c341d03

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4606
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23580
last-modified: Thu, 07 Apr 2022 09:16:56 GMT
server: cloudflare
etag: "624eac08-5c1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3a%2FiFrGRRq4lvdQjXHFS2fcxd4WgAqRR7z%2BWpqnHsc%2BzEvGJ42VQ24LUA8HrBDOsiy0EF0GTMVv0tXoQxZMWXQ6EHO64cnmDgWGO%2F3Yynsycu4qzLelgPYusMoJxGO7Fik9Of5ie"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73af67c1d9494083-LHR

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
412 B 76ms
63ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=liza.ua&callback=_gfp_s_&client=ca-pub-7141688687918598

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=liza.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3829e5b6d7ea5d7537fdcdfab6d97fd224c8ba559162e07828240cdb248507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 242ms
62ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=liza.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 178ms
62ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=liza.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4ED9 186 KB
47 KB 556ms
447ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=3025194257&lmt=1660540032&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fliza.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660540031957&bpp=3&bdt=379&idt=317&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5152011530873&frm=20&pv=2&ga_vid=1601988409.1660540032&ga_sid=1660540032&ga_hid=1313797039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44767667%2C44760911%2C31068738%2C44770765%2C21066430&oid=2&pvsid=3612715590378833&tmod=1715419948&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f47756bae43eafd71349da52885b6df541e410d699ffba0d9df25219bb5157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48378
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 05:07:12 GMT
expires: Mon, 15 Aug 2022 05:07:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 roboto-bolditalic-webfont.woff2
liza.ua/wp-content/themes/liza/css/fonts/ 23 KB
24 KB 49ms
48ms Font
application/octet-stream 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://liza.ua/wp-content/themes/liza/css/fonts/roboto-bolditalic-webfont.woff2
Requested by: Host: liza.ua
URL: https://liza.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e471860eb90a1bd382a5fd16e989ee6164428bcf2c67c03a393729cc051a8009

Request headers

Referer: https://liza.ua/
Origin: https://liza.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4606
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23624
last-modified: Thu, 07 Apr 2022 09:16:56 GMT
server: cloudflare
etag: "624eac08-5c48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn834a61s6yDSXkNhezJ2WZjFvUEOLtNUmeZ7Ti2wmh7IwuurlBRKflrP2iJ1HUYcb7pvRrILhNQpzec0NvfGW16mZ0BplwvrY6Oo7d4yCIKgRad9vX7TM%2B68rub9wN5H7RxWWb3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 73af67c239854083-LHR

GET
H3 200 pubads_impl_2022080901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
131 KB 163ms
54ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

sffe /

Resource Hash

e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 15:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134589
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Aug 2023 15:55:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 197 B
146 B 173ms
64ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=liza.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

aaf5e7b6c3a6d653b802744b7cea549a776e8b87ff302038a626e5cf67e390a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121
x-xss-protection: 0
expires: Mon, 15 Aug 2022 05:07:12 GMT

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
234 B 326ms
110ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://liza.ua
Date: Mon, 15 Aug 2022 05:07:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
538 B 75ms
62ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=liza.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 172ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=liza.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 487ms
486ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3612715590378833&correlator=1637219238682672&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=29636627%3A22675139918%2Cliza.ua_300x600_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C300x500%7C240x400%7C240x350%7C240x500%7C240x600%7C160x600%7C300x400&ifi=2&adks=2174179728&sfv=1-0-38&fsapi=false&prev_scp=hb_format__mc_1_oftm%3Dbanner%26hb_size__mc_1_oftmed%3D240x400%26hb_pb__mc_1_oftmedia%3D0.15%26hb_adid__mc_1_oftmed%3D19976303eecc69f%26hb_bidder__mc_1_oftm%3D_mc_1_oftmedia%26hb_format%3Dbanner%26hb_size%3D240x400%26hb_pb%3D0.15%26hb_adid%3D19976303eecc69f%26hb_bidder%3D_mc_1_oftmedia&eri=1&sc=1&cookie=ID%3Df2a0b66495a58669-2296474bf4cd00fc%3AT%3D1660540032%3ART%3D1660540032%3AS%3DALNI_Ma60AGh_aRX-HY39GJKQRFvBjathg&abxe=1&dt=1660540032742&lmt=1660540032&dlt=1660540031578&idt=1076&adxs=1000&adys=214&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fliza.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1601988409.1660540032&ga_sid=1660540032&ga_hid=1313797039&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

38320d49d16beec6164bc0c302be692f76d84b8de98303b845cfba66ffc23aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7891
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://liza.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0118 6 KB
4 KB 257ms
61ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 05:07:12 GMT
expires: Tue, 15 Aug 2023 05:07:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 150 KB
53 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d7751dbbb76d3916b9fb602105c88c3656b3a51b68e6c0e7e9c2bc5e8a60168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54702
x-xss-protection: 0
server: cafe
etag: 8825997933396825946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 05:07:12 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 175ms
62ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=liza.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=liza.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/ Frame 0771 10 KB
4 KB 55ms
55ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 37199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 18:47:14 GMT
etag: 8616628553774171045
expires: Sun, 28 Aug 2022 18:47:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0771 4 KB
1 KB 180ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 03:32:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 05:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 05:07:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0771 205 B
742 B 185ms
57ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 03:15:42 GMT
x-content-type-options: nosniff
age: 6691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Aug 2023 03:15:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0771 604 B
695 B 186ms
57ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 01:40:46 GMT
x-content-type-options: nosniff
age: 12387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 15 Aug 2023 01:40:46 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 0771 19 KB
9 KB 184ms
56ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 03:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 14969459707636190018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 03:44:59 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
234 B 56ms
56ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfMo1DGsCogO4xvef

Response headers

Access-Control-Allow-Origin: https://liza.ua
Date: Mon, 15 Aug 2022 05:07:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 container.html Show response
20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A52 6 KB
3 KB 172ms
62ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 05:07:13 GMT
expires: Tue, 15 Aug 2023 05:07:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame 71AA 10 KB
4 KB 164ms
56ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 03:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 03:43:50 GMT

GET
H3 200 61e8ce92b0d799c62b7491ac485b1437.js Show response
www.gstatic.com/mysidia/ Frame 71AA 150 KB
56 KB 165ms
57ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eae73d23698659f17bbaf4773a3a337dcffe040e2579d93eb25c292cefa29f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 04:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57122
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 03:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 04:52:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 71AA 4 KB
814 B 173ms
65ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 05:07:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 05:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 05:07:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 71AA 2 KB
902 B 183ms
72ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 04:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 04:30:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 71AA 23 KB
9 KB 166ms
56ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 05:00:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 71AA 3 KB
1 KB 186ms
76ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 04:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 04:36:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71AA 140 KB
44 KB 211ms
82ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 05:07:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 71AA 17 KB
7 KB 168ms
58ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 04:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 04:54:37 GMT

GET
H3 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame 71AA 33 KB
13 KB 160ms
54ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 03:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 03:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 03:39:26 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E538 624 B
300 B 69ms
65ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHMbxCLqdvAAhj9ivnOATAB&v=APEucNVAdFmk_p3hrBOD2ytWjKdO3uwk7gB1l6CfCfmOWgKDwzwjFqVYZRMF9kQoHb-N7Y1gClhBuBHeCGQgGBk5GRantLd_OsxcGY2vMAv4B1bRtvvq_ImKF1LqtG7njqViIMqiWQIFlWlAZytGVLUK4iJKPbrcmI8BrR9yRRe-2HPRzGAlrac

Requested by

Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 05:07:13 GMT
expires: Mon, 15 Aug 2022 05:07:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2A52 62 KB
31 KB 89ms
85ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2QSYDOYIgpTB-pQF8KKi2syWHJV6sSxF131y1atuJKCFJDVpNI73GPxHa-I3IXlWJaIROY3FnjiRBKo45J99GMXyChA&cry=1&dbm_d=AKAmf-BZw2Gd-wNGqYTzorOMSggTTyDJ76_QmQNaHBubfxhgR-WknjFC1hGq84doJQKYZGLvmfFzg112W4o82UR-FhuwUMK4vxYZMoljRPc-SakKpjHUT7wZr5FPgif1Cft5TBlnCVauv6lRvJprBPHjsnbnrZ3FDjo3yG6rTI9j6r6YkKxKDoqA5knbv0hnn7ent1mMUETEPcOZ6CScEBnOYZ8sUOvQM2X8afExDhIB6Kde3wqrmUnRcQvPtUEC8H5LLpSR2rq9TRltJtvoD9wDJSKJjLn17LJq51pHI5QZRTDPP2x2AeU4V85bET6uXGFNyMemaWgcDaLt4Lt1bC2e-JqLgR95QSogHUtbnJWbB16hq1qdAsaUeWbzzs1E5leI0d2Wkw_3B5Y28ZzXnjWRlM57Uu5qiYIX_t4vmUsodwSlKC5CnBP0QgGQcytpRAYt0uVz-TxO4_ylgDn5RIC46Rn3NQ8fFAGS2tU_xKoq_qISsN2hZD7rNp7d5-YV1yAmlVrAA3js4F98e9Bz234CHNvyy4Dsc08LI4BC8OaiXlTbVA3XBJpEfeIF7NwDQEsniZ2V7Qlaq2cBCejqbkQW_NL8kV6ziB9kQ5QDv6Wiol8I9_bu5R5gTUXI1ejI0yxe_DU4CBifLu_uy-68PuNU4dNpN3OsJvTpZYtkD387vjv2PXJjYRzc78djyqbiS7IdlteiMKfMXJ7s9WPAXUkcBm45Q1ziylUo22XjqxjdB7nG-nhwER0bkLpdhVsHA8KBgl68w6QihhPGP-LMpa0TcFD6lC-zeGrGD6IH9Zw_IOpqrGz_xDupwGJourPtnPSs6OvmMXZX99p5Iw3Dixj9MKQ6KQxk1S2rtA2OfwoaPyL6I4tMocjda7v7XhhUWFf6jF8TgCdjHZ9Tz0WxiRaCHTm1-TFVhRQBDgsPyh5xWNFUJ1cw4xMiiW081Ra10KQ-DLvCiVpI0ylmLhfjMUf-3tGrfyENpYwIthaeylCljont7UeK37q6zvUDxwUAmNBU-T_H-V-mRnkBDXhHHHQ_1uy8yJfkrRZcuEPUIg-PkAuKFPdFkwqnF9Pk_x8VShUYdMHGGjP5Mhkl5o7f-d6J9T6Lq9dO3JU7WXmeSlAlSonnLE5KXFxf5USFUMt9tCxHa4AGfQwZQ_AMi0KAr_nshDxZO4-S7muqUqit_K0qN-IJMogTX_tmlaBSR4m7ZoKr2nYonVhXmNgChLI3AICwlBTdtBZcCjdJOrLFFjE5AMj7TaGV8u3Pg4CCHLeXpKX98KE9LGjZySbmEf35_qF5R06Js9SQr7ZqW3V8mDmgsPR6UUF-fBzSXvEbVn62PC47rR_qjdZFP2h8xpCZz47PabtnisKKchaNuZjq7p5XIu2NYkddWxX4wftMDMlo74LXlCTAsKTQcAsTvN-_kC8T2q6xhB-oYDNZ6Md_WPhkVbCSFhhp6XxgxYR3zTN_06qJYQm05haZ8QpxMM8wN2YByXHgtVeE6E-3KKc3YMsQ2e_4EPVJ_t23rGgp2gACI51PnauPagtpDlD15GiRYwsndKMn_LreBp9FT58xvPUAKTmm8FuuZWq4yDLA9QXSz903WfM31J76OGgAN9-A_1DuyVgVZeHpP5qqi8ZI56MJBXTEaUEFSfbnUVgcePAO3bTI-MaOSpuAjYUVST8gekz-F3nSRHXxrDVAreDt9BAMbUHJSV3FrTX9zSvGtHP0MCot_uxdEKBfTZhqoKFfxTnAXkW1TouWpG2CYnQRQwS1iD78E9e1gLNxFSwt4xyhMqOe8Cffqpb_ddmqYwL0-7Z0NJafJhlXlopgDf8UixJiov8dGgD1i_KEU4z-d9to9Hrn_MAAM5VH-Zd8t2D_liGv55_Xaf6mi43TIf-37JU57eifTUvFD5b9BE37qNXhqi4OTO0ylomTwkbPMzxZtHtZSNKPFnoX11ncsz4plpradRhndAbRxPx4zRnkGSb_2srh8wNwedL6QL5eBI2RnOhxtS0emBk8ZQBYt7V3TSFSxEbFNKZdsGzMxkwN76TQcZ50wTnTdNCCthDIXjMCKhULNsSg5b3jJNwr2vJE4lMSDIngMvqjLIba8hpOZdc_czwmz59UyXi840UUeNRWjgL0RHrkuFqV3i87Lg6TdcMfuwY746mPLjqMYLeAVl6z74wJxfW0VGf1lauWTLAkzwxrdy8uUUb1UNvH4xYYi2RWoquOxf98nfiq-lqkKpU9SyP5ZSKe4cFJfdV5t91iBtjuwc9ACNH4Vb9cpVAzFCP4jgjETDuFH9ztLlGAiawoB7Y6GAavlEqvQApn8RE5lYaa00XxQkgI1qRcb_VyTOeqoisPBIkmI-CXMwF1Mzu9psF3zSuLemgMK6mc08xUfiQMRX09nlQSXS87W8HLeHjtQm5dQI4H4EXA7Mv-f8IH0qlY2R2NkTLTLdAVGVchAlmZjsSxdimqGCvXxibJeMbQShKUqVjR8k_0RkGBAU6t7t-U31gKCBOKtj-ZZ73K42SVjkXY624SnI6pmY_yLLlXVyZwhebHS0kb5h5cMOFXP_sAB9JxmKjN21rFBQ9ve7-iXKalHAeR1brHIEAXqpAkbiNcaCJgsS1v7CPdJRNPRwDihkiEk_LjARqr_tWNJe3-TZE_wZ0Hd4NVtPjuBkPXk40qb60ml6XQKot2-PBmcYi09ivydudYwWaU5MAu4NHXpJ7oMOL9ka3qlk-6D5McIcN5Vs5GW9KrQBFq9BEOqy8aqNCsnRNuNRnrxkvBpJDEx99O3ljZf4b57DiDDGGcShFRfNb4UkhmiaXmTpLJMSOKDQbVyZd9LOs7ogPFNALVVQFi6oYlBChrAdEveb8Dzsat9oeL14wPCTuxD0-pQ-zEQnFOTB0JYSAOVpMSQRTLGaftrh3S7R4Jh9xxLmhP8qfwtmsFuGY6uYWpELFvUk0xR4uQod1FS70aquhHFZfQ9JtpGD0v4ZExG7giF_X0JeWGsbAc4n1M2Si57oYUib4lN4GVR2c8azMEeYLsCk7xBbawA4ykDkC_f5a9D5PtlkIokOH69EYK-viy8qMlmqSZxe-KRbq_b0MPpyTAxEw0wPyD-fnEJaUAnjiTwAa9d8suqw4vAH-2fPJXwAFty77gVH9XIIBdtyLIGshrUi1wleriUNgVTmnPMp6MsdGjNKQVrOAVDHQ&cid=CAASKORo8rp5oiO_VOlYtnTVDmnyapGvSgwn1qTk4H_Sij87zlL9DGEEx-U&rfl=1%2Chttps%253A%252F%252Fliza.ua%252F%240

Requested by

Host: liza.ua
URL: https://liza.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcff8a1b954f4e36b888924fd063959c59fa3b62bd9b010b3369293879ea0f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A52 42 B
63 B 93ms
88ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRU3CSOXNZ139pZ6hLlL_7Z6zgO95zP2svLDBCr414gB0NmVK86F4av3XBoNHpbdQsa1099_aadh-13KDjEk6jdXJtQnoyHstGsfFotE-Euwe8hGw

Requested by

Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 2A52 3 KB
1 KB 59ms
54ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 04:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 04:36:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A52 140 KB
43 KB 119ms
114ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 05:07:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 2A52 17 KB
7 KB 59ms
54ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 04:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 04:54:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2A52 0
0 183ms
61ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRxCDnuc0rUBCyS6wGsA4pqz4-lSJLc0A61XXkHEVHF5obIKgrYJMc_MTmlbUkp98jV25dRohrDtItheY8n_mZ-DB4DA
Requested by: Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 71AA 0
327 B 189ms
60ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l6uanu1u&c=8710749549798&slotId=4355374774899&qqid=CJ_PlNaJyPkCFdWBewodeRIMYA&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

12654640335103831053
tpc.googlesyndication.com/simgad/ Frame 71AA
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD3kobW7AEQiQQYiQQyCGLLwVDOJoVr
https://tpc.googlesyndication.com/simgad/12654640335103831053

18 KB
18 KB

54ms
54ms

Image
image/jpeg

2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12654640335103831053

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4887586c3851711806f8ad482854b2f40fa8b8dd423a62275281265ee0d9f132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 15:14:01 GMT
x-content-type-options: nosniff
age: 136392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18359
x-xss-protection: 0
last-modified: Thu, 06 May 2021 10:04:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Aug 2023 15:14:01 GMT

Redirect headers

date: Sun, 14 Aug 2022 05:27:44 GMT
x-content-type-options: nosniff
server: cafe
age: 85169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/12654640335103831053
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Sep 2022 05:27:44 GMT

GET
H3

206

videoplayback
r4---sn-4g5edndz.gvt1.com/ Frame 71AA
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=8b7ba866f7cd387c&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1660547232&sparams=ip,ipbits,expire,id,...
https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=8b7ba866f7cd387c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660547232&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

376ms
164ms

Media
video/mp4

2a00:1450:4001:1a::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=8b7ba866f7cd387c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660547232&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=3C1064EB86DA6F6532E0BB45E66DF2D98EF971B5.7C2E43F2C298A6041CAC8D1B599E61B1C4716E4C&key=cms1&cms_redirect=yes&mh=jU&mip=2a01:4a0:2c::11&mm=28&mn=sn-4g5edndz&ms=nvh&mt=1660539536&mv=u&mvi=4&pl=29

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:1a::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6e013efa3a2bf524e096c9330d482bf12a28e66faf641db517d03dd64423a2ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Aug 2022 17:35:59 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1370118/1370119
client-protocol: quic
cache-control: private, max-age=6898
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1370119
expires: Mon, 15 Aug 2022 05:07:14 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5edndz.gvt1.com/videoplayback?id=8b7ba866f7cd387c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1660547232&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=3C1064EB86DA6F6532E0BB45E66DF2D98EF971B5.7C2E43F2C298A6041CAC8D1B599E61B1C4716E4C&key=cms1&cms_redirect=yes&mh=jU&mip=2a01:4a0:2c::11&mm=28&mn=sn-4g5edndz&ms=nvh&mt=1660539536&mv=u&mvi=4&pl=29
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 702
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E538
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1

43 B
948 B

117ms
80ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHMbxCLqdvAAhj9ivnOATAB&v=APEucNVAdFmk_p3hrBOD2ytWjKdO3uwk7gB1l6CfCfmOWgKDwzwjFqVYZRMF9kQoHb-N7Y1gClhBuBHeCGQgGBk5GRantLd_OsxcGY2vMAv4B1bRtvvq_ImKF1LqtG7njqViIMqiWQIFlWlAZytGVLUK4iJKPbrcmI8BrR9yRRe-2HPRzGAlrac
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73af67cb38bf74d1-LHR
pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4tF3B9vVhp%2Bs8Ldka55xKd8rudGNfUWYBNO5N7AOLYXbjcLM1WDawt8iJSyakBu28BNag%2FC8dImZ5QBkKFWUf6%2BqMTzvTrk7MFPhiAHpqk6kXjNk23TIJxzpQZT3CXs%2FEe51sqDVTXQpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E538
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvnUge1KHj6J1YxTM9ZxEQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1

43 B
913 B

76ms
76ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHMbxCLqdvAAhj9ivnOATAB&v=APEucNVAdFmk_p3hrBOD2ytWjKdO3uwk7gB1l6CfCfmOWgKDwzwjFqVYZRMF9kQoHb-N7Y1gClhBuBHeCGQgGBk5GRantLd_OsxcGY2vMAv4B1bRtvvq_ImKF1LqtG7njqViIMqiWQIFlWlAZytGVLUK4iJKPbrcmI8BrR9yRRe-2HPRzGAlrac
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 73af67ccda0a74d1-LHR
pragma: no-cache
date: Mon, 15 Aug 2022 05:07:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtdJcI7r%2Fqq70jTPWwDEoHgIgvKsr7qWE%2FEmy3tO7f5FScS1%2FKPOHatrMKhiJFgQOGJs6Y42%2By8X0Z1rKnc0JTfja2FCnxUqBS0AcpOCp0qAHULmQM3CgnUqKC%2BWPTWgukk%2BhS1lll6zFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHw-9v0dN9PVQT_ene0iFqE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E538
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELmO6vTVRM8uUyXuh0gzmas&google_cver=1

43 B
1013 B

55ms
55ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELmO6vTVRM8uUyXuh0gzmas&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHMbxCLqdvAAhj9ivnOATAB&v=APEucNVAdFmk_p3hrBOD2ytWjKdO3uwk7gB1l6CfCfmOWgKDwzwjFqVYZRMF9kQoHb-N7Y1gClhBuBHeCGQgGBk5GRantLd_OsxcGY2vMAv4B1bRtvvq_ImKF1LqtG7njqViIMqiWQIFlWlAZytGVLUK4iJKPbrcmI8BrR9yRRe-2HPRzGAlrac

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:13 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 38c6b87e-d31f-4f73-85f2-17220b88c953
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELmO6vTVRM8uUyXuh0gzmas&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E538
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5NDgxNzM5NDAzNDEzNQ%3D%3D

170 B
243 B

155ms
76ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5NDgxNzM5NDAzNDEzNQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:13 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f842b2f5-7dec-4e24-a093-0b72ea540c35
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5NDgxNzM5NDAzNDEzNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 2A52 30 KB
12 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2QSYDOYIgpTB-pQF8KKi2syWHJV6sSxF131y1atuJKCFJDVpNI73GPxHa-I3IXlWJaIROY3FnjiRBKo45J99GMXyChA&cry=1&dbm_d=AKAmf-BZw2Gd-wNGqYTzorOMSggTTyDJ76_QmQNaHBubfxhgR-WknjFC1hGq84doJQKYZGLvmfFzg112W4o82UR-FhuwUMK4vxYZMoljRPc-SakKpjHUT7wZr5FPgif1Cft5TBlnCVauv6lRvJprBPHjsnbnrZ3FDjo3yG6rTI9j6r6YkKxKDoqA5knbv0hnn7ent1mMUETEPcOZ6CScEBnOYZ8sUOvQM2X8afExDhIB6Kde3wqrmUnRcQvPtUEC8H5LLpSR2rq9TRltJtvoD9wDJSKJjLn17LJq51pHI5QZRTDPP2x2AeU4V85bET6uXGFNyMemaWgcDaLt4Lt1bC2e-JqLgR95QSogHUtbnJWbB16hq1qdAsaUeWbzzs1E5leI0d2Wkw_3B5Y28ZzXnjWRlM57Uu5qiYIX_t4vmUsodwSlKC5CnBP0QgGQcytpRAYt0uVz-TxO4_ylgDn5RIC46Rn3NQ8fFAGS2tU_xKoq_qISsN2hZD7rNp7d5-YV1yAmlVrAA3js4F98e9Bz234CHNvyy4Dsc08LI4BC8OaiXlTbVA3XBJpEfeIF7NwDQEsniZ2V7Qlaq2cBCejqbkQW_NL8kV6ziB9kQ5QDv6Wiol8I9_bu5R5gTUXI1ejI0yxe_DU4CBifLu_uy-68PuNU4dNpN3OsJvTpZYtkD387vjv2PXJjYRzc78djyqbiS7IdlteiMKfMXJ7s9WPAXUkcBm45Q1ziylUo22XjqxjdB7nG-nhwER0bkLpdhVsHA8KBgl68w6QihhPGP-LMpa0TcFD6lC-zeGrGD6IH9Zw_IOpqrGz_xDupwGJourPtnPSs6OvmMXZX99p5Iw3Dixj9MKQ6KQxk1S2rtA2OfwoaPyL6I4tMocjda7v7XhhUWFf6jF8TgCdjHZ9Tz0WxiRaCHTm1-TFVhRQBDgsPyh5xWNFUJ1cw4xMiiW081Ra10KQ-DLvCiVpI0ylmLhfjMUf-3tGrfyENpYwIthaeylCljont7UeK37q6zvUDxwUAmNBU-T_H-V-mRnkBDXhHHHQ_1uy8yJfkrRZcuEPUIg-PkAuKFPdFkwqnF9Pk_x8VShUYdMHGGjP5Mhkl5o7f-d6J9T6Lq9dO3JU7WXmeSlAlSonnLE5KXFxf5USFUMt9tCxHa4AGfQwZQ_AMi0KAr_nshDxZO4-S7muqUqit_K0qN-IJMogTX_tmlaBSR4m7ZoKr2nYonVhXmNgChLI3AICwlBTdtBZcCjdJOrLFFjE5AMj7TaGV8u3Pg4CCHLeXpKX98KE9LGjZySbmEf35_qF5R06Js9SQr7ZqW3V8mDmgsPR6UUF-fBzSXvEbVn62PC47rR_qjdZFP2h8xpCZz47PabtnisKKchaNuZjq7p5XIu2NYkddWxX4wftMDMlo74LXlCTAsKTQcAsTvN-_kC8T2q6xhB-oYDNZ6Md_WPhkVbCSFhhp6XxgxYR3zTN_06qJYQm05haZ8QpxMM8wN2YByXHgtVeE6E-3KKc3YMsQ2e_4EPVJ_t23rGgp2gACI51PnauPagtpDlD15GiRYwsndKMn_LreBp9FT58xvPUAKTmm8FuuZWq4yDLA9QXSz903WfM31J76OGgAN9-A_1DuyVgVZeHpP5qqi8ZI56MJBXTEaUEFSfbnUVgcePAO3bTI-MaOSpuAjYUVST8gekz-F3nSRHXxrDVAreDt9BAMbUHJSV3FrTX9zSvGtHP0MCot_uxdEKBfTZhqoKFfxTnAXkW1TouWpG2CYnQRQwS1iD78E9e1gLNxFSwt4xyhMqOe8Cffqpb_ddmqYwL0-7Z0NJafJhlXlopgDf8UixJiov8dGgD1i_KEU4z-d9to9Hrn_MAAM5VH-Zd8t2D_liGv55_Xaf6mi43TIf-37JU57eifTUvFD5b9BE37qNXhqi4OTO0ylomTwkbPMzxZtHtZSNKPFnoX11ncsz4plpradRhndAbRxPx4zRnkGSb_2srh8wNwedL6QL5eBI2RnOhxtS0emBk8ZQBYt7V3TSFSxEbFNKZdsGzMxkwN76TQcZ50wTnTdNCCthDIXjMCKhULNsSg5b3jJNwr2vJE4lMSDIngMvqjLIba8hpOZdc_czwmz59UyXi840UUeNRWjgL0RHrkuFqV3i87Lg6TdcMfuwY746mPLjqMYLeAVl6z74wJxfW0VGf1lauWTLAkzwxrdy8uUUb1UNvH4xYYi2RWoquOxf98nfiq-lqkKpU9SyP5ZSKe4cFJfdV5t91iBtjuwc9ACNH4Vb9cpVAzFCP4jgjETDuFH9ztLlGAiawoB7Y6GAavlEqvQApn8RE5lYaa00XxQkgI1qRcb_VyTOeqoisPBIkmI-CXMwF1Mzu9psF3zSuLemgMK6mc08xUfiQMRX09nlQSXS87W8HLeHjtQm5dQI4H4EXA7Mv-f8IH0qlY2R2NkTLTLdAVGVchAlmZjsSxdimqGCvXxibJeMbQShKUqVjR8k_0RkGBAU6t7t-U31gKCBOKtj-ZZ73K42SVjkXY624SnI6pmY_yLLlXVyZwhebHS0kb5h5cMOFXP_sAB9JxmKjN21rFBQ9ve7-iXKalHAeR1brHIEAXqpAkbiNcaCJgsS1v7CPdJRNPRwDihkiEk_LjARqr_tWNJe3-TZE_wZ0Hd4NVtPjuBkPXk40qb60ml6XQKot2-PBmcYi09ivydudYwWaU5MAu4NHXpJ7oMOL9ka3qlk-6D5McIcN5Vs5GW9KrQBFq9BEOqy8aqNCsnRNuNRnrxkvBpJDEx99O3ljZf4b57DiDDGGcShFRfNb4UkhmiaXmTpLJMSOKDQbVyZd9LOs7ogPFNALVVQFi6oYlBChrAdEveb8Dzsat9oeL14wPCTuxD0-pQ-zEQnFOTB0JYSAOVpMSQRTLGaftrh3S7R4Jh9xxLmhP8qfwtmsFuGY6uYWpELFvUk0xR4uQod1FS70aquhHFZfQ9JtpGD0v4ZExG7giF_X0JeWGsbAc4n1M2Si57oYUib4lN4GVR2c8azMEeYLsCk7xBbawA4ykDkC_f5a9D5PtlkIokOH69EYK-viy8qMlmqSZxe-KRbq_b0MPpyTAxEw0wPyD-fnEJaUAnjiTwAa9d8suqw4vAH-2fPJXwAFty77gVH9XIIBdtyLIGshrUi1wleriUNgVTmnPMp6MsdGjNKQVrOAVDHQ&cid=CAASKORo8rp5oiO_VOlYtnTVDmnyapGvSgwn1qTk4H_Sij87zlL9DGEEx-U&rfl=1%2Chttps%253A%252F%252Fliza.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 05:05:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 2A52 8 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 05:06:47 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2A52 0
622 B 228ms
98ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNzQdILDXugD1isS0Fd_48QMo6dz7OGjtHV2XXYyBNe_6sSX6T3Nlzm2FzH1tEeZ244J9W9XTKudSI8x4g7xvUE_K6hJfAP-jzdv2ezlfA1RWhSiwMcMLf78ZNBGICQk9k8K_4nns02T-KO-T55JOdMFJe0p0XeZx97ZNTXS111IVnA03Sx_kAC3Bjk9u_UpLo-Z_aay5LDsBmZnon3eOWPvTdIfDdjY_Xtjrokw_9MsVpVqkxGjl4tAukLl6uSctEkSJQtbBUCSso4p2DU0kN3uDcS-T86DYJDSbAfwYECloMQhmoQ_vODswNnCpYZIHjoUhsxu6Y_0j2WdKB4fX993bgGZ-zEj26_GIatlV8l1FTPRAHz17bBzJuwUz363u621adYoXd4OXpHBUr5yPxFq8uxS7sixGotQOQq8Ire-j3PBPXAZZsgvUrLuY-qovQM_C9bpaOSXrsZS5HMns6WAQxJkFDdgpqyu7Va4DCNaZPhZ0_jftTSyOXYW1A2FBQSmtpH01Q0vf-k7E41vzsfkFs--OuiutoEICcCe3ACtfk8MYXvjQ8Re0D7JyR5T82gd6PFFxeE_LEjBGZcF0NowRrXCfqdflVhQUcrUIfcGvFfjosQHjCevmSXFyz1bcvoz5CMpXPzVDZDwj2XVhaN0mdzTJek7589lGWERzofNO_2Ybhi0phluxA7PxRN5C_JQ3ekDa0WatYnJW_xd-88MCWSvYWk94_qTDzXN5w6fQC3ohTo5mYqTsFUcBQ8GsHGJwG6KjJxHajMWwnk1RPBKrKMMgQnCW_crEms0VCx1e86_SFrXz2_KWbrFeUlBiFEy0IGfqgMKQ_yukMR13kbD2744RHD0bJ4iVqb1J2KeZBVobJbgaeMPX5cytCkklo2kGDjU0FjeME7hLUiJim015v3lShAw_iE4wRRI417hhxJCSqmj4ofpcm2KNd_JolpLFq-lQjYtbzqq8FbHDfFmzOxS8cuvN3f1cTV8Dw2TP1TgwZl1JiryJsvbVbBKPBK-i4XueYOIu9SX6DpzaXCc63YqINVnUDkDm1YLGwJUEGPBavOBFrN45mUdPz6BjTkZ7JmvoLLpQBZ9YbUTNkehr0-8dveddHmhYN48Q3aroKEYe3WKWq6_WA5PDVpvkFBrttNaJ32-QWcdRcsf6AUGdw4w&sai=AMfl-YSdPkxAb0qVW5qtCHy4teUCxqYq4pfFYbu92euFuJjPn8s9KbctEhUVwsZ0x3Lb0__XHjzWVH_gJ4B4Yr7yToTfQu6SAvRirXV5n811I_Lxyy1bT02PlyvGEzFAYy8g6a6PlEowzPiD64yYXIIYjipRYpr2knCPWClMKlRBlrGBupllVvrVg0N3AEvoST0TzGPBx6-6vpLcv8rSpsO0nIGDLcyVvu9Opg&sig=Cg0ArKJSzBA8LtSTGmdzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220810.99168&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 15 Aug 2022 05:07:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A52 41 KB
15 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 17:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 17:19:05 GMT

GET
H2 200 16952891796421311747
s0.2mdn.net/simgad/ Frame 2A52 94 KB
94 KB 199ms
57ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16952891796421311747

Requested by

Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa8ee51638e2799b87d850884b135205e48d68fe32880980443345a24a2603ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 13:49:30 GMT
x-content-type-options: nosniff
age: 55063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95754
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 09:07:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Aug 2023 13:49:30 GMT

GET
DATA 200
OK truncated
/ Frame 2A52 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5f2b8f6991a4a57cf3293c080d3eba3e13c2311c8096f7242eb1bc75d0b495d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B3C3 22 KB
8 KB 54ms
53ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 301687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 17:19:06 GMT
expires: Fri, 11 Aug 2023 17:19:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame B3C3 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 14:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 14:55:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3C3 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKZHugdT5YoLwHMS99u8PqdG6yAMAAAAAOAHgBAI&bg=!iomlic3NAAa4hXTbmIU7ACkAdvg8WqybViOCm1RQXLAy2Kg2CSLKpNSeKeZlFmMlbhs3GPLo-dNPFgIAAABSUgAAAANoAQeZAu_ota9YjtvKs-3-nWTVSNo39iQUqKcVJETcEZhcL1O8iX5k09pryLlxccJRV4ev4-6L__B46e786LZ1_iZCq7mgaA8Q6AX5-e1nd5A8hdg6_asNwR5J50BlN6KJk_XpPtx34Qd278-XZZn1VjJ23ZFlDc6gMRaSOgRNTgyxn-yJ3Til6souwEp6FoKrxEXtsBf3YRZnmM5vXGc0LtNq7WZSnieJEKWXkuFG_Wz0N7s98aQ1c1rn27jlmInOuQcZ-7ZVJWmKWUiC0XVhMx8nwQLoI8zj6RoZoZIak_tVCfSm55VBx_Mb8PpWXBnunbsow3o6GItyK1eabzVSG5slhcOx_iZZOHqJYF7-jHV_XpRdORaZPHMn1x8WxYskrIFauWVFqhxnTctdv2rPRaY-djVgUp3ymMTi3KjAuqdG1FvRMx_NkEiP_3gwjNwOmPOC7bIg6SvAdiJ055Bd-QCLSdVo8QImCgegJJURfoLUD_M51vkNaHisY-upfzlHJhGXuHsfWUmEgZVk2P14MewTxFqDDW4LluaGFS7qLAhECTJoElDYEPRaCtihhgKQOCVeT0nUzZfiwaDC5oKfzn2zRLNFQkATvoJhqw9DBu2_cbxFAqLOwcLR6HyF3q1xPTMRqf4fGx3-WeEDp_RndhsCZxRtl9ju6VhniPvWZajhkkPFYC7IHX3hcUkGTxOKKY0_E3vlelWhfonTRS5r-Nycl6Qf2fMgUJl3DtoT-CIM8FAzt-_ETzBbJYUCTxpWaLnjRsfxIoP2n1Q_VOWm2ifyFj9aiTOPNFisI7bP8wm5ZPLbnchd_CVqkkQrFuTq-AAjZQU824rhixKpwk5mJWulybBiDHkQpQy8gPoi6uOqfMubw8zhg-apVykIEAd_xh_IxiMkamVHxEhtNTah8iQcLqLfWRcPKA-uHQ3hOwP7UPElP7AMoFzjoheef9eeajE6vG2D1wkQJ8uox69puHyyS3dCvMu44mxgE0tm4L_fkkqO

Requested by

Host: 20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
URL: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2A52 0
26 B 201ms
92ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 179ms
68ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f9556f6f0800cf4f0c604a42e70b16ba8c3c9383f83ddcaebb082b338624039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 05:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11048
x-xss-protection: 0

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame 26C1 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 14:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 14:55:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 61ms
61ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1313797039&t=event&ni=0&_s=1&dl=https%3A%2F%2Fliza.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%9B%D0%B8%D0%B7%D0%B0%20%E2%80%94%20%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%BE%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%B6%D0%B5%D0%BD%D1%89%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=doskrol25&ea=doskrol25%25&_u=aGDAAAABAAAAAG~&jid=189945614&gjid=1868608079&cid=1601988409.1660540032&tid=UA-59638469-1&_gid=1187908372.1660540032&_r=1&gtm=2wg880N5K8VL&z=1042124724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://liza.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 167ms
56ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59638469-1&cid=1601988409.1660540032&jid=189945614&gjid=1868608079&_gid=1187908372.1660540032&_u=aGDAAAABAAAAAG~&z=1380756844

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Aug 2022 05:07:14 GMT
content-type: text/plain
access-control-allow-origin: https://liza.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sunny-ng-kvilnrogwxk-unsplash-320x210.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/ 3 KB
4 KB 231ms
230ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2022/08/sunny-ng-kvilnrogwxk-unsplash-320x210.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbb5b5b9f3e90bb9ff355b4b605e8633e3a85e3869aee372f35c38723f731d25

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Aug 2022 08:28:12 GMT
server: cloudflare
etag: "62f4bd9c-d74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMaMdAwG9FrnS8AwgQ2S2jdJP0cBjltGyVb3v9b2dRABP3tKDe83bWmekxvob0cOqmBAPdC%2B743VqwrnsABTrOTNwnOLNYGsbjQiHAYF9bnAno4bntdH7xBh1AKQFLCvZxT5jVJh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67ce8bf24083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3444

GET
H3 200 arwin-neil-baichoo-yqzrdgu-kai-unsplash-320x210.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2018/08/ 7 KB
7 KB 234ms
233ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2018/08/arwin-neil-baichoo-yqzrdgu-kai-unsplash-320x210.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc2ac586e48a4d212acd5cdb772c7b0931cb88419e34c17bf72064489f640d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
cf-cache-status: MISS
last-modified: Sat, 19 Jun 2021 10:58:08 GMT
server: cloudflare
etag: "60cdcdc0-1a8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLWvyiwPUiVGoVY4ya8z6qXe%2BPZiazPflRAXuOvPs5EpniCf6y2zQOpbu6cSy7IB35twC7T3xt8kRq%2BZblNpH0f1XMm7TIFuB6yqb%2Bf9bQdfGJSUjiCi38t3JBJormDuruMAMjXA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67ce8bf64083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6798

GET
H3 200 ThinkstockPhotos-78462181-320x210.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2019/08/ 6 KB
7 KB 232ms
231ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2019/08/ThinkstockPhotos-78462181-320x210.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd50b914eeea21a3f09b7b711420994c8677f8c3db8906844bba93ec11869220

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
cf-cache-status: MISS
last-modified: Sat, 19 Jun 2021 14:29:22 GMT
server: cloudflare
etag: "60cdff42-1954"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HymBRAGslHyGBGLt%2F3ALNixF62XkxxRFrTMmOhiwA5TwWoyRibFETCICqN2UoW9mR634DL1RWQjMT7niEYhwfcj73oATG7EofO3Su77X0APQP9vKwAxCbmSVkg9xCcD5IA8VXaOA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67ce8bf94083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6484

GET
H3 200 young-sly-liar-man-happily-smiling-while-woman-embracing-him-135x96.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/08/ 2 KB
2 KB 235ms
235ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2021/08/young-sly-liar-man-happily-smiling-while-woman-embracing-him-135x96.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54865f285ff76a6406257e7a1d1527cce35607205eaef084786edb842b352dd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Aug 2021 07:13:55 GMT
server: cloudflare
etag: "6114ca33-7d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=My1gXxuYsysLJpuvHLO8qAPPUtZizkZXl07wirN1iz3WIj19p70q84%2BhI3NGICve6uAKmLSpEXXlCwPBZ%2FyGzmP5aw%2B7vr7nlyTKVc33tSzwXf1KQ1ZNTI3B3DMrivATtcWLz5Dp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67ce8bfd4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2002

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 394ms
394ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 05:07:14 GMT

GET
H3 200 french-320x210.jpg.webp
liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2019/08/ 7 KB
8 KB 231ms
231ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liza.ua/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2019/08/french-320x210.jpg.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6580e57df0931427a26d5cb5bc2192e407696d05040ed366a5a5aa632aed37e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
cf-cache-status: MISS
last-modified: Sat, 19 Jun 2021 10:45:01 GMT
server: cloudflare
etag: "60cdcaad-1c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4hC4muk9T8NaWY2fZq9EIT0f0PfNX2r0FHCDist8LBrFMgMULL1uieggBVnnZhomQG6ZcYxSRdgYTUnkpixyauzgxS9Vqy9tcGpfu1OIDQstVEv3Rl%2FBtTPgyihLUoAwHotynUf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 73af67cf5cd24083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7232

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3034 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 04:01:08 GMT
expires: Tue, 15 Aug 2023 04:01:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17CF 783 B
534 B 174ms
62ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43fd8d2f21c7f92dc397a0d306957c4c41c6d315c0be529d7bb8e09d8c20bae5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qv4nFgfaEc_A_dqzQA4h4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-qv4nFgfaEc_A_dqzQA4h4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 05:07:14 GMT
expires: Mon, 15 Aug 2022 05:07:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3034 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppA1fI0VetKp8Yjs2tI4w37711CBJFVOi33fKYbLAYg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 14:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13955
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 14:55:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A52 42 B
64 B 92ms
92ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFLKsxh2y2vbuYa95X4LV4SjxNXiFzX8qLxvGAQh5FcL5M1nSrD0iLIBxrTN1icQqPP82bBt_hT4UH27Gn7cLf8hhGO-XKbsIp-Pq9I5s1TnpdlNWcTCQG45i3FI_4V_41v1fKzy6RwAxw-Q&sai=AMfl-YRbZ3P7MJvKs-tf2kd9UFEgeYAr6i6A50DHUL0dxTPMcFB4U8wC7MVnCBR-PvanyLtdm352WDa5rWq_g1bKyDUt0OlWF3Y8yTrrZxrnYU0-JpmRykCpR9LMtBhkZbRg&sig=Cg0ArKJSzGaE8iRgBiYkEAE&cid=CAASKORo8rp5oiO_VOlYtnTVDmnyapGvSgwn1qTk4H_Sij87zlL9DGEEx-U&id=lidar2&mcvt=1000&p=174,1000,774,1160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2174179728&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660540033248&rpt=624&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3034 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?b3ZjbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17CF 0
0 87ms
87ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=3612715590378833&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 194ms
65ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Aug 2022 05:07:15 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 71AA 0
17 B 170ms
61ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l6uanu21&c=8710749549798&slotId=4355374774899&qqid=CJ_PlNaJyPkCFdWBewodeRIMYA&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/61e8ce92b0d799c62b7491ac485b1437.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=3612715590378833&bg=!BgWlBUHNAAa4hXTbmIU7ACkAdvg8WvzS5BpJzCwdqz4oxUuaJYK41m07CP3co07ZH-8530TJlLmG3AIAAABIUgAAAANoAQcKAGDb_h5lJuslrUWVR9IRnopnxz4_ZVJkc-iy6XA7QZqLNW4ccYXKp-xM5JI5GnuxaCEBYBbPcyZc5WAew2oBIOdEb42i5dsZYkkLRm8B1pJZWXZ1GNavIYuJnGVg0CKhCAiZApYsCqVgNldhJZ7VRuqf1vffjbK-JtBS6WloW0OmwKQJetZpY0AfEAPpInkBp96J7XMZtt1ndiEkceu8V5siosr8CxzEUjQR4msFWd15rt5_eGZe8j-c-DHRo1Tn57bCFyvQbVoxQXSKyJbpil6Em_DwtJ_BXweCg5Bjeh6qUFcLmriwOxTZzu64nzSnFH8YEbTgDTDTomrrfynTfOLmgMn7_meQTn6WdyJ7Z6ZckAMmr_G9mLCsY16hEI727kiPE1AFyI9qx6UQcydVt3dL8tQXGNBnB3OrT1b5E5nSIqaAaF6uS9TiBs3PS2oS5jl4O_3zUzmK5ukN4G_XolPfhZdOtAcdHOsgSdTcYSskBRUWlgevp-XSHWdMeeahU89Asj-EZ99MiA5s1KYa5ey3ho17J53bc-BALrV2szQ3AE4hEJnUX3nwMxyWJaaekZErTkoxP8SyAUBw5CqPyb4x5alwcHipB9qpmLFmgAEEmCBoopDZfgwpsJLB5MG71i5en6EVe8yZfajCZ3rfF3MO0vMZ7vThb3pf7snIkb5RFuSQc8aAtIKX29X33gJwgu2zZZL5VNY16MyI1Vo336T-GidHvKUw9AiGvJXKu2c5PAQIKzhp4dL0GjijIKYPCbQe8Da00D-VqWO-2WVzeLjZnNtMtD38ct40FxfIofpK8v7d_mbn5Qc-mmAueJBh3COBpFAAOCywiiUA4npA4b-5P361n9g8SeDesGFaMfZJQ7_NAmlhP8AAwIFyYg_Cruyom-QBXHEPq41vG5egHi6YZr5r0cYh9QRU7Nms6e8-nsTbSBN5BQOFDd-mxlCxWupedwbaXKXRzvi6k159ki8NK6NgqU68RKXjQJK9oGHb9FGye9EuTQspMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4D41 15 KB
6 KB 225ms
62ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=liza.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://liza.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 05:07:14 GMT
server-processing-duration-in-ticks: 1653
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 222ms
110ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Aug 2022 05:07:15 GMT

GET
H/1.1 200
OK cntcm.aspx Show response
inv-nets.admixer.net/ 61 B
525 B 55ms
54ms XHR
application/json 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/cntcm.aspx?ssp=3c048030-451f-4cfa-81f2-2a3a083ba4de

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

2a62ac10574cc5fbfd559e84d6c0428d8653e086b03b609bbaab9fbd2d0bffcf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://liza.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 05:07:15 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://liza.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=25
X-XSS-Protection: 0

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=20aeb90c7055494db445c974feae9fd2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=20aeb90c7055494db445c974feae9fd2&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=fd380b40-9402-454a-a4ab-6d7720463eb8
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=fd380b40-9402-454a-a4ab-6d7720463eb8
https://inv-nets.admixer.net/bs/cm.aspx?id=fd380b40-9402-454a-a4ab-6d7720463eb8&gdpr=&consent=&gdpr_pd=

43 B
463 B

55ms
55ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=fd380b40-9402-454a-a4ab-6d7720463eb8&gdpr=&consent=&gdpr_pd=

Protocol

HTTP/1.1

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 05:07:16 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=fd380b40-9402-454a-a4ab-6d7720463eb8&gdpr=&consent=&gdpr_pd=
Date: Mon, 15 Aug 2022 05:07:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 339ms
54ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:07:14 GMT
content-length: 0

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

49ms
48ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:15 GMT, Mon, 15 Aug 2022 05:07:15 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Mon, 15 Aug 2022 05:07:15 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 43 B
1 KB 56ms
55ms Image
image/gif 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=20aeb90c7055494db445c974feae9fd2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 05:07:15 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 694a23dc-c02c-4154-af77-5315f628a7da
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 317ms
52ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=20aeb90c7055494db445c974feae9fd2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://liza.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 05:07:16 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4D41
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=liza.ua&sn=ChromeSyncframe&so=0&topUrl=liza.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=aBmwVHxrWWNEVmVWa1FYNmc1a2NTV1FWNEZTcFVSbDI4WE1DZ012UTBuTHBBL1diOHdGUU9FK29zWnBsT0JKSnpOOVZObTgvbjJoQ1pFN1FjMG93eEpnWjdkOWFFV0dUcFJKcEdYOFJnbWUzSExjMFR1VXVGaGwzTlFBOU...

438 B
632 B

258ms
68ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aBmwVHxrWWNEVmVWa1FYNmc1a2NTV1FWNEZTcFVSbDI4WE1DZ012UTBuTHBBL1diOHdGUU9FK29zWnBsT0JKSnpOOVZObTgvbjJoQ1pFN1FjMG93eEpnWjdkOWFFV0dUcFJKcEdYOFJnbWUzSExjMFR1VXVGaGwzTlFBOUNhcTd3QzYrTHV4NEVlanh1MHJFMzE0cStNa2owbzRaczhZV1dFSXNCbVlrMmxhVkdxempZODVyRERheFUyd1pYSFJ0VFlkTkVQSTkvQnhSdGNzZ1IrM1lBRXBERzdBUlZlL1RXR1BieEJDOUhLNkpqOUpRcTRjaU5UZTBEcHM5QkQzUDk1em5BSm5tTkVnTXdwcEh6VEFib2dqYkpidz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e115b10c8d168780ba902296030bc611900176dbcb78d054869966ff9a558c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:15 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4804
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:07:15 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=aBmwVHxrWWNEVmVWa1FYNmc1a2NTV1FWNEZTcFVSbDI4WE1DZ012UTBuTHBBL1diOHdGUU9FK29zWnBsT0JKSnpOOVZObTgvbjJoQ1pFN1FjMG93eEpnWjdkOWFFV0dUcFJKcEdYOFJnbWUzSExjMFR1VXVGaGwzTlFBOUNhcTd3QzYrTHV4NEVlanh1MHJFMzE0cStNa2owbzRaczhZV1dFSXNCbVlrMmxhVkdxempZODVyRERheFUyd1pYSFJ0VFlkTkVQSTkvQnhSdGNzZ1IrM1lBRXBERzdBUlZlL1RXR1BieEJDOUhLNkpqOUpRcTRjaU5UZTBEcHM5QkQzUDk1em5BSm5tTkVnTXdwcEh6VEFib2dqYkpidz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1486
content-length: 541
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 07:25:16	Name: am-uid Value: 20aeb90c7055494db445c974feae9fd2
liza.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: rbmbhp4au7d20mt0iealofitrc
liza.ua/	1969-12-31 23:59:59	Name: lang Value: ru
liza.ua/	1970-01-20 05:17:06	Name: _io_ht_r Value: 1
.liza.ua/	1970-01-20 05:15:40	Name: __io_d Value: 1_705468254
liza.ua/	1970-01-20 14:01:16	Name: __io_lv Value: 1660540031923
liza.ua/	1970-01-20 14:01:16	Name: __io Value: 076d6fb20.f0a68ea96_1660540031923
.liza.ua/	1970-01-20 05:15:41	Name: __io_session_id Value: 973f1ac1e.237ad889c_1660540031924
.liza.ua/	1970-01-20 05:15:40	Name: __io_nav_state12614 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22liza.ua%22%2C%22previousDomain%22%3A%22%22%7D
liza.ua/	1970-01-20 14:01:16	Name: __io_unique_12614 Value: 15
liza.ua/	1970-01-20 05:16:48	Name: __io_uh Value: 1
liza.ua/	1970-01-20 05:15:40	Name: __io_visit_12614 Value: 1
.liza.ua/	1970-01-20 14:51:40	Name: _ga Value: GA1.2.1601988409.1660540032
.liza.ua/	1970-01-20 05:17:06	Name: _gid Value: GA1.2.1187908372.1660540032
.liza.ua/	1970-01-20 05:15:40	Name: _dc_gtm_UA-59638469-1 Value: 1
.tt.onthe.io/	1970-01-20 05:17:06	Name: io_uida6a85e8b8a3a49782382de2f9949a9f0 Value: 15
.tt.onthe.io/	1970-01-20 11:37:16	Name: io_user_hash Value: 076d6fb20.f0a68ea96_1660540031923
liza.ua/	1970-01-20 05:58:52	Name: _pbjs_userid_consent_data Value: 3524755945110770
.admixer.net/	1970-01-20 07:25:16	Name: am-uid Value: 20aeb90c7055494db445c974feae9fd2
.adnxs.com/	1970-01-20 07:25:16	Name: icu Value: ChkIgqSAARAKGAEgASgBMICp55cGOAFAAUgBEICp55cGGAA.
.adnxs.com/	1970-01-20 07:25:16	Name: uuid2 Value: 7694817394034135
.liza.ua/	1970-01-20 14:37:16	Name: __gads Value: ID=f2a0b66495a58669-2296474bf4cd00fc:T=1660540032:S=ALNI_Ma60AGh_aRX-HY39GJKQRFvBjathg
.doubleclick.net/	1970-01-20 14:37:16	Name: IDE Value: AHWqTUnHOFvh0e7RMDlOsDHV9BDbzq5zreBSetImXncZ9-z3skfAfThgzWFw3KAQutw
.casalemedia.com/	1970-01-20 14:01:16	Name: CMID Value: YvnUge1KHj6J1YxTM9ZxEQAA
.casalemedia.com/	1970-01-20 07:25:16	Name: CMPS Value: 5159
.casalemedia.com/	1970-01-20 07:25:16	Name: CMPRO Value: 5159
.casalemedia.com/	1970-01-20 07:25:16	Name: CMTS Value: 1211
.liza.ua/	1970-01-20 05:15:40	Name: _gat_UA-59638469-1 Value: 1
.criteo.com/	1970-01-20 14:37:16	Name: uid Value: dc649df7-1218-4610-b54e-0dceddae2fd6
liza.ua/	1970-01-20 05:58:52	Name: admixerId Value: 20aeb90c7055494db445c974feae9fd2
.creativecdn.com/	1970-01-20 14:01:16	Name: u Value: qxgrG6sLGPtZVfLNR13P
.creativecdn.com/	1970-01-20 14:01:16	Name: ts Value: 1660540035
.adnxs.com/	1970-01-20 07:25:16	Name: anj Value: dTM7k!M40<EVNsVF']wIg2HaPq1lW.!A#FA(<j<dINiYhTyXnfi8FW/0jM:[23qikk>p.24<9ZG.QF9e^zr_Aos'dU(j'm?-65(u`%l2%phP(21Mhj'<=No28=%-=QE0H2c:$@?E5yait+/0VR[VRf=kW*g0D(pZSSd
.bidswitch.net/	1970-01-20 14:01:16	Name: tuuid Value: fd380b40-9402-454a-a4ab-6d7720463eb8
.bidswitch.net/	1970-01-20 14:01:16	Name: c Value: 1660540036
.bidswitch.net/	1970-01-20 14:01:16	Name: tuuid_lu Value: 1660540036
.liza.ua/	1970-01-20 14:37:16	Name: cto_bundle Value: XFULRF84VzFrbnBuVVVwJTJGM3NjN2Zmc0FCTmh4QVk0UTlOUnhvQ3U1cEViWnBzZ1BrJTJCeUolMkYxd3M4SlElMkZnJTJCQlIwVE55WkluNVE4OXozcVhiaTRkNUdYVFNhbjlxUWpVWGZHeGJ2MnJKV1NOQ3FVNFMxUWk5bGVHbHhZdTZBdHhESjNNSDRrUXpXTmljcHBZb2taS1RncW5aVmhBJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ads.adnuntius.delivery/i?tzo=0&format=json Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20ef741a9f60e2353af7c69df8f8e353.safeframe.googlesyndication.com
ads.adnuntius.delivery
adservice.google.co.uk
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
bidswitch-eu.splicky.com
cdn.admixer.net
cdn.onthe.io
cdn.websitepolicies.io
cm.g.doubleclick.net
creativecdn.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image8.pubmatic.com
inv-nets.admixer.net
liza.ua
m.trafmag.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
prebid-inv-eu.admixer.net
r4---sn-4g5edndz.gvt1.com
redirector.gvt1.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tt.onthe.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
prebid-inv-eu.admixer.net
104.18.18.126
142.250.185.130
142.250.74.194
146.0.227.109
146.0.227.110
168.119.168.202
172.217.16.194
178.250.0.157
178.250.0.165
185.184.8.90
185.89.210.212
188.40.114.52
193.200.65.6
198.47.127.18
2001:4860:4802:32::3
2606:4700:3036::ac43:c9e4
2a00:1450:4001:1a::9
2a00:1450:4001:802::2006
2a00:1450:4001:809::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9b
2a02:2638:1::13
2a02:2638::3
2a03:90c0:e1:2801::254
2a06:98c1:3121::c
2a0c:5c81:5142::2
37.157.3.30
52.58.218.78
95.216.194.18
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
03f841d0ec0a6c43040ff607880051623716dfc3f382f33ba573608080cc8a4d
07dc095a4f2662b8ac45b0bccd1478bc5ea5878b985e598aaa92bb91d4a5637a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f9556f6f0800cf4f0c604a42e70b16ba8c3c9383f83ddcaebb082b338624039
10fb9227e16c6b006b3a2e9279200b060d3ab15e864f0a88bf047cd80c341d03
1101c8541a9a5e28efe3f94d9f54cb131bc5d4c071089c4dd8fc407a5027d164
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cd082c483d44d922c130eb384a16ce1f7fad82fee12df160a4156a720c18c1
15f7714f823505d271c15875ea58f007b7ca00e30d94b0801e5b9847a9dc10f4
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
180ea5f164f121543aae24b07a428ec35ddbc4248163f8045d763bf2f0608931
1c3829e5b6d7ea5d7537fdcdfab6d97fd224c8ba559162e07828240cdb248507
1c542c96d147161d150e19744b304ff91e7a4de6a367b25758648a82dc750bba
1c6d6bb59f19af8f640677213d2ceab91f1500de0c13302377cd29c4fcae86b7
1eae73d23698659f17bbaf4773a3a337dcffe040e2579d93eb25c292cefa29f7
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
25179821050612d6fcbdd008fd9e23828f9c390729f1f5c21933a69639125a9e
25d804f3d5f06692d9a5771ef28e41f06c1741d18a5f84cc0d9d4d8e3b201f0d
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2a62ac10574cc5fbfd559e84d6c0428d8653e086b03b609bbaab9fbd2d0bffcf
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178
32b5de8292ae103abbee25b0067fe44f62cd019d000a8f627a1bd4c28dd0f769
36c52d36bfe978da9595258abc82d96a24447a181d785ae46a08afabbc37d071
38320d49d16beec6164bc0c302be692f76d84b8de98303b845cfba66ffc23aff
39f3ccd2fb06c99b2ee3b1a96d916d348887153f9390af01edd84d93eb5e86f7
3c5b0b139e4a81fd8ffa7bb8890a4cb849722da1fea028b5e6ca4a25ed01d4d1
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
434f4988526417625b24ac88b943d9d7ebbf3337ee9803070b46f7a680d149dd
43fd8d2f21c7f92dc397a0d306957c4c41c6d315c0be529d7bb8e09d8c20bae5
444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0
4887586c3851711806f8ad482854b2f40fa8b8dd423a62275281265ee0d9f132
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fc2ac586e48a4d212acd5cdb772c7b0931cb88419e34c17bf72064489f640d3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54865f285ff76a6406257e7a1d1527cce35607205eaef084786edb842b352dd4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57452f5671046a2b2ab27b1f0f37de03760fb2d5d1569ae2e462f90fcf00551d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6580e57df0931427a26d5cb5bc2192e407696d05040ed366a5a5aa632aed37e4
683118570f09249ac2e586ddeb49b9b4eb88ab82af972a7f1cd4c57346460460
694ba62dae49e2b24665b917a711e727a72b3445aec201d6959839538c23b13c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c43e4e46dd36135dfb3d0cfe94b7b77c6c3dbfb4f50217cfaacf2adb84f0e4f
6e013efa3a2bf524e096c9330d482bf12a28e66faf641db517d03dd64423a2ee
6ea621ae34c08e13f723b65054e625d590e535880485cab60a1511cf1fadc714
70b79e5a81d147e88cf332ac8b8430fb1a55c000050d39207ad23c7ac3b2b713
7475da55a6ebbe0dd9d04c915b8dbbf2acd763551277135f8794e43bf740ceca
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8784c29e4e6e831efe8f94858c09d270429b4b424409073011539d0e2abebb4e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c5534dcedc1d5c021a111ec449dec202cb5959dc5018df884bddfb665080cee
8f6c244eb9cd4e493dec518980f20c7a48e35a475080faf97c0c8aaee2eaae5b
8fcccc8681b308f9e33473f6cc51bf580465edcfb53a72bc8991f6e585a0d009
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a537ab8f3ab7993fd1ad979953885703c755fd8ab105cfeddeec65361a6b927
9d7751dbbb76d3916b9fb602105c88c3656b3a51b68e6c0e7e9c2bc5e8a60168
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690357c8d157ad2a9f188ecdad238c37efbd7508124554e8b7ddf2986cb0188
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa8ee51638e2799b87d850884b135205e48d68fe32880980443345a24a2603ea
aaf5e7b6c3a6d653b802744b7cea549a776e8b87ff302038a626e5cf67e390a9
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
b0f0b7f49feb3e70df7281daab8a35cc6945d00dcadb1253621f7743f627939a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ab73600d7f99088cde8cbeacd3440c4495ecfed6202831aa61633f463ff7e3
b5a3134711dd68e8e191c469b7d865ac956daa818266dc5d9a45ed84bd956933
b66c7519be28ebebc5d650d586169105615b96fc6d4e105688ad309e55fd7467
b969dc1093725598bc03b53fcc09a7ea413980f2731b8910ed0201f6611ca1f4
b9c560385bfa168850ec8c4f34af09d9476080a588668a6c8ab87d62fe9667dd
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bad9221cd6c3bab6a01d8a1b2d491633ade1d43fe41a0b3a33d5ce5524996fa6
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c7c74d46cfcbd5caad31ed8797d356859ec63752016377b5c255e554ddae6e39
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cd50b914eeea21a3f09b7b711420994c8677f8c3db8906844bba93ec11869220
d2cd5a8072aaf75336794ef5451000fd6f8da9b1dca1010ccca3cbb14d1511b0
d3ab77811dbf2c57cdc271430b225745c0722ab1fd60637b42d4a2174b70621b
d4fe92f518caa28f213518b4a62a9b721a22850e0161729bb01fb3b0b507eac1
d9ef9032131f7a47dc913517d02a62c354a15643b7456331a047416db84dc25c
daeae91a41b038dd9873a5b2aabe447b5d140e73df7473c8c2860184f5743942
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e115b10c8d168780ba902296030bc611900176dbcb78d054869966ff9a558c33
e1f47756bae43eafd71349da52885b6df541e410d699ffba0d9df25219bb5157
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c965830f59160ade02c20682723c33623c8fac73da9fea5a0eb7af404f10c
e471860eb90a1bd382a5fd16e989ee6164428bcf2c67c03a393729cc051a8009
e5f2b8f6991a4a57cf3293c080d3eba3e13c2311c8096f7242eb1bc75d0b495d
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e97f2776ffabb5f570807833d06867f6924d51c3b66c592adc1adb722c395414
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
fbb5b5b9f3e90bb9ff355b4b605e8633e3a85e3869aee372f35c38723f731d25
fcff8a1b954f4e36b888924fd063959c59fa3b62bd9b010b3369293879ea0f8d
fdae3f09c7f7037d038f1afb1dfa0fb6a354ce6ab48f786980b33d5c0d8412ab

liza.ua Open in urlscan Pro 2a06:98c1:3121::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

93 %HTTPS

56 %IPv6

29 Domains

44 Subdomains

37 IPs

11 Countries

2823 kBTransfer

4851 kBSize

37 Cookies

22 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

liza.ua Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

93 %
HTTPS

56 %
IPv6

29
Domains

44
Subdomains

37
IPs

11
Countries

2823 kB
Transfer

4851 kB
Size

37
Cookies

136 HTTP transactions
10 data transactions