gumoreska.in.ua Open in urlscan Pro
77.83.100.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gumoreska.in.ua/
Effective URL:
https://gumoreska.in.ua/
Submission: On September 24 via api (September 24th 2022, 11:46:32 am UTC) from GB — Scanned from GB

Summary HTTP 156 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 10 countries across 23 domains to perform 156 HTTP transactions. The main IP is 77.83.100.33, located in Warsaw, Poland and belongs to ATMAN-OFFICE-INTERNET-AS ATMAN, PL. The main domain is gumoreska.in.ua.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 17th 2022. Valid for: a year.

This is the only time gumoreska.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	77.83.100.33 77.83.100.33	24723 (ATMAN-OFF...) (ATMAN-OFFICE-INTERNET-AS ATMAN)
2 2	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
27	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9d	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:81e::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.102.157 142.250.102.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:1b::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4 10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
3 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	35.157.16.92 35.157.16.92	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311	16509 (AMAZON-02) (AMAZON-02)
156	30

11 77.83.100.33 (Warsaw, Poland) 1 redirects

ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL)
PTR: pl-rocket-da1.hostsila.org

gumoreska.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.180.12.68 (Vienna, Austria) 2 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:80e::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81e::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.102.157 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:1b::7 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r2---sn-aigzrnsz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.16.92 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-16-92.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.7.201.234 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142 ade.googlesyndication.com — Cisco Umbrella Rank: 288	544 KB
31	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 bid.g.doubleclick.net — Cisco Umbrella Rank: 428 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	193 KB
15	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	139 KB
14	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 955 r2---sn-aigzrnsz.c.2mdn.net — Cisco Umbrella Rank: 121724 s0.2mdn.net — Cisco Umbrella Rank: 271	2 MB
11	gumoreska.in.ua 1 redirects gumoreska.in.ua	396 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 imasdk.googleapis.com — Cisco Umbrella Rank: 424	131 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	175 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	162 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1728	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 561	566 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5376	914 B
2	shortpixel.ai 2 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 18342	1 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1423	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	460 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 638	762 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1020	463 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649	163 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	647 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
156	23

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
27	pagead2.googlesyndication.com	gumoreska.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
16	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net gumoreska.in.ua
11	s0.2mdn.net	gumoreska.in.ua s0.2mdn.net
11	gumoreska.in.ua	1 redirects gumoreska.in.ua
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	gumoreska.in.ua googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	googleads4.g.doubleclick.net	gumoreska.in.ua
3	ade.googlesyndication.com
3	www.googletagmanager.com	gumoreska.in.ua www.googletagmanager.com
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	r2---sn-aigzrnsz.c.2mdn.net	gumoreska.in.ua
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	sp-ao.shortpixel.ai	2 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rtb-csync.smartadserver.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
156	36

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
pinterest.com
telegram.me
vk.com
api.whatsapp.com
www.pinterest.com

Subject Issuer	Validity	Valid
gumoreska.in.ua Certum Domain Validation CA SHA2	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-13` - `2022-11-22`	2 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://gumoreska.in.ua/
Frame ID: 5B383822F458B67DF9A173C41BB65909
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: FC558DA066528A23D66B411D2232F155
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1664018312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987250&bpp=2&bdt=349&idt=256&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3062071250927&frm=20&pv=2&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270
Frame ID: DF3618F773466F4F12B5EAEA14D6CF4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=2571114240&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987252&bpp=2&bdt=351&idt=272&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LqZrXNfb0u&p=https%3A//gumoreska.in.ua&dtd=276
Frame ID: 74A2FA7530D9673BF3DE7E5E998F3EFD
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=1991965095&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987254&bpp=1&bdt=353&idt=277&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BLZ5wGQWd8&p=https%3A//gumoreska.in.ua&dtd=280
Frame ID: 077D59141EC76BB94E18849260764059
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287
Frame ID: 2B95D608E2C7E7159410F93F9A571037
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
Frame ID: B081C860C024209A857C73384D9AA154
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Frame ID: 6156BAFA9EA9BB15AA42160AEFA7BA41
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 469F38D8F38B703721A79C840F862E0C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Frame ID: DA05F78A60EE5466A17D8D78D271557D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287
Frame ID: FB74ECA95541818754C3709EF12513D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Frame ID: 96FC424036F7ABD486E96A99A8011C8F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7B4D964E4568066C1CBAE005ACACF0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7DB9B27579615B20B2C00A3708255CB0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY44vVvQEwAQ&v=APEucNW5iI0Oxkao-G1FS_KykqnCFaHL3Hpip7mRHfRMHmj6f0xQtFuWo3JrWraEniGt8rUivrrwDZkrmE3F3YT4c7Rl_8PzWzxgnBSTjbWmcnGvrtAQyKbCI9JQjTU33iwwEkqnGJo_kCrys4Nh9KYjcS0repNzEAdz40fHztOHRKmyM6-KSzs
Frame ID: D5EFC3888ED61147917570FDA77520FD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BV27wbN41Y68tKI7TrfU9riyLfMRUXrkv_gLzMNdyO8YbKfyVI15twTyb6KUHRPNvX3kXHpDKkXGQR9nxUSDa9csW5Dg&cry=1&dbm_d=AKAmf-DRfgIHeblENHFSXylb5zcnHCoZ8N7L_oL4Bt9P3RPJ-N4qrbQr13GrL6foo2hLi1d55TN2ZZJf3Aduh159st9RgvxYwN3OM5AAixucq-JshNvioSgnlNFqwhRN-MPH9m-O6wnzQ0sobUOYYJzodqDuX5E4HiKDv_Xi5_V8WJcwD4uxIJ_Wb1Pr1RWR3NiY4hOhYQ9ZHTGr0xICBwm7elX9xnThbYkKnr_gTwcw3THz8rq8oGN53Nh2OT3bIKiVIObBaAwLlAV5v0oxlGbPsJOJTqvA2zYax0iLzYlAq4kwgmhQlbFEz4bKGYRgUn3yA9ZyLyeaVgtFj8Hoii9wY6T7nomRKMf-UUQr4axxkLvDQHoHm_ITaxg2EjcFpWdDJQ5e3xFBpLfXYGQ9GTd3JP8H5oc6LiDgSP5BJd0zrSB_nPOOEEOs9rBP9kWUWHogjQdMVHkAS9oOXk-hFlCJOIH4RXhqfdGtg27a5xokXkEaMHalAyR3PEUoti9phbJEODTNF0lPKLe2DyQCfwSOxAdXmt3dLWjTtWqnO9w7d-hUfHZXWBf1cMVvOD8ACoShKs1eUuT9W4gmb_U9SlSr75OBtXljFtBrM4G7IZyY8p-gm3BZarSUtibr6B900hKG5M5PFentlOqliiEOIfru903PYmoBHmsyOiClcjX-4CqiFOkOcdkeF4RgrlbJ-9U3l7mtXXpc4PGffeyy9VrTDzTex-2htwBX2YuXBmCzQ_y2UtoZGGNbNEU2V_bcg0YX7It0BxNoVbPUOuNX9im5_XwqzvWlJ-B0-wsxbXg529Uu5iCNWpCUS2XtkuaWQ8ygf9fwgvKKpQpzAFB8TfqTGbcozwFzLJfgbxsRLYHLansufnYNb-C2nFrTz9v_TjAee8r2kX9bnCm84vE01wcf-ycvWfSCU7MhqRr32L84jkIx4o0Zn_nn3E8kxLqQDf9cUL0GkLAqkFrxQtOa5N52YibihWimqQm8lgkdM2FFP4peWx0Sb4BUGNGQwvyDH9rCbB7pdS7828MZ7ZEXykWpuzbaHsfoTOC0vyMMNOcvj7MNb3JnBG6NWE6NcI21riq8hcPRUf9tHMpocF3L6RAKyy0fdXb3k6cuOhNU0cOipBvJfWX1_rFtYUZQ095FSlBgOkuuYMdOw71GcuVTWbxgJqwgipFOhPPT1fCmrQnX_7CpA5IcNJ5MNUOfr8sUvgm2ztrQJ3SeZV2dpv8T2wxUi_X962LeyqZ7EceWg-D0NcOCLYWdb362fJ2tbK6LWfgKeDxGn9LujVDMQpcuFCr6z7idUFmJEfrbkWWkHY9uVR5tEZ7WZI0tXzJzSv3ANaKTOsu8gwQvnK8XpTBTyEvclX7VazN5Dij4erqzVjootj6Mugk9a8Xrd19eZtk06_4WwkCBaBM-bkp1C5AMYG-1jPdwph5hupxBdFetn6swak9TfwjbWAUpxrgZwzahzpxqwusggEVFVC6aBUX3UJPjYEuDogsFIag-tbB5EymPnBi9eVm6jxOWK5gzVlDkoUhusTacH7mk3eYYNL7sQyRu9Yb4B6meyNw1F2xvhL9PTG6YjNoWkGrRTzKBhzeOGM1j9G56-FjZaZjuUol0eeKIoMWdumnbfc3_xnWRsMkRDmXukaB97433hAX543KAsjgGmnnxHh1moX-7-70BBeyoEkDyLR416vAyDBS2e1FV68ispUBIkskMmfsb0qkKXDuX6OzmjMNJ5OD4uIImiPi8cb1r9Lai-D3LhIn7_sgAjePj2ZWDwUc8T6YjB2v_d14mvgsTztxqwiBA9fPjKC13If5rshXslmJn68nudNML2eXJzR__8uFAEV1cGTjiMoyMX2f5ejXDfyzWXq1HpKNeZjZRra3_aZ6CeCnLN6H7zM79a1qXbB7wkk6Wm8J7cl7F9w3JXKYnpHLM5Vt13TtcGy7hX480ivebxJ0ulrmDp6ksYCRrkJFziyMKLGbQ_ICY0iZgxW_mGZ16n2P8MfMcd7NyqQZ58XaoquEjk74Oo7ogg1vMYB-1VfWl6kqYXXNPBi8I4khTcusHNs2HUW0fJJHxj2zFJe4vB3wVBR29b_xuYea3NjWKTG7pQOSNaBH6-MvvzqxbWWSNZdqZRtIKAYBa-RzoQ4PreqdbkwSYA8zXgKD9siilea2A196P9-Hh6OCnXgqCQF-jaVz6xP1PEJX9BJTrRdplCuNRfkHZtYTERe_RWHMTin3Q0mqw4KLp17-xM6Ce_ge8LUXmM6AnVIXi5DFKH1ATOQEU4WT1XetbKhVjroY3BYvZcB12pBWw23KcGkt-ppAhJf5QPFnLYGxMllchbCmSqtYYrHId7ikRSq4mtBAZHHFNU_qIAvqe3wvEXFN7TBKkZJxFPdLckoLjga-ce9z6naelEkzxV1YwqfXaBhUvtGT2ltI6VBU9h0kAyTputDw4FQ4qhYYE6NAnSvsPqayL_YV7Sl3mkt5hCZGW-LtJJ48X7QpmcOij2hsA2KlBLfpfI3ztHBUdYRIsXWDhag5Dc7VybRRXziWNBjT-E-c2jpSNalLpbkB6zKMYpzdHig5eN1imf2MpMHZlBWPHOSbeGP8sMfyLIz4cHHo6_W6riUwBeaeaLM-cIoVvBNpSX5Nbmi7fXSW_YTS1f_NGbn414biCCmeHJX7y8Chg0ZNVdPYKwG4ykTvgIf8cRwUsEqQSA8IDC2LBeRxaw5BezuxW2HstgioCy5If9cO1O0Xe6L9WGp1etUIBs9wXPGqgCpF7hLj6LKaK43bb2UQ7pLMUw_7EmKVxPGfSoyenv5ix5wSWtaN1mUyt75nPbChMFSL3nYZe7FTX97on0W4zavKYs6ZkXAKvtYdeqoIvzk-jGQRECBTBe8dYCGFJXgjFgJF_5gm3kfdaiOyI9SsSSwW3TqIfyejYAjPJpQaMrdREeavZgyoA-YXR8nnjfwhWLXjeIbutV0Z4YXCKMabH5C3QldhheYztrl_xJOEEUKcRGrp3aPOSWcFBe6fFfZk7mnzve5RpPHtrOwm2Vf0M9KvrUMaDekvXqt9FuEaxdbGycCRgr2qMTBxEnbHAkCwdwqrqbQfKhHyfl58Hw0rFVSK8QmV5Ax9J6Fzo1kqL3ND7QbdALUsZM13fAN6wQTrUJXzcokHmwvweNKR-pohFDlYe9d_PuEUOofeO4Rq_p6-Mk_zJfBgKuAhxm0KwLkyFmqk2eWxPV5HzmnAdg8ua9f3RbOobJ3d7lO0fKhRttG93MXeUCGNKDYFhpeds9EBGkE3CTCS0Kllo252tM-qKT9GqDz1-wVvpLQx1LpOLCw3DWg8AF5jKQcVqV5pmrk0z4GwBV3JCrpkHdnZH09qq_czQ3TmX24LxuX-S5G-vgFRmkpxuG2GrfUllMsmNeCi64vUPXtKJ20taaHKGS1yif0D6oyV0I68jVWMrOStT-QpEnur6oO2WRztFC0dTfR7wN4mk_gaEjH10vTULVQlrfPUbkYwjQOHM_wEPk5e2FBTfusT_qCi2Rv8-cyM5JUCA&cid=CAASEuRo9ZTQ7nkI4rtNg13ptbSfeA&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Frame ID: B5281252801488515EE59A71A012F478
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E236A7C64E3FC3098D8A03B4F1E796A1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AAE3FCE2D59318B066299D235908B7B6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
Frame ID: 6D0361B2235375894BB00A1F4F3E9936
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Онлайн бібліотека Gumoreska

Page URL History Show full URLs

http://gumoreska.in.ua/ HTTP 301
https://gumoreska.in.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

156
Requests

89 %
HTTPS

63 %
IPv6

23
Domains

36
Subdomains

30
IPs

10
Countries

3886 kB
Transfer

7193 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://gumoreska.in.ua/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/link/?url=https://gumoreska.in.ua/&media=&description=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD+%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0+Gumoreska+%28%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B0%29

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://gumoreska.in.ua/&text=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD+%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0+Gumoreska+%28%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B0%29

Search URL Search Domain Scan URL

URL: http://vk.com/share.php?url=https://gumoreska.in.ua/&title=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD+%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0+Gumoreska+%28%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B0%29&comment=%D0%9E%D0%BD%D0%BE%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F%3A+%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%C2%A0%D0%9F%D0%B0%D0%B2%D0%BB%D0%BE+%D0%93%D0%BB%D0%B0%D0%B7%D0%BE%D0%B2%D0%B8%D0%B9+%26%238211%3B%C2%A0%D0%91%D1%96%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D1%96%D1%8F+%26%238211%3B%C2%A0%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%D0%BF%D1%80%D0%BE+%D0%BA%D1%83%D0%BC%D1%96%D0%B2+%26%238211%3B%C2%A0%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%D0%BF%D1%80%D0%BE+%D0%B6%D1%96%D0%BD%D0%BE%D0%BA+%26%238211%3B%C2%A0%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%D0%B4%D0%BB%D1%8F+%D0%B4%D1%96%D1%82%D0%B5%D0%B9+%C2%A0%D0%9E%D1%81%D1%82%D0%B0%D0%BF+%D0%92%D0%B8%D1%88%D0%BD%D1%8F+%26%238211%3B%C2%A0%D0%91%D1%96%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D1%96%D1%8F+%26%238211%3B%C2%A0%D0%9C%D0%B8%D1%81%D0%BB%D0%B8%D0%B2%D1%81%D1%8C%D0%BA%D1%96+%D1%83%D1%81%D0%BC%D1%96%D1%88%D0%BA%D0%B8+%C2%A0%D0%9F%D0%B5%D1%82%D1%80%D0%BE+%D0%A0%D0%B5%D0%B1%D1%80%D0%BE+%26%238211%3B%C2%A0%D0%91%D1%96%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D1%96%D1%8F+%26%238211%3B%C2%A0%D0%9A%D0%BE%D0%B7%D0%B0%D1%86%D1%8C%D0%BA%D1%96+%D0%B6%D0%B0%D1%80%D1%82%D0%B8+%D0%92%D1%96%D1%80%D1%88%D0%BE%D0%B2%D0%B0%D0%BD%D1%96...

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://gumoreska.in.ua/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gumoreskaua
Title: Facebook Підписуйтесь на мене!

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/gumoreskainua/
Title: Pinterest Закріпіть його!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gumoreska.in.ua/ HTTP 301
https://gumoreska.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png HTTP 302
https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png

Request Chain 3

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg HTTP 302
https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg

Request Chain 82

https://gcdn.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/3B355A94894B98AEBE9892F9E71599BD12083603.86EC8FE698638D7F4E1D2C563294E8DBAA4CCEDD/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-aigzrnsz.c.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/241FE86DDF6DBCD8B181F495F939FC86C33BBC46.45E650B2F75E190A86ACF8B016F2A527082BB5B9/key/cms1/cms_redirect/yes/mh/zF/mip/2001:ac8:21:e::6/mm/42/mn/sn-aigzrnsz/ms/onc/mt/1664019652/mv/m/mvi/2/pl/48/file/file.mp4

Request Chain 107

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRCit6ICGPSfoq4BIAEwAQ&v=APEucNXc0vq78-k_sCW_bB4B9UYwKtw0GYDEe7mBmX22ME_xWerVkJAKAiWyQFF21WZ7yKI6VdvcZAa-6auUfcLaepomwzAZDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBp62peUDG7jJakMAaeN0B4&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1&C=1

Request Chain 123

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy7uFe2mgud6bKgN2bwr7wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5nNia_TDqQSnf_GTDCBs4&google_cver=1

Request Chain 125

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwMDQ0ODYxNTEzMDI5MDMwMw%3D%3D

Request Chain 134

https://d.agkn.com/pixel/2175/?google_gid=CAESEL6wgKuNX7f-tIXRlNJe0Qk&google_cver=1&google_push=AZmPxg8bau06d1ivJ9FVbCyCLJAoT3hLQwKaKnZlYcIJ9t02SfjxWnw_Z_HpbC7P3GUtgvP9l5SXP7TIFGCJtj-m-KyEFCL1MAs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8bau06d1ivJ9FVbCyCLJAoT3hLQwKaKnZlYcIJ9t02SfjxWnw_Z_HpbC7P3GUtgvP9l5SXP7TIFGCJtj-m-KyEFCL1MAs&google_hm=Q0FFU0VMNndnS3VOWDdmLXRJWFJsTkplMFFr

Request Chain 135

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg91j3H6eNLP8vulf4p8KWT6NWwEsn56_8ks3arEHaAgMu7iSxJEyUFq__WeXH67kqgm0YKuIVfksk9Dw3yGnTdzdxhP&google_gid=CAESEE_E0GDa-0wDJK2DSWtISaU&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJXcu5kGEgUI6AcQAEIASmxnb29nbGVfcHVzaD1BWm1QeGc5MWozSDZlTkxQOHZ1bGY0cDhLV1Q2Tld3RXNuNTZfOGtzM2FyRUhhQWdNdTdpU3hKRXlVRnFfX1dlWEg2N2txZ20wWUt1SVZma3NrOUR3M3lHblRkemR4aFA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbWMtWEEzTlBOZmREeFNFajY4RFRLcUFmRVZfTmhWQzBLdlE5bWdxcmFzQQ==&google_push

Request Chain 136

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-mUicCfL5K7D2437alXzPPBNzl-PUiexGSmatMd5VQzlkBuIproMH5Sq2VEAPS07BXPq0_Bz6DOedDvEV2fxjy1cSkYvI&google_gid=CAESEHeazL3DSXbhS2coR8CcEMU&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-mUicCfL5K7D2437alXzPPBNzl-PUiexGSmatMd5VQzlkBuIproMH5Sq2VEAPS07BXPq0_Bz6DOedDvEV2fxjy1cSkYvI&google_gid=CAESEHeazL3DSXbhS2coR8CcEMU&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjQxMTQ2MzEwMDAxODE2NzQyMTU4Ng%3D%3D&google_push=AZmPxg-mUicCfL5K7D2437alXzPPBNzl-PUiexGSmatMd5VQzlkBuIproMH5Sq2VEAPS07BXPq0_Bz6DOedDvEV2fxjy1cSkYvI

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDe2PEnsmgbiP5aLeeICW1Q&google_cver=1&google_push=AZmPxg8yC2sliyF5gDjyKaJO9-GdDjgDUf0JmH3kfYWKfj6bWVDMaIYAI-qEO4JxKm064j_MHOGC9kO_rOhCTw4twrGLWU-6Awg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhGVUpEV1ItMTAtRVRCWQ==&google_push=AZmPxg8yC2sliyF5gDjyKaJO9-GdDjgDUf0JmH3kfYWKfj6bWVDMaIYAI-qEO4JxKm064j_MHOGC9kO_rOhCTw4twrGLWU-6Awg

156 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gumoreska.in.ua/
Redirect Chain

http://gumoreska.in.ua/
https://gumoreska.in.ua/

400 KB
64 KB

420ms
213ms

Document
text/html

77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to

Full URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 8e8fc2b6d306720c642b84b803fc6babfa1c7715abb6aa6029fd38deb84430ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-length: 65543
content-type: text/html
date: Sat, 24 Sep 2022 11:46:26 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Sat, 24 Sep 2022 11:18:32 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Sat, 24 Sep 2022 11:46:26 GMT
location: https://gumoreska.in.ua/
server: LiteSpeed
vary: User-Agent

GET
H2 200 fontawesome-webfont.woff2
gumoreska.in.ua/wp-content/themes/veen/assets/fonts/ 75 KB
76 KB 100ms
100ms Font
application/font-woff2 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to

Full URL: https://gumoreska.in.ua/wp-content/themes/veen/assets/fonts/fontawesome-webfont.woff2
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://gumoreska.in.ua/
Origin: https://gumoreska.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
last-modified: Thu, 20 Aug 2020 18:28:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/font-woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 77160
expires: max-age=A10368000, public

GET
H3

200

logo-g-165.png
gumoreska.in.ua/wp-content/uploads/2022/08/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png

12 KB
12 KB

75ms
74ms

Image
image/png

77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H3
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 67ec803f11712200df40e8457e9ffba669110709706bb9745671956fd1aa9494

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
last-modified: Wed, 03 Aug 2022 06:32:10 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12178
expires: max-age=A10368000, public

Redirect headers

date: Sat, 24 Sep 2022 11:46:27 GMT
cdn-edgestorageid: 731
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/24/2022 04:53:42
cdn-pullzone: 257218
cdn-tag: 0; Domain: gumoreska.in.ua; 302
content-length: 0
server: BunnyCDN-AT-731
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://gumoreska.in.ua/wp-content/uploads/2022/08/logo-g-165.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: b1761cf7dc2e60c805917732b1776478
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 149ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e82757f81892467f14842df06fb6ca9350886391b823f1f5d86782db25e15304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Origin: https://gumoreska.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57882
x-xss-protection: 0
server: cafe
etag: 6189277248884702777
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 11:46:27 GMT

GET
H3

200

kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
gumoreska.in.ua/wp-content/uploads/2022/09/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_525,h_350/https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg

65 KB
65 KB

77ms
76ms

Image
image/jpeg

77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H3
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: bbfba9ecde14a323dfdf4f304b68ca3e9db35a8025a5859b49abfde256becc69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
last-modified: Tue, 13 Sep 2022 11:06:58 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 66960
expires: max-age=A10368000, public

Redirect headers

date: Sat, 24 Sep 2022 11:46:27 GMT
cdn-edgestorageid: 731
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 09/23/2022 12:00:37
cdn-pullzone: 257218
cdn-tag: 0; Domain: gumoreska.in.ua; 302
content-length: 0
server: BunnyCDN-AT-731
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://gumoreska.in.ua/wp-content/uploads/2022/09/kartynky-pryvitannya-z-dnem-narodzhennya-slide.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: fc749682f39fc2d5d733d45bb75da3a7
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 dg9pj.css
gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/ 30 KB
6 KB 189ms
189ms Stylesheet
text/css 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/dg9pj.css
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: br
last-modified: Wed, 17 Aug 2022 05:35:47 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 6546
expires: max-age=A10368000, public

GET
H2 200 dg9pj.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/ 87 KB
30 KB 188ms
188ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/dg9pj.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: br
last-modified: Wed, 17 Aug 2022 05:35:47 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 30223
expires: max-age=A10368000, public

GET
H2 200 a4f6n.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/77f0ybvm/ 294 KB
78 KB 189ms
189ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/77f0ybvm/a4f6n.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: c73fc04a027202a60174fa7ce3cf283ad3c91f59f613889f9a4c52a71988191a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 05:33:53 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 79365
expires: max-age=A10368000, public

GET
H2 200 inactive.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 238 B
305 B 244ms
244ms Image
image/svg+xml 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
last-modified: Fri, 12 Aug 2022 12:52:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 238
expires: max-age=A10368000, public

GET
H2 200 active.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 246 B
278 B 245ms
244ms Image
image/svg+xml 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
last-modified: Fri, 12 Aug 2022 12:52:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 246
expires: max-age=A10368000, public

GET
H2 200 fontawesome-webfont.woff
gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/ 64 KB
64 KB 143ms
143ms Font
x-font/woff 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Show headers Download Go to

Full URL: https://gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://gumoreska.in.ua/
Origin: https://gumoreska.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
last-modified: Mon, 25 Mar 2019 16:54:20 GMT
server: LiteSpeed
vary: User-Agent
content-type: x-font/woff
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 65452
expires: max-age=A10368000, public

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ 348 KB
123 KB 153ms
69ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31069830

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b791b2c415915ea1b5fca842a48ac621c392de38e98cd6263b1ab1b6c9454256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125798
x-xss-protection: 0
server: cafe
etag: 9707634279398458374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 11:46:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame FC55 10 KB
5 KB 183ms
53ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 46748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 22:47:19 GMT
etag: 9671129459699598864
expires: Fri, 07 Oct 2022 22:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
46 KB 210ms
82ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/77f0ybvm/a4f6n.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac9e70f95868827a38a7a27684db2762b8e2b4dc98219213717eace07a75e66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47092
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Sep 2022 11:46:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 147ms
58ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans&display=swap

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 11:46:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 24 Sep 2022 11:46:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Sep 2022 11:46:27 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 138ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gumoreska.in.ua&callback=_gfp_s_&client=ca-pub-9735848914219258

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua&bust=31069830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

276c60e4e89665f798b675b425f5aa40942faf13217ffbff48dc68c8d8a73051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 140ms
50ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 139ms
49ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF36 112 KB
36 KB 727ms
619ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1664018312&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987250&bpp=2&bdt=349&idt=256&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3062071250927&frm=20&pv=2&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e508fa800971d809f00bf148108afb3a227db75a599c2ada14f4e44184ed9dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36327
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:46:28 GMT
expires: Sat, 24 Sep 2022 11:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74A2 99 KB
33 KB 690ms
590ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=2571114240&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987252&bpp=2&bdt=351&idt=272&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LqZrXNfb0u&p=https%3A//gumoreska.in.ua&dtd=276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b6cca2fdf07a53ed4e6f113ce70de874275cfe6b54c8b61d3ee9fd4bfc8aaf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33908
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:46:28 GMT
expires: Sat, 24 Sep 2022 11:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 077D 73 KB
23 KB 492ms
397ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=1991965095&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987254&bpp=1&bdt=353&idt=277&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BLZ5wGQWd8&p=https%3A//gumoreska.in.ua&dtd=280

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d41ca32f2494913c3a3288f8f23e8e8359f94de1fe46e8695246b9826d207592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:46:27 GMT
expires: Sat, 24 Sep 2022 11:46:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B95 84 KB
30 KB 630ms
543ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9c6a4ee8749d09bd48da6e0253ebba2c87e5d223dfa1ff0bebf577f4fc123dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30917
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:46:28 GMT
expires: Sat, 24 Sep 2022 11:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 192ms
83ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131431071-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d6c97670cb16f85488af8027610694f916875c5f55af235aa379872405d0fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43303
x-xss-protection: 0
expires: Sat, 24 Sep 2022 11:46:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 91ms
91ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66b202f286f6566a5c00a5e97a3c87ac805ba2ab0396485ad529b3d6b7fb75d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74530
x-xss-protection: 0
expires: Sat, 24 Sep 2022 11:46:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 183ms
53ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4735
date: Sat, 24 Sep 2022 10:27:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sat, 24 Sep 2022 12:27:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 114ms
43ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XD2CSE5HNH&gtm=2oe9l0&_p=949924652&cid=68445269.1664019988&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664019988&sct=1&seg=0&dl=https%3A%2F%2Fgumoreska.in.ua%2F&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gumoreska.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 077D 23 KB
9 KB 134ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=1991965095&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987254&bpp=1&bdt=353&idt=277&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BLZ5wGQWd8&p=https%3A//gumoreska.in.ua&dtd=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 077D 8 KB
716 B 133ms
52ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 10:29:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 24 Sep 2022 11:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/ Frame 077D 14 KB
3 KB 197ms
54ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 10:43:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 14:11:22 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/ Frame 077D 358 KB
124 KB 198ms
55ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2fb2f53f28ddfc9fe690f62f03a79f9a8cda371bb1dc025b02495bc61d2966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 10:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126708
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 10:43:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 10:50:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 077D 17 KB
8 KB 125ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 185ms
74ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=949924652&t=pageview&_s=1&dl=https%3A%2F%2Fgumoreska.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2137266936&gjid=1667006141&cid=68445269.1664019988&tid=UA-131431071-1&_gid=1295804044.1664019988&_r=1&gtm=2ou9l0&z=1999827650

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumoreska.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gumoreska.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2B95 6 KB
672 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 11:25:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 24 Sep 2022 11:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 2B95 2 KB
902 B 125ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:44:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2B95 0
0 99ms
99ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5RiME-4uY6WAKoPMYdKCm8gM1ZbwyWytw6vEjRDguZWYQxABIKWvh29gu4aAgNAKoAHB_MLgKMgBCakCdk4CNshAsD6oAwHIA8sEqgTNAU_QcmZAGUzu1whJfJ78WPdkimIrsfD-02p0pDIUCYXytF1vzT6eMaaCMGHddC4k2bQeHkl4IBn8hbbohrosvVotLhEhSU6xoQdE7i7aKmBiOXWGPl4oCp7VViyD1lB3Gl9O6s9358mUnirNHrjp9plM5FuirrYLXZEZHMgIY83_MoJ6jHmygt-nR8e6yeoPZ12ITLdZ0qgmHoCtlUwVKjQnmO_8H4u78WnmMctRrRYYzpxdSqiTOXnei_qzxD2-MsWgMiQa_yt8jy7bjSrABOnwr6f-A5IFBAgEGAGSBQQIBRgEoAYugAfBtJPAA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOGgF9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBogwIKgYKBPmesQK4E-QD2BMNiBQC0BUBgBcBshccChoIABIUcHViLTk3MzU4NDg5MTQyMTkyNTgYAA&sigh=mqvJ6_k8tXk&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Sep 2022 11:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 2B95 23 KB
9 KB 131ms
48ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 2B95 3 KB
1 KB 161ms
79ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:42:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 2B95 17 KB
7 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B95 140 KB
44 KB 317ms
175ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H2 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 2B95 33 KB
13 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 08:57:31 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12267111457477755324/ Frame 2B95 8 KB
8 KB 146ms
71ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12267111457477755324/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4d9e7ed54d527a9e200b0d8a5949ae177ccd4cceeb5598e89f7a74c00dee3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 19:01:33 GMT
x-content-type-options: nosniff
age: 578695
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8400
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:32:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Sep 2023 19:01:33 GMT

GET
DATA 200
OK truncated
/ Frame 2B95 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 13f3f09bfb49b566c7b639b7608c1c0e.js Show response
www.gstatic.com/mysidia/ Frame 74A2 10 KB
5 KB 97ms
40ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/13f3f09bfb49b566c7b639b7608c1c0e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=2571114240&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987252&bpp=2&bdt=351&idt=272&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LqZrXNfb0u&p=https%3A//gumoreska.in.ua&dtd=276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4281
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 11:21:15 GMT

GET
H2 200 254e5c345a803564ee8bf4c2c62aca26.js Show response
www.gstatic.com/mysidia/ Frame 74A2 18 KB
8 KB 135ms
79ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/254e5c345a803564ee8bf4c2c62aca26.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94de8e2a292922489a6a57e56a9501ba6e0b0da301e6321c80dbcc113599701b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7669
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 11:21:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 74A2 8 KB
895 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 10:02:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 24 Sep 2022 11:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 74A2 2 KB
902 B 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:44:30 GMT

GET
H2 200 d6c3547abf75441939dee8add116a9f2.js Show response
www.gstatic.com/mysidia/ Frame 74A2 6 KB
2 KB 95ms
52ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6c3547abf75441939dee8add116a9f2.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21c893a6d9b5ca0d3be8b4ba659493c68cb870a63a4ee84ec8c4d9e30ae6bcd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2241
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 20:14:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 21:59:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 74A2 23 KB
9 KB 67ms
55ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 74A2 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:42:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 74A2 17 KB
7 KB 77ms
65ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74A2 140 KB
44 KB 232ms
162ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 74A2 33 KB
13 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 08:57:31 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 127ms
39ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-131431071-1&cid=68445269.1664019988&jid=2137266936&gjid=1667006141&_gid=1295804044.1664019988&_u=YADAAUAAAAAAAC~&z=81918258

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumoreska.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Sep 2022 11:46:28 GMT
content-type: text/plain
access-control-allow-origin: https://gumoreska.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ 149 KB
53 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/reactive_library_fy2021.js?bust=31069830

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8653ddc973fe38430a5e51d5118a779a0466c23da5f6ffcc82ca2a82352ffc20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54568
x-xss-protection: 0
server: cafe
etag: 8731584915889498843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
DATA 200
OK truncated
/ Frame 2B95 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc0556eae68e3f5be0b9cfb19901f0f151f82bdd15fc0f2eea23d57a19e4cf2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 186ms
77ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/ Frame B081 10 KB
4 KB 54ms
54ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 05:16:07 GMT
etag: 9671129459699598864
expires: Sat, 08 Oct 2022 05:16:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 077D 0
54 B 815ms
279ms Ping
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l8fujcfy&c=7339994931650&slotId=3669997465825&qqid=CPWlj8KtrfoCFTAIogMdtcIIIQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 077D 9 KB
10 KB 128ms
41ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 400605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 077D 15 KB
15 KB 130ms
46ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 186277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 08:01:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 077D 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CIp1vE-4uY7XQKbCQiM0PtYWjiAKPsuiHbMiEgLjcEPAuEAEgpa-Hb2C7hoCA0ArIAQWpAkz3zoOgN7I-qAMByAObBKoE7wFP0GnoG59BSBZ4sOdGiQCiVGFCRLNMP8GytrPvyy0RgkJ2sxdfmlQNdOtL75ew3HvEZtxW6LVT6rZBJ42xHDM7fLoiL96RiQNS6Kub2SVP9xpMUNPs6sFwLCH-Gxwjm9ozz9G6eh7LcwHMo4p0Ql9YhMkZGK7mRsBj35DucBC-rZ7CIbF3yK0RXdNuE9eqEoD_RNN3wUhRd2vwaHNHb3d8zfcOaQEs4yNyeKuEJ-U-LgToSRSt8xuJ0AtuLvyNW9ThkseMU-rCMuMGlZpxFMh1Aq3P4_gi1FcSiBevRX1FWJgPmSX96xXSz9_QCYttQMAE-KGDxqQE4AQDkAYBoAZ2gAeh68akAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbAT6Z-lENATANgTA4gUoRjYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1664019988423&ai=CIp1vE-4uY7XQKbCQiM0PtYWjiAKPsuiHbMiEgLjcEPAuEAEgpa-Hb2C7hoCA0ArIAQWpAkz3zoOgN7I-qAMByAObBKoE7wFP0GnoG59BSBZ4sOdGiQCiVGFCRLNMP8GytrPvyy0RgkJ2sxdfmlQNdOtL75ew3HvEZtxW6LVT6rZBJ42xHDM7fLoiL96RiQNS6Kub2SVP9xpMUNPs6sFwLCH-Gxwjm9ozz9G6eh7LcwHMo4p0Ql9YhMkZGK7mRsBj35DucBC-rZ7CIbF3yK0RXdNuE9eqEoD_RNN3wUhRd2vwaHNHb3d8zfcOaQEs4yNyeKuEJ-U-LgToSRSt8xuJ0AtuLvyNW9ThkseMU-rCMuMGlZpxFMh1Aq3P4_gi1FcSiBevRX1FWJgPmSX96xXSz9_QCYttQMAE-KGDxqQE4AQDkAYBoAZ2gAeh68akAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbAT6Z-lENATANgTA4gUoRjYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 077D 29 KB
16 KB 170ms
75ms XHR
text/xml 142.250.102.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CrHIKxGwps0nrfhvEq1crl7cVXV6Sp5_6N7KFKSIlMb5E42ThKiK5ON9K7S-dRBjuzMf-6orLgMhqUQalh1w0RzIWYwQ&cry=1&dbm_d=AKAmf-DCKrxug5PYgWApLY0VJUp4bVpCx6JVtEYmQbzRU5-GZ-2Yah71rr3c8YXDrCL-0-zM9GXOCGLnP6ELg-4NCelXvmOKnqWUqgWT8Fwr-ouZk-MVnyZVRjMlrIblaErGzqo5k00e_Zw52GMES5ezVj-28iz-i_ETu7_DP6DBDVdIQcxNDMpTYHcjZ9pYZmkuAT_0Dmcm8HYoV_1pHvU-ujO_DrwK8TK-VSmjtpF04Qxu6nnNe9-6rYpWtKS-EVxxY-jR5eE323L2C7WDhI7BeGbSf1oOdtgc8YlGTuVsBLmGs2Sv9PBkLmFVWRJt14bqvuDTaWcQMFGs5VBzMXJlOiz3cIZI57FCyoYEelgFJkbwgEHhWWDXrKxxxT05cDCaopcCrlNQ2eMEv3EuY3sG0oevWM-yqVhiTM7SmyVW84ntGURT5APxJKY9lNzSQJqfUc1NI6ODJdS-_4kmPWwS1Srpo73zNwNOOrdx8UhJl7-r5o68LGznfJWRiZunea_l56e3Eiijz7NrlP2i8sQevC44xxuuU7vApfUc0HrkslJyHzreYrY4PbxdZOaafNu2D2nGTrFVC8amEYB5ak1J7OXyalKK9TuyXqCZgVySb268gdxR96o7DnocjCm0X8YsxCOOCAoipqpLa3K0Qk5vRwKp_2KhEA7utkl3lRiriVGOJ_I_aD-rxt2xWuVYZyGQDoCVhgjHHWgYckZTp4OQEARWE6i0t7icMWs5h-oA_fpAdO91pLcetnj5Ss43_y2WCyy2oH5tbHNzXndkSA0tl395xkS8cedRvB1gECoq2BTb08nUhJFO3kuFbEnBpjMTYTYzsXQs8XMMtVHsJ9BO54MyK8YGXL_S6T56jZBQhhLxlTxbSyN6dGAOz4idwfKkd6--dYj8as4MWlV25aVzxg0J5LDCPre2kr440nx24mlY98-9_KNaH_GAaQGd4Tg7jCUMA-KRArWGHG6Zrf4sDvvtB27HM3EqrxWaaD4ULL7mpXZUFnfzWxhjhjwuDBJ308pXPfjr5u0jskgGcMPs2J8H53Md7ocjO20u_RmbihnA4z1rGCZi2O0UeAOHDno04jJc30FKaVMSEVFvCA8ve_gbix10frPATk89iK1S65LkdDWQwt2QElC2I1u4lY2lkEdYmHOGM6XXz83Yo0QWHAGxjOI-cEXOgqxJsRQ3t_r6aF8iBkueat5BRjW0MgmTps3n_jp0TMxQcANvdneOcR4-h1dGsSUSpfF8nLrha5MjzETOL1iqVlRO4SpMpRw4KmvLcy9wDdxMnUrYeOq6vUGafAM9T0ERMDfw9N2Qk7jzZPuexnTYJ2R-l8PXhO_G3EyvysCzYtucusMEZbFJi2QhzC90Z9XnC6dfpBuMPY4foV9OkSU35VSxScIZj2gfoOLn8BoXhxIOUPvYrMlXoZkxwhTh2kmDt_xyUu0QrIwx1FEp6pDYuVTlG16G48BTwUetUToAqffF_KiVO-sO_BCg2ukrx-0iPzOkj4jJQ7RofEMpGYbDudjRbgrY2GRY7fqQuwqVLFnYiRMJqpuPYP7NXCK9oe7hhmJ43ZPGOWAQNQZR_saYdDxMhtqNkscNudzBunnRbdCOJwiMV3lXyaa683DaK-iHTt9A-LW8rnBMXb1k_QmT53S9BxYT0j8aNCWzj_75BbWNKYX42G8fmM8dot-oTQupQCdoxI3mvTI3u1gXgPtZ-Z-NpQy2hFkE-AhvxvQ1gRyZXjpjAnNe94ejHvVsVV2-d1-v-RLwq3XStj3AQPyVxM6C9n3KPFIV-bQWfwV11g8rOFHne42CGOl8_AkxEWiC0Vyk4OoaHvrhokAvhIMUnXVlDK9TKZzDgN2U4rS-6IZzasZ1QaMQJ-69gqkxLFSmGwTu_E0uoss5ah2W_WKUatVzaSlRpDjwTX3pVoDDPxDeb9A0RnivGBqDYzSTVTT688p6H4kdaPi6iO-gItJsmJhYkxZDpNgGy78Si4Rtl2M2tpjLUR2unRS7O8F6KggaH1TDN_9grab-cX_NREc5t8AfOPQ8k5STt8zm4ES3iaqQ5DjD59Vv5YCEmy4OAPT5L1sQUPMxIJp1r56lakP3x1RjWlFkUcXAV8ZYykCWZ-HJU3pAd3C_4UsUtSGXX_MymSISD_L-5fwIGcLZmiNMn5oA282__oUK6OaTFigyXvvzh6iu0ImDo2pjXcELkV3hW_v4cgikealN3UqSTQ12c81bbjwlnNT05dX6SM64z6LygVTNUf6-gqz5sptVerXBi0dBP1-Em9-INLVdI8BWhvSET5NykEzYt_9KXGU-OV0SSU9WvNNVGXbyUCXXtoZOQN7TUZC6JmpS4tRH3qanmxUg31bAMYRKHoF1MAED7tQB0xwbq32QSzSBkKcD7dNTvd7UukMXSFqLVk1IG7gKXghhocA2J_9rTUFDmmm4BqrPgBUiACl8cJn8wujBRCqLsx8p0TO2n6J2KI5V8eOT0763c_RqJ5LQKlR9gJggU1ivVrdA-lbVkozRWLBvJjvzSHrZFKZnj5zAOjJz3SLXA4Scok15H1ClsDTrpEovgSxC0tNXNkSS0Y67fBRvyopuam_BdQxGl2d_TqYcIRq7s0nJuFNiZa2gaml2UYZv_qoryDtXsjeqHUlPGOXQR6R63AusMcgwoKzrZ5sxWlqs5nKn7bIpPHBzFy-3ABOly3Ri2PIsOiflQqhsLr2mHuZDJ8AxUp2su-CfX7_GpE62N5aCoJMea6yUx56gruQiCnjmFeICtGC4glg8dJqB-T4J7WCm9HX0el7WCKcoxuCh2IQ3ayCc-j7RaPGD_-S_xI_xkxL_inG2y_p6Qj_7XHKIn_okqlLyrP-Sql0BrEVmEVreNb-CPREZiVk3x3fnjwUhAFxYKaK_OWLXCEFu-8ZvR1k7XPA8NBMjbxpoQe440Vy_-jUulQtuAMAjn6VOjsJklb59p2bnJipRFkt2h1pC11TsXOyvLKMt9AGG00sY9Xifwv_8lXn9BcLhf2Sqm-M2t-iSyyEUslmzq9nWHF-9g1l1pL3d5A_ZZpSq0wNcQ_e7jjMv6lQ6_efIqHxF3ddlk9OW7-jS-O0O8IW8tjZtS3Jf3lYRKjLc8KcBYGyMTqK0QSNkY6wgt120yeWL_CZeympX9-PPuhfBuYAkkEjJn8X5PAs5t4mpBOjt-itibnKsOBTTX7AO0gxtFTDbRrgr-d97KiK3Z9L9d5WYaaFpu97EUr_U_jaW9I1Qghmtey-mEyvaNX5PiGJ8lmh2fGLvJn6VhcpIrzQgGbzcc0iWCJ8WdxGgdgQ3KlNh9SDQ9S5PDuSYoa0h5qHjEVVfqI3uCt_QWDmpzwSQtT75zhbBUD8wWDaAjENzpLkAt37xwxz3YZYY5m-laLvTOF8oyATpqx73gXlmFzVwv2LtN_hO03o2eVU9X-0GFUe2pH__BLCEQzi6z5GnbbMzmJQZYGeCBssrg-qESTr4yiqO_cDilvbtDd6-pZlC9YvV8cZ7pwnGQJm6Te2vE1qtigaBSayGgWgOQ9r8AP-JyxJjEQT-x2SjneXVAMbWHp1DuR6oXbNJlQLxp38CYSRYWSOs6zq7nEsQfz99tO69Z51FEeQGpkteu7tCcjcPN58Dfj2-42uIokmUcO28TKPCZtNIgSZq0K4p5imoYygWBJ7DSw&cid=CAASBORoX-I&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f157.1e100.net

Software

cafe /

Resource Hash

f6df68c6b3013ccc1df8fd9aa23657ff3c2cb998d0aa8db2f339269acc91d8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15868
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 077D 0
0 92ms
91ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKiNmE-4uY7XQKbCQiM0PtYWjiAKPsuiHbMiEgLjcEPAuEAEgpa-Hb2C7hoCA0ArIAQWpAkz3zoOgN7I-qAMBqgTsAU_Qaegbn0FIFniw50aJAKJUYUJEs0w_wbK2s-_LLRGCQnazF1-aVA1060vvl7Dce8Rm3FbotVPqtkEnjbEcMzt8uiIv3pGJA1Loq5vZJU_3GkxQ0-zqwXAsIf4bHCOb2jPP0bp6HstzAcyjinRCX1iEyRkYruZGwGPfkO5wEL6tnsIhsXfIrRFd024T16oSgP9E03fBSFF3a_Boc0dvd3zN9w5pASzjI3J4q4Qn5T4uBOgRFU8uiGO-mZauWLL7cI4Ler75V-K9aycaOlQ2wskIhNdbVLL12LgRP4Fd18v9qqUGvdXHDSh6Y--pwAT4oYPGpATgBAOIBdKohM5DkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeh68akAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEIyTARj0n6KuAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBPpn6UQyBOE1YDhA9ATANgTA4gUoRjYFAHQFQGAFwGyFxwKGggAEhRwdWItOTczNTg0ODkxNDIxOTI1OBgA&sigh=LQsnN8tWkRU&uach_m=[UACH]&cid=CAQSGwCsnQUxsnPW69qVo-QBbie7NnFZJVGrr6Y8Xw&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=1991965095&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987254&bpp=1&bdt=353&idt=277&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BLZ5wGQWd8&p=https%3A//gumoreska.in.ua&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Sep 2022 11:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14659246945819122026/ Frame 74A2 12 KB
12 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14659246945819122026/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df84934cc2c94e758c3958514c3229af43d22da5b9dbb99afe43c1881ef7f8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:10:38 GMT
x-content-type-options: nosniff
age: 228950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12176
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:45:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 20:10:38 GMT

GET
DATA 200
OK truncated
/ Frame 74A2 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 74A2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74A2 0
0 96ms
96ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzWLyE-4uY8fmKYy2YaDnnIgB1ZbwyWytw6vEjRDguZWYQxABIKWvh29gu4aAgNAKoAHB_MLgKMgBCakCdk4CNshAsD6oAwHIA8sEqgTOAU_QGWav522F4fWwMWIVvuI7gp_4Pl005e8HUOkIFNuhXGRJR-4Wz87VROVg5yCkVLbexOModyLzfiOJGJJ_BZI5a1K79udbfZVuda9CKgBQ8fInXRvP_LyHv2gL47M8RO_rPyMPrsdZW0RUFV_4777yqNqDzuHnOLN3rDoDKz1qzrBmS0m7vDNPErWj24RUdHGT7vC0PG0Eb--cLAGtF0TskXNIkjVbK7HRdS7b0CB-MvTO3CHiRaWzWb6NXJc7ew-sJ-023lQuF7_qGljfwATp8K-n_gOSBQQIBBgBkgUECAUYBKAGLoAHwbSTwAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDuN9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQC0BUBgBcBshccChoIABIUcHViLTk3MzU4NDg5MTQyMTkyNTgYAA&sigh=Mkz9mIz9oTc&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=6877447544&adk=1253207218&adf=2571114240&pi=t.ma~as.6877447544&w=1160&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987252&bpp=2&bdt=351&idt=272&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LqZrXNfb0u&p=https%3A//gumoreska.in.ua&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Sep 2022 11:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 74A2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92ca63be95834384b191762ca6faf153506113c0bf0da0741d4aae83f7db5860

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 077D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b1ceff2a957431d0adce4a1b0c3e6f995dbdaba47cfec81d7bfb53425468c0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame B081 4 KB
621 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 10:12:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 24 Sep 2022 11:46:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B081 2 KB
902 B 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:44:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B081 0
0 96ms
95ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFdvrE-4uY-PbKYOUiM0P85e5oAPaypnFbMPLvLm-EKrpz7riMRABIKWvh29gu4aAgNAKoAG5hZb9A8gBCakCTPfOg6A3sj6oAwHIA8sEqgTFAU_QXBWrWyPnMPoAqYaG0ZXv2HmE_lzwE80N90UrMVk_Ay2BRNyIn5bZZzrNMAq47mqXcTR2mZ0AgsR9nv4_WvjfxhP-dLFJHEn6QZUGfSuHq7UiiwdcnYdUH8HLZWKDQBxsUfUk3VRXeoZcRPR0__alTuPfWjxv7O7HQ13a3_8s59DlgM6ifVnpiiCTNfaK7VXqSkgFyRPEq79fR8rmoypoI0-B9fxcpIlvmJY2Bhx6fGxLa41JBEia9WgLe7wmZtpbBWPGwAS817nZigSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHr_rpAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMLbB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NzM1ODQ4OTE0MjE5MjU4GAA&sigh=Rncbd4dw1L0&uach_m=[UACH]&template_id=484

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 24 Sep 2022 11:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame B081 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B081 3 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:42:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B081 17 KB
7 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B081 140 KB
44 KB 129ms
126ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Sep 2022 11:46:28 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame B081 33 KB
13 KB 88ms
42ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 08:57:31 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/9244241517494772510/ Frame B081 43 KB
43 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9244241517494772510/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

042d593d6cac578e2df0492e4f8a7f046af3509af77fff4310015dc72de8317c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 04:58:57 GMT
x-content-type-options: nosniff
age: 370051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44112
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 17:21:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 04:58:57 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4941674592613310767/ Frame B081 1 KB
1 KB 45ms
44ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4941674592613310767/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07ea76a8fbc2a3d22de81428834f1ac895eab8e1b84091549f6a39cb50656bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:10:56 GMT
x-content-type-options: nosniff
age: 70532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 13:37:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 16:10:56 GMT

GET
DATA 200
OK truncated
/ Frame B081 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a69428c08a9ef13e7c6ebfe09dd633989ee87feae730f6f591015024b7a2062

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74A2 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAA7QDAECg0QAyEAAMjMzLiMQDAECg0QCiEAAAAAAAAmQDAECg0QDSEAAAAAAAAAADAECg4QHioIMTE2MHgyODAwBAoOEBkqCDExNjB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAMDMzF41AMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAAERAMAQKDRAFIQAAyMzMGI1AMAQSGkNJZThqOEt0cmZvQ0ZReGJHQW9kb0RNSEVRIgl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/254e5c345a803564ee8bf4c2c62aca26.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 077D 41 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:58:19 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-aigzrnsz.c.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 077D
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-aigzrnsz.c.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

225ms
30ms

Fetch
video/mp4

2a00:1450:4009:1b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigzrnsz.c.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/241FE86DDF6DBCD8B181F495F939FC86C33BBC46.45E650B2F75E190A86ACF8B016F2A527082BB5B9/key/cms1/cms_redirect/yes/mh/zF/mip/2001:ac8:21:e::6/mm/42/mn/sn-aigzrnsz/ms/onc/mt/1664019652/mv/m/mvi/2/pl/48/file/file.mp4

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4009:1b::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 24 Sep 2022 11:46:29 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1585273
Last-Modified: Mon, 28 Jun 2021 13:09:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 24 Sep 2022 11:46:29 GMT

Redirect headers

date: Sat, 24 Sep 2022 11:46:28 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-aigzrnsz.c.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/241FE86DDF6DBCD8B181F495F939FC86C33BBC46.45E650B2F75E190A86ACF8B016F2A527082BB5B9/key/cms1/cms_redirect/yes/mh/zF/mip/2001:ac8:21:e::6/mm/42/mn/sn-aigzrnsz/ms/onc/mt/1664019652/mv/m/mvi/2/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 077D 0
327 B 602ms
278ms Ping
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l8fujcg8&c=7339994931650&slotId=3669997465825&qqid=CPWlj8KtrfoCFTAIogMdtcIIIQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=851&mt=video%2Fmp4&vs=970x250&ulv=1&cll=0&vast_v=2.0&vmfc=15&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.um
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 74A2 28 KB
28 KB 130ms
42ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 270104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:44:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B95 15 KB
16 KB 112ms
44ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 541007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 05:29:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B95 15 KB
15 KB 124ms
58ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 431951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 11:47:17 GMT

GET
H3 200 EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6156 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15943
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 06:56:09 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 469F 23 KB
9 KB 48ms
48ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 237407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:49:41 GMT
expires: Thu, 21 Sep 2023 17:49:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74A2 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/254e5c345a803564ee8bf4c2c62aca26.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 469F 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 06:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 06:05:15 GMT

GET EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame DA05 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 2B95 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB74 20 KB
10 KB 597ms
597ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/dg9pj.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e63d054d435aaef9da6ec0247916cd5c96c1f75cfdcfe31a9dd4ce5d10a278ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10283
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:46:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 135ms
58ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c095f0d3d65cfbb4c9bc4aa63e3520e9769a4579e35bfef4b44a775a72e160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Sep 2022 11:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11226
x-xss-protection: 0

GET
H3 200 EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js Show response
pagead2.googlesyndication.com/bg/ Frame 96FC 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15943
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 06:56:09 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74A2 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAoMzuQDAECg0QFSEAAAAAAAAqQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAADQzM7-UQDAECg0QMiEAAACAmZnJPzAECg0QMyEAAACAmZnJPzAECg0QNCEAAACAmZnJPzAECg0QNSEAAACAmZnJPzAECg0QNiEAAACAmZnJPzAECg0QNyEAAACAmZnJPzAECg0QOCEAAMDMzExZQDAECg0QOSEAADAzM5eFQDAECg0QOiEAAGhmZhKHQDAECg0QOyEAADQzM4uRQDAECg0QPCEAADQzM4uRQDAECg0QPSEAAAAAAJaRQDAECg0QPiEAAAAAAJCUQDAECg0QPyEAAGRmZpCUQDAECg0QQCEAAMzMzMyUQDAEEhpDSWU4ajhLdHJmb0NGUXhiR0FvZG9ETUhFUSIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/254e5c345a803564ee8bf4c2c62aca26.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 469F 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BjSsRFO4uY-OaIpW03gPmgJhwAAAAADgB4AQC&bg=!zc6lzorNAAYIxsuQKMY7ACkAdvg8Wm-UNZEY6ZPaY83Xxczwu3p0KFwyuANo9RrMqJUXZWpl5x1Y8AIAAABuUgAAAAJoAQcKAMG9pIYoa6Y3q-hRJQ7dJEVM-ZwtPFAYa0UwNQ7lDNWQzihUS6AYCzndVY-6AZk2mVHpJHFjf_UyqyMrdRwOCTk3yWurzGT9JPqIdasx83Yk3HhrBVxAPGCOFRxbx0otD0yJnF9a6xZkH5OK0_lABTBPgtH7qRAs-vUCZfMrEIMyEhtVhZo88pYL7SxVRU20h49HCxjuz70QZYbaW-mIX-beAUXRq5MHqqqfzuMNnx3hKuwEuoa7d1-sZDRrIzJ7X0HqmQLHpqlui7iNO0gLpr59JZnnfZI_ymlcydAjJU197vjAG_TIr7TzRNTKnVX60MzVCnWi6tcsE4uTBlnIyeVMhGlM5tykT8ezSKoig8uZYzzgw1f_7VaBszILcY2DJaF1DzWwIql2KvAohrrkSMrk84JXC8PZWvQNbHdQJXGGP3lTN7jhSUhj0XHZUV-NsmgakxFWR719HKFqU612kEWe-UK0FyBU9iES6Z7lyAALJX06lceqiNY7uMWk7iMiDuz_h5Brbd5G1QJyU77SgND3XrDFJHU0DsJ4o7t_qha-eiDiAjnKEYOG8qipJsFn3-Q_1fGqxXf6TYbYg_rJzWC6dmpqkrelNC4jDNHitlNBibjV9Ur4WU_FnElseVxgeX-sRYD1Cs7nAMb40CKhpAXlTOL2XWYuBSMkiMmwZz5CX3S3212AEstBJoVtOu8ln8I1zilZQPrOnIUJT3b2-QqTJD1q5PpCnYrvWClBi1ocJgNziPOwaEY6BPWx9gPNG5hTuwb803VclPjMENX5HSKAzhFoLhRyCAMn9LIw9BDdo35Gpf7Vmrjzkt_pCOJgJWNW6Es9SjwjxknFqVDe9_vXbVou6LMuSaImwfKhm1S0zHU37lBJVv3GrGwLJC8zv1Ow4s9g48V8w1jN6f7rO2nyHODtLxPKVFMkUwJPJSHHclIIzXEMN2cOpomcHYKMU1U3VSGJYBhY-SzTh69yRQOtk-lDQ2ya9WztYp3QW2jqI9p0H40v5cV0jx8MT6Joqvdm0Hu5_VrWJeOBHYGQKSBSWFFDPcR0yqq0SKfWL60qD78urATBtwGRluqqV3gtiDA4lUx__gv-svvwONOO69K1O45Ov34EEqhTDJHdHRytEcsfrGEzAUJvWGQgGyAg99FdM3QZSjeyu7aHvqzmln1c9mF7fpKMyy-uH8gkJNMaIhScbvbU1Sg8qf8g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Sep 2022 11:46:29 GMT

GET
H3 206 file.mp4
r2---sn-aigzrnsz.c.2mdn.net/videoplayback/id/45af4d4699326aaf/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695555988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 077D 2 MB
2 MB 61ms
29ms Media
video/mp4 2a00:1450:4009:1b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:1b::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c218bf793c038d6169cee916ea29e3a8512180672afba588f3ff50d504b26172

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1585272/1585273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1585273
expires: Sat, 24 Sep 2022 11:46:29 GMT
last-modified: Mon, 28 Jun 2021 13:09:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame 077D 0
54 B 278ms
278ms Ping
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l8fujcm4&c=7339994931650&slotId=3669997465825&qqid=CPWlj8KtrfoCFTAIogMdtcIIIQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=851&mt=video%2Fmp4&vs=970x250&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F45af4d4699326aaf%252Fitag%252F347%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1695555988%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F3B355A94894B98AEBE9892F9E71599BD12083603.86EC8FE698638D7F4E1D2C563294E8DBAA4CCEDD%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7B4 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:42:11 GMT
expires: Sun, 24 Sep 2023 11:42:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7DB9 783 B
1 KB 146ms
52ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d9b8995cd861d514d8d6d08b1338e5e15ca3224deee0ce357ea2ad8065d0c8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WlmUftscdCHMcmgZ_eCbjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-WlmUftscdCHMcmgZ_eCbjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:46:29 GMT
expires: Sat, 24 Sep 2022 11:46:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js Show response
pagead2.googlesyndication.com/bg/ Frame A7B4 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15943
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 06:56:09 GMT

GET
H2 200 dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 077D 42 B
494 B 234ms
88ms Image
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664019989198;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 077D 42 B
64 B 91ms
90ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIp1vE-4uY7XQKbCQiM0PtYWjiAKPsuiHbMiEgLjcEPAuEAEgpa-Hb2C7hoCA0ArIAQWpAkz3zoOgN7I-qAMByAObBKoE7wFP0GnoG59BSBZ4sOdGiQCiVGFCRLNMP8GytrPvyy0RgkJ2sxdfmlQNdOtL75ew3HvEZtxW6LVT6rZBJ42xHDM7fLoiL96RiQNS6Kub2SVP9xpMUNPs6sFwLCH-Gxwjm9ozz9G6eh7LcwHMo4p0Ql9YhMkZGK7mRsBj35DucBC-rZ7CIbF3yK0RXdNuE9eqEoD_RNN3wUhRd2vwaHNHb3d8zfcOaQEs4yNyeKuEJ-U-LgToSRSt8xuJ0AtuLvyNW9ThkseMU-rCMuMGlZpxFMh1Aq3P4_gi1FcSiBevRX1FWJgPmSX96xXSz9_QCYttQMAE-KGDxqQE4AQDkAYBoAZ2gAeh68akAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbAT6Z-lENATANgTA4gUoRjYFAHQFQH4FgGAFwE&sigh=vQX9d8hFfjU&label=part2viewed&ad_mt=9&acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664019989198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=1991965095&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987254&bpp=1&bdt=353&idt=277&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BLZ5wGQWd8&p=https%3A//gumoreska.in.ua&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 077D 0
622 B 199ms
91ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZFjDxPrTaRUB-66kw5_Xt691omaKAshd14mB-UNSDO5I1aLjIN8XK4CFjQsIBTFiRoYPgMoFFv3zeNIhsy0Iut10fJYbNh3hn9XE7tTJXGuwv_mVXQh7tWFITIj0VjWFuFzCHUy0_yaSl-rzTbCS7iBRNAV0Y_OiiYihi0n8Gnc6i4uVx75p-1iSTq8VYc5S_XAfmIltTOihEJzJnkQVWDI1R_ShUVP7Q6vraZFg6nMvdZ48aoqObnFL0O7T5yjPyu8U7OaJHkdLRKux_dRtBBoVd_Ztup1Jnep-9XYw25N-Suj5DD1tGJeoGYrAedqzUsDYqYstswXpcOrMYa3PrWuZVE360s-7KpaXxRGlzNOESFCL-Bsx4AxY-hGXUF370RJo_AHG9DzxK9IHg5VCmDOcy8hHRaS7puhKDYIFcM1m6H2LyqZHQ8WSwh9wM7JXuN5ghm61SWLjP8e8ouXOHv2bO-tn9i_iIAJBHWJCO9FPs1FDdnjI9p1DkCkji9slSCD0hdqSluRXMgBQxtRFzEWkY0Xi9puxg4ktQpWr_fObGBWhJ-q7Lab5YJqk15wGTz5NWJzFTMcSOfQu-ggzxuzMFBScJdKRh2i8yXfmVRkoIU9_CXaoHytR9iTVJDbyAqrCreV0uql2mYLIvT9G_pLzRl25vVQy17tEvq0mY8V31SrC9TMpqTv05HYZ0CLRziFCdhKHRazaoTUBHEOPNMG-QYkFIPzb_AMJnulvWfC-cstTbdyFOAHdEk5kRah3HdkUenzwnZ9uWDpxX1y8dAfH532oBNHhpRyVmfeuiK6mmtCONjf3D6AXy64o6Ws5zIJt93eQGf2qHclQEnarutyAy3E1Q1B93VqNnsEOz-_FjYbyo7flBjapnHf7HKEhoV2vv_aEIsEW48o1Xq-4TrdnOMgyi1xUM_TGG23rE-naAfo5Lxa80UJN1aaPI7vx_fRTnrIJb5uORQtKb7M5SQvLMEn0IjnV8z-vlHdK4TkIw_kW24DEVhPE5PsQYADbGaaEejukQJL7nIAGXRcLnMMqGnWClZ-MS7fsg1ZudFckrg8ALdfB1xnczeOHuUfkNbYupZM9aePJ_or-d3rZvfgjhnFMpvcyUl2Zoj6w0z0KvI53QdWREsve5I7s&sai=AMfl-YRGOGplePyTtTUj6H-4ZJDCNOEF3pk4sXj_NIgYpNrjjQlHQxWVr97JfL7K3lSzOTmJPeMkPAM-GqOH38zDv0l3dmvsVIQBO9_SIWTgHqUtVP41vydacUhItdHuMtHMXpla&sig=Cg0ArKJSzPiihVL-zBHsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 24 Sep 2022 11:46:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 077D
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNjbfRCit6ICGPSfoq4BIAEwAQ&v=APEucNXc0vq78-k_sCW_bB4B9UYwKtw0GYDEe7mBmX22ME_xWerVkJAKAiWyQFF21WZ7yKI6VdvcZAa-6auUfcLaepomwzAZDA
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBp62peUDG7jJakMAaeN0B4&google_cver=1

43 B
163 B

241ms
36ms

Image
image/gif

185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBp62peUDG7jJakMAaeN0B4&google_cver=1
Protocol: HTTP/1.1
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:28 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEBp62peUDG7jJakMAaeN0B4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 077D 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos...
ade.googlesyndication.com/ddm/activity/ Frame 077D 42 B
107 B 233ms
89ms Image
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664019989198;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 077D 42 B
64 B 80ms
79ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLUj94h40-1V4kygtNweJFFKlFSVnW3HkcRnsociiyvqbjPRdEUv646zkojdQNoKQtCcpgRb_npwR_EHYaXlC1BcuUykqHZwwjuHcYVyS4CL8XPo9qNiyOSAgK&sai=AMfl-YQMSjwCyIAmDw2BEW4q4pG7zDt83hoIAaxyRtsMdGxHhuF8C3DnZCx51_kUbHa7u6sMxvU_A7awQ14h&sig=Cg0ArKJSzDpXUtFpOD_HEAE&cid=CAASBORoX-I&id=lidarv&acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D9%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664019989198&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 077D 42 B
64 B 91ms
89ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIp1vE-4uY7XQKbCQiM0PtYWjiAKPsuiHbMiEgLjcEPAuEAEgpa-Hb2C7hoCA0ArIAQWpAkz3zoOgN7I-qAMByAObBKoE7wFP0GnoG59BSBZ4sOdGiQCiVGFCRLNMP8GytrPvyy0RgkJ2sxdfmlQNdOtL75ew3HvEZtxW6LVT6rZBJ42xHDM7fLoiL96RiQNS6Kub2SVP9xpMUNPs6sFwLCH-Gxwjm9ozz9G6eh7LcwHMo4p0Ql9YhMkZGK7mRsBj35DucBC-rZ7CIbF3yK0RXdNuE9eqEoD_RNN3wUhRd2vwaHNHb3d8zfcOaQEs4yNyeKuEJ-U-LgToSRSt8xuJ0AtuLvyNW9ThkseMU-rCMuMGlZpxFMh1Aq3P4_gi1FcSiBevRX1FWJgPmSX96xXSz9_QCYttQMAE-KGDxqQE4AQDkAYBoAZ2gAeh68akAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbAT6Z-lENATANgTA4gUoRjYFAHQFQH4FgGAFwE&sigh=vQX9d8hFfjU&label=vast_creativeview&ad_mt=9&acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D9%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1664019989198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=1991965095&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987254&bpp=1&bdt=353&idt=277&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BLZ5wGQWd8&p=https%3A//gumoreska.in.ua&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 077D 0
54 B 281ms
280ms Ping
image/gif 2404:6800:4004:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l8fujcxo&c=7339994931650&slotId=3669997465825&qqid=CPWlj8KtrfoCFTAIogMdtcIIIQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=851&mt=video%2Fmp4&vs=970x250&dm=12000&event_name=first_play&asset_bytes=215696&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1ao~videopreviewstarted.1aq
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7DB9 0
0 75ms
75ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=2213359336574703&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A7B4 0
11 B 41ms
41ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0oa3TA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D5EF 624 B
297 B 79ms
78ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY44vVvQEwAQ&v=APEucNW5iI0Oxkao-G1FS_KykqnCFaHL3Hpip7mRHfRMHmj6f0xQtFuWo3JrWraEniGt8rUivrrwDZkrmE3F3YT4c7Rl_8PzWzxgnBSTjbWmcnGvrtAQyKbCI9JQjTU33iwwEkqnGJo_kCrys4Nh9KYjcS0repNzEAdz40fHztOHRKmyM6-KSzs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:46:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B528 80 KB
33 KB 111ms
109ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BV27wbN41Y68tKI7TrfU9riyLfMRUXrkv_gLzMNdyO8YbKfyVI15twTyb6KUHRPNvX3kXHpDKkXGQR9nxUSDa9csW5Dg&cry=1&dbm_d=AKAmf-DRfgIHeblENHFSXylb5zcnHCoZ8N7L_oL4Bt9P3RPJ-N4qrbQr13GrL6foo2hLi1d55TN2ZZJf3Aduh159st9RgvxYwN3OM5AAixucq-JshNvioSgnlNFqwhRN-MPH9m-O6wnzQ0sobUOYYJzodqDuX5E4HiKDv_Xi5_V8WJcwD4uxIJ_Wb1Pr1RWR3NiY4hOhYQ9ZHTGr0xICBwm7elX9xnThbYkKnr_gTwcw3THz8rq8oGN53Nh2OT3bIKiVIObBaAwLlAV5v0oxlGbPsJOJTqvA2zYax0iLzYlAq4kwgmhQlbFEz4bKGYRgUn3yA9ZyLyeaVgtFj8Hoii9wY6T7nomRKMf-UUQr4axxkLvDQHoHm_ITaxg2EjcFpWdDJQ5e3xFBpLfXYGQ9GTd3JP8H5oc6LiDgSP5BJd0zrSB_nPOOEEOs9rBP9kWUWHogjQdMVHkAS9oOXk-hFlCJOIH4RXhqfdGtg27a5xokXkEaMHalAyR3PEUoti9phbJEODTNF0lPKLe2DyQCfwSOxAdXmt3dLWjTtWqnO9w7d-hUfHZXWBf1cMVvOD8ACoShKs1eUuT9W4gmb_U9SlSr75OBtXljFtBrM4G7IZyY8p-gm3BZarSUtibr6B900hKG5M5PFentlOqliiEOIfru903PYmoBHmsyOiClcjX-4CqiFOkOcdkeF4RgrlbJ-9U3l7mtXXpc4PGffeyy9VrTDzTex-2htwBX2YuXBmCzQ_y2UtoZGGNbNEU2V_bcg0YX7It0BxNoVbPUOuNX9im5_XwqzvWlJ-B0-wsxbXg529Uu5iCNWpCUS2XtkuaWQ8ygf9fwgvKKpQpzAFB8TfqTGbcozwFzLJfgbxsRLYHLansufnYNb-C2nFrTz9v_TjAee8r2kX9bnCm84vE01wcf-ycvWfSCU7MhqRr32L84jkIx4o0Zn_nn3E8kxLqQDf9cUL0GkLAqkFrxQtOa5N52YibihWimqQm8lgkdM2FFP4peWx0Sb4BUGNGQwvyDH9rCbB7pdS7828MZ7ZEXykWpuzbaHsfoTOC0vyMMNOcvj7MNb3JnBG6NWE6NcI21riq8hcPRUf9tHMpocF3L6RAKyy0fdXb3k6cuOhNU0cOipBvJfWX1_rFtYUZQ095FSlBgOkuuYMdOw71GcuVTWbxgJqwgipFOhPPT1fCmrQnX_7CpA5IcNJ5MNUOfr8sUvgm2ztrQJ3SeZV2dpv8T2wxUi_X962LeyqZ7EceWg-D0NcOCLYWdb362fJ2tbK6LWfgKeDxGn9LujVDMQpcuFCr6z7idUFmJEfrbkWWkHY9uVR5tEZ7WZI0tXzJzSv3ANaKTOsu8gwQvnK8XpTBTyEvclX7VazN5Dij4erqzVjootj6Mugk9a8Xrd19eZtk06_4WwkCBaBM-bkp1C5AMYG-1jPdwph5hupxBdFetn6swak9TfwjbWAUpxrgZwzahzpxqwusggEVFVC6aBUX3UJPjYEuDogsFIag-tbB5EymPnBi9eVm6jxOWK5gzVlDkoUhusTacH7mk3eYYNL7sQyRu9Yb4B6meyNw1F2xvhL9PTG6YjNoWkGrRTzKBhzeOGM1j9G56-FjZaZjuUol0eeKIoMWdumnbfc3_xnWRsMkRDmXukaB97433hAX543KAsjgGmnnxHh1moX-7-70BBeyoEkDyLR416vAyDBS2e1FV68ispUBIkskMmfsb0qkKXDuX6OzmjMNJ5OD4uIImiPi8cb1r9Lai-D3LhIn7_sgAjePj2ZWDwUc8T6YjB2v_d14mvgsTztxqwiBA9fPjKC13If5rshXslmJn68nudNML2eXJzR__8uFAEV1cGTjiMoyMX2f5ejXDfyzWXq1HpKNeZjZRra3_aZ6CeCnLN6H7zM79a1qXbB7wkk6Wm8J7cl7F9w3JXKYnpHLM5Vt13TtcGy7hX480ivebxJ0ulrmDp6ksYCRrkJFziyMKLGbQ_ICY0iZgxW_mGZ16n2P8MfMcd7NyqQZ58XaoquEjk74Oo7ogg1vMYB-1VfWl6kqYXXNPBi8I4khTcusHNs2HUW0fJJHxj2zFJe4vB3wVBR29b_xuYea3NjWKTG7pQOSNaBH6-MvvzqxbWWSNZdqZRtIKAYBa-RzoQ4PreqdbkwSYA8zXgKD9siilea2A196P9-Hh6OCnXgqCQF-jaVz6xP1PEJX9BJTrRdplCuNRfkHZtYTERe_RWHMTin3Q0mqw4KLp17-xM6Ce_ge8LUXmM6AnVIXi5DFKH1ATOQEU4WT1XetbKhVjroY3BYvZcB12pBWw23KcGkt-ppAhJf5QPFnLYGxMllchbCmSqtYYrHId7ikRSq4mtBAZHHFNU_qIAvqe3wvEXFN7TBKkZJxFPdLckoLjga-ce9z6naelEkzxV1YwqfXaBhUvtGT2ltI6VBU9h0kAyTputDw4FQ4qhYYE6NAnSvsPqayL_YV7Sl3mkt5hCZGW-LtJJ48X7QpmcOij2hsA2KlBLfpfI3ztHBUdYRIsXWDhag5Dc7VybRRXziWNBjT-E-c2jpSNalLpbkB6zKMYpzdHig5eN1imf2MpMHZlBWPHOSbeGP8sMfyLIz4cHHo6_W6riUwBeaeaLM-cIoVvBNpSX5Nbmi7fXSW_YTS1f_NGbn414biCCmeHJX7y8Chg0ZNVdPYKwG4ykTvgIf8cRwUsEqQSA8IDC2LBeRxaw5BezuxW2HstgioCy5If9cO1O0Xe6L9WGp1etUIBs9wXPGqgCpF7hLj6LKaK43bb2UQ7pLMUw_7EmKVxPGfSoyenv5ix5wSWtaN1mUyt75nPbChMFSL3nYZe7FTX97on0W4zavKYs6ZkXAKvtYdeqoIvzk-jGQRECBTBe8dYCGFJXgjFgJF_5gm3kfdaiOyI9SsSSwW3TqIfyejYAjPJpQaMrdREeavZgyoA-YXR8nnjfwhWLXjeIbutV0Z4YXCKMabH5C3QldhheYztrl_xJOEEUKcRGrp3aPOSWcFBe6fFfZk7mnzve5RpPHtrOwm2Vf0M9KvrUMaDekvXqt9FuEaxdbGycCRgr2qMTBxEnbHAkCwdwqrqbQfKhHyfl58Hw0rFVSK8QmV5Ax9J6Fzo1kqL3ND7QbdALUsZM13fAN6wQTrUJXzcokHmwvweNKR-pohFDlYe9d_PuEUOofeO4Rq_p6-Mk_zJfBgKuAhxm0KwLkyFmqk2eWxPV5HzmnAdg8ua9f3RbOobJ3d7lO0fKhRttG93MXeUCGNKDYFhpeds9EBGkE3CTCS0Kllo252tM-qKT9GqDz1-wVvpLQx1LpOLCw3DWg8AF5jKQcVqV5pmrk0z4GwBV3JCrpkHdnZH09qq_czQ3TmX24LxuX-S5G-vgFRmkpxuG2GrfUllMsmNeCi64vUPXtKJ20taaHKGS1yif0D6oyV0I68jVWMrOStT-QpEnur6oO2WRztFC0dTfR7wN4mk_gaEjH10vTULVQlrfPUbkYwjQOHM_wEPk5e2FBTfusT_qCi2Rv8-cyM5JUCA&cid=CAASEuRo9ZTQ7nkI4rtNg13ptbSfeA&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89228a52b6b008d64b288d17bbc3ba3e3f97561e850ff507b4069dde9e15d369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B528 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:42:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B528 17 KB
7 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B528 0
0 134ms
48ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSilD8xki0n33q4ETwC6tPqWGkcfC4tbgawtjA1vAsJhrmhEGdJjIad7ojd_Gieg_uQHP0Dcf6fMcLF7CjDG3LHfoSAOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B528 140 KB
44 KB 226ms
117ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Sep 2022 11:46:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B528 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_ZJet0felr8rMNnqlbiPxDej78piE4NPmKx78tcQV1KmmCfnsUaeajf1iwVqkkQ8ZL_0v7eFRRc9Bsd_3hrcL2k0aCBVVtQW2HXseKRIx0b0SMDw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D5EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1&C=1

43 B
847 B

109ms
107ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY44vVvQEwAQ&v=APEucNW5iI0Oxkao-G1FS_KykqnCFaHL3Hpip7mRHfRMHmj6f0xQtFuWo3JrWraEniGt8rUivrrwDZkrmE3F3YT4c7Rl_8PzWzxgnBSTjbWmcnGvrtAQyKbCI9JQjTU33iwwEkqnGJo_kCrys4Nh9KYjcS0repNzEAdz40fHztOHRKmyM6-KSzs
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 74fb47a84a33dc3d-LHR
pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb7E%2F6bkKSPGIRlaxuJT2NYmI314OW4Qtc8V63Vj3jTipjbISdplorxLdJ0EXFz8pxHWDVHgT%2BZ9qK3%2F%2BpbjVCNzxmcoDMBMVw5tmKAKQpdW1rlO5znNDeV3%2BOCQIoOuOTOWW0RsO5Cr5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AA%2F6zThsfoMTevfj25S6MH3Ccs%2Fpib9X6%2FDrjTHDlfbr7iIOro3nRFLoSVn8oOqoltu2gydZlYf6KOokSeYaFlwmc198KL7L2Uj8UximBs3D9ECnImbYIax1e1hrQWVD2FG%2BajQMz7lidA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1&C=1
cache-control: no-cache
cf-ray: 74fb47a7cb9f719c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D5EF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy7uFe2mgud6bKgN2bwr7wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1

43 B
845 B

83ms
83ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY44vVvQEwAQ&v=APEucNW5iI0Oxkao-G1FS_KykqnCFaHL3Hpip7mRHfRMHmj6f0xQtFuWo3JrWraEniGt8rUivrrwDZkrmE3F3YT4c7Rl_8PzWzxgnBSTjbWmcnGvrtAQyKbCI9JQjTU33iwwEkqnGJo_kCrys4Nh9KYjcS0repNzEAdz40fHztOHRKmyM6-KSzs
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 74fb47a94beedc3d-LHR
pragma: no-cache
date: Sat, 24 Sep 2022 11:46:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEREHavOx6ntrfxz%2Bac4ZPpvTwxbAyXE42SrIUkKvWpXw7jWvhXjy%2BnzqTZwUJUK2ehgGV5UBvrqURLZIKRPSULo6YLHasOO5wZ3ugpt0ZCtVy%2FAwhKXnmicw1WXAAdLEHMnx8wiLsbXwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELwDP-M1HwVsu-RH_IwHe2g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D5EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE5nNia_TDqQSnf_GTDCBs4&google_cver=1

43 B
1020 B

53ms
42ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE5nNia_TDqQSnf_GTDCBs4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY44vVvQEwAQ&v=APEucNW5iI0Oxkao-G1FS_KykqnCFaHL3Hpip7mRHfRMHmj6f0xQtFuWo3JrWraEniGt8rUivrrwDZkrmE3F3YT4c7Rl_8PzWzxgnBSTjbWmcnGvrtAQyKbCI9JQjTU33iwwEkqnGJo_kCrys4Nh9KYjcS0repNzEAdz40fHztOHRKmyM6-KSzs

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Sep 2022 11:46:29 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bbae86aa-68ea-417b-aa0d-db9d1dd748b4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE5nNia_TDqQSnf_GTDCBs4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5EF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwMDQ0ODYxNTEzMDI5MDMwMw%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwMDQ0ODYxNTEzMDI5MDMwMw%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 24 Sep 2022 11:46:29 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 90c99277-931f-496b-825e-5b9d034c6ebd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODAwMDQ0ODYxNTEzMDI5MDMwMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B528 106 KB
38 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 08:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Sep 2022 08:52:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame B528 8 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BV27wbN41Y68tKI7TrfU9riyLfMRUXrkv_gLzMNdyO8YbKfyVI15twTyb6KUHRPNvX3kXHpDKkXGQR9nxUSDa9csW5Dg&cry=1&dbm_d=AKAmf-DRfgIHeblENHFSXylb5zcnHCoZ8N7L_oL4Bt9P3RPJ-N4qrbQr13GrL6foo2hLi1d55TN2ZZJf3Aduh159st9RgvxYwN3OM5AAixucq-JshNvioSgnlNFqwhRN-MPH9m-O6wnzQ0sobUOYYJzodqDuX5E4HiKDv_Xi5_V8WJcwD4uxIJ_Wb1Pr1RWR3NiY4hOhYQ9ZHTGr0xICBwm7elX9xnThbYkKnr_gTwcw3THz8rq8oGN53Nh2OT3bIKiVIObBaAwLlAV5v0oxlGbPsJOJTqvA2zYax0iLzYlAq4kwgmhQlbFEz4bKGYRgUn3yA9ZyLyeaVgtFj8Hoii9wY6T7nomRKMf-UUQr4axxkLvDQHoHm_ITaxg2EjcFpWdDJQ5e3xFBpLfXYGQ9GTd3JP8H5oc6LiDgSP5BJd0zrSB_nPOOEEOs9rBP9kWUWHogjQdMVHkAS9oOXk-hFlCJOIH4RXhqfdGtg27a5xokXkEaMHalAyR3PEUoti9phbJEODTNF0lPKLe2DyQCfwSOxAdXmt3dLWjTtWqnO9w7d-hUfHZXWBf1cMVvOD8ACoShKs1eUuT9W4gmb_U9SlSr75OBtXljFtBrM4G7IZyY8p-gm3BZarSUtibr6B900hKG5M5PFentlOqliiEOIfru903PYmoBHmsyOiClcjX-4CqiFOkOcdkeF4RgrlbJ-9U3l7mtXXpc4PGffeyy9VrTDzTex-2htwBX2YuXBmCzQ_y2UtoZGGNbNEU2V_bcg0YX7It0BxNoVbPUOuNX9im5_XwqzvWlJ-B0-wsxbXg529Uu5iCNWpCUS2XtkuaWQ8ygf9fwgvKKpQpzAFB8TfqTGbcozwFzLJfgbxsRLYHLansufnYNb-C2nFrTz9v_TjAee8r2kX9bnCm84vE01wcf-ycvWfSCU7MhqRr32L84jkIx4o0Zn_nn3E8kxLqQDf9cUL0GkLAqkFrxQtOa5N52YibihWimqQm8lgkdM2FFP4peWx0Sb4BUGNGQwvyDH9rCbB7pdS7828MZ7ZEXykWpuzbaHsfoTOC0vyMMNOcvj7MNb3JnBG6NWE6NcI21riq8hcPRUf9tHMpocF3L6RAKyy0fdXb3k6cuOhNU0cOipBvJfWX1_rFtYUZQ095FSlBgOkuuYMdOw71GcuVTWbxgJqwgipFOhPPT1fCmrQnX_7CpA5IcNJ5MNUOfr8sUvgm2ztrQJ3SeZV2dpv8T2wxUi_X962LeyqZ7EceWg-D0NcOCLYWdb362fJ2tbK6LWfgKeDxGn9LujVDMQpcuFCr6z7idUFmJEfrbkWWkHY9uVR5tEZ7WZI0tXzJzSv3ANaKTOsu8gwQvnK8XpTBTyEvclX7VazN5Dij4erqzVjootj6Mugk9a8Xrd19eZtk06_4WwkCBaBM-bkp1C5AMYG-1jPdwph5hupxBdFetn6swak9TfwjbWAUpxrgZwzahzpxqwusggEVFVC6aBUX3UJPjYEuDogsFIag-tbB5EymPnBi9eVm6jxOWK5gzVlDkoUhusTacH7mk3eYYNL7sQyRu9Yb4B6meyNw1F2xvhL9PTG6YjNoWkGrRTzKBhzeOGM1j9G56-FjZaZjuUol0eeKIoMWdumnbfc3_xnWRsMkRDmXukaB97433hAX543KAsjgGmnnxHh1moX-7-70BBeyoEkDyLR416vAyDBS2e1FV68ispUBIkskMmfsb0qkKXDuX6OzmjMNJ5OD4uIImiPi8cb1r9Lai-D3LhIn7_sgAjePj2ZWDwUc8T6YjB2v_d14mvgsTztxqwiBA9fPjKC13If5rshXslmJn68nudNML2eXJzR__8uFAEV1cGTjiMoyMX2f5ejXDfyzWXq1HpKNeZjZRra3_aZ6CeCnLN6H7zM79a1qXbB7wkk6Wm8J7cl7F9w3JXKYnpHLM5Vt13TtcGy7hX480ivebxJ0ulrmDp6ksYCRrkJFziyMKLGbQ_ICY0iZgxW_mGZ16n2P8MfMcd7NyqQZ58XaoquEjk74Oo7ogg1vMYB-1VfWl6kqYXXNPBi8I4khTcusHNs2HUW0fJJHxj2zFJe4vB3wVBR29b_xuYea3NjWKTG7pQOSNaBH6-MvvzqxbWWSNZdqZRtIKAYBa-RzoQ4PreqdbkwSYA8zXgKD9siilea2A196P9-Hh6OCnXgqCQF-jaVz6xP1PEJX9BJTrRdplCuNRfkHZtYTERe_RWHMTin3Q0mqw4KLp17-xM6Ce_ge8LUXmM6AnVIXi5DFKH1ATOQEU4WT1XetbKhVjroY3BYvZcB12pBWw23KcGkt-ppAhJf5QPFnLYGxMllchbCmSqtYYrHId7ikRSq4mtBAZHHFNU_qIAvqe3wvEXFN7TBKkZJxFPdLckoLjga-ce9z6naelEkzxV1YwqfXaBhUvtGT2ltI6VBU9h0kAyTputDw4FQ4qhYYE6NAnSvsPqayL_YV7Sl3mkt5hCZGW-LtJJ48X7QpmcOij2hsA2KlBLfpfI3ztHBUdYRIsXWDhag5Dc7VybRRXziWNBjT-E-c2jpSNalLpbkB6zKMYpzdHig5eN1imf2MpMHZlBWPHOSbeGP8sMfyLIz4cHHo6_W6riUwBeaeaLM-cIoVvBNpSX5Nbmi7fXSW_YTS1f_NGbn414biCCmeHJX7y8Chg0ZNVdPYKwG4ykTvgIf8cRwUsEqQSA8IDC2LBeRxaw5BezuxW2HstgioCy5If9cO1O0Xe6L9WGp1etUIBs9wXPGqgCpF7hLj6LKaK43bb2UQ7pLMUw_7EmKVxPGfSoyenv5ix5wSWtaN1mUyt75nPbChMFSL3nYZe7FTX97on0W4zavKYs6ZkXAKvtYdeqoIvzk-jGQRECBTBe8dYCGFJXgjFgJF_5gm3kfdaiOyI9SsSSwW3TqIfyejYAjPJpQaMrdREeavZgyoA-YXR8nnjfwhWLXjeIbutV0Z4YXCKMabH5C3QldhheYztrl_xJOEEUKcRGrp3aPOSWcFBe6fFfZk7mnzve5RpPHtrOwm2Vf0M9KvrUMaDekvXqt9FuEaxdbGycCRgr2qMTBxEnbHAkCwdwqrqbQfKhHyfl58Hw0rFVSK8QmV5Ax9J6Fzo1kqL3ND7QbdALUsZM13fAN6wQTrUJXzcokHmwvweNKR-pohFDlYe9d_PuEUOofeO4Rq_p6-Mk_zJfBgKuAhxm0KwLkyFmqk2eWxPV5HzmnAdg8ua9f3RbOobJ3d7lO0fKhRttG93MXeUCGNKDYFhpeds9EBGkE3CTCS0Kllo252tM-qKT9GqDz1-wVvpLQx1LpOLCw3DWg8AF5jKQcVqV5pmrk0z4GwBV3JCrpkHdnZH09qq_czQ3TmX24LxuX-S5G-vgFRmkpxuG2GrfUllMsmNeCi64vUPXtKJ20taaHKGS1yif0D6oyV0I68jVWMrOStT-QpEnur6oO2WRztFC0dTfR7wN4mk_gaEjH10vTULVQlrfPUbkYwjQOHM_wEPk5e2FBTfusT_qCi2Rv8-cyM5JUCA&cid=CAASEuRo9ZTQ7nkI4rtNg13ptbSfeA&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:43:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame B528 30 KB
11 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Oct 2022 11:38:34 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B528 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 08:54:25 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E236 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 11:21:15 GMT
etag: 48472445140208031
expires: Sun, 25 Sep 2022 11:21:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B528 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e393d1a547c71dc5cda7d80fa5eb91a2f615ef179c9f13b315fc3b53b7b1186d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AAE3 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 183101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 08:54:48 GMT
expires: Fri, 22 Sep 2023 08:54:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame E236 35 B
463 B 134ms
41ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDdLll4F8wn5e963JaPUAzI&google_cver=1&google_push=AZmPxg9szYCsTlYKLesOb-CgIKZ55NBiXsinMoLshP_nSSGCBTVYzmmyTp9oTy79o6I1LX2JEq8amlAIulMnnkrkr1eFTFlQPQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E236
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEL6wgKuNX7f-tIXRlNJe0Qk&google_cver=1&google_push=AZmPxg8bau06d1ivJ9FVbCyCLJAoT3hLQwKaKnZlYcIJ9t02SfjxWnw_Z_HpbC7P3GUtgvP9l5SXP7TIFGCJtj-m-KyEFCL1MAs
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8bau06d1ivJ9FVbCyCLJAoT3hLQwKaKnZlYcIJ9t02SfjxWnw_Z_HpbC7P3GUtgvP9l5SXP7TIFGCJtj-m-KyEFCL1MAs&google_hm=Q0FFU0VMNndnS3VOWDdmLX...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8bau06d1ivJ9FVbCyCLJAoT3hLQwKaKnZlYcIJ9t02SfjxWnw_Z_HpbC7P3GUtgvP9l5SXP7TIFGCJtj-m-KyEFCL1MAs&google_hm=Q0FFU0VMNndnS3VOWDdmLXRJWFJsTkplMFFr

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 24 Sep 2022 11:46:29 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg8bau06d1ivJ9FVbCyCLJAoT3hLQwKaKnZlYcIJ9t02SfjxWnw_Z_HpbC7P3GUtgvP9l5SXP7TIFGCJtj-m-KyEFCL1MAs&google_hm=Q0FFU0VMNndnS3VOWDdmLXRJWFJsTkplMFFr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E236
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg91j3H6eNLP8vulf4p8KWT6NWwEsn56_8ks3arEHaAgMu7iSxJEyUFq__WeXH67kqgm0YKuIVfksk9Dw3yGnTdzdxhP&google_gid=CAESEE_E0GDa-0wDJK2DSWtISaU&google_...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJXcu5kGEgUI6AcQAEIASmxnb29nbGVfcHVzaD1BWm1QeGc5MWozSDZlTkxQOHZ1bGY0cDhLV1Q2Tld3RXNuNTZfOGtzM2FyRUhhQWdNdTdpU3hKRXlVRnFfX1dlWEg2N2txZ20wWUt1SVZma3NrOUR3M3...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbWMtWEEzTlBOZmREeFNFajY4RFRLcUFmRVZfTmhWQzBLdlE5bWdxcmFzQQ==&google_push

170 B
188 B

55ms
54ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbWMtWEEzTlBOZmREeFNFajY4RFRLcUFmRVZfTmhWQzBLdlE5bWdxcmFzQQ==&google_push

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 24 Sep 2022 11:46:29 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbWMtWEEzTlBOZmREeFNFajY4RFRLcUFmRVZfTmhWQzBLdlE5bWdxcmFzQQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E236
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-mUicC...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-mUicC...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjQxMTQ2MzEwMDAxODE2NzQyMTU4Ng%3D%3D&google_push=AZmPxg-mUicCfL5K7D2437alXzPPBNzl-PUiexGSmatMd5VQzlkBuIproMH5Sq2VEAPS07...

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjQxMTQ2MzEwMDAxODE2NzQyMTU4Ng%3D%3D&google_push=AZmPxg-mUicCfL5K7D2437alXzPPBNzl-PUiexGSmatMd5VQzlkBuIproMH5Sq2VEAPS07BXPq0_Bz6DOedDvEV2fxjy1cSkYvI

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjQxMTQ2MzEwMDAxODE2NzQyMTU4Ng%3D%3D&google_push=AZmPxg-mUicCfL5K7D2437alXzPPBNzl-PUiexGSmatMd5VQzlkBuIproMH5Sq2VEAPS07BXPq0_Bz6DOedDvEV2fxjy1cSkYvI
pragma: no-cache
date: Sat, 24 Sep 2022 11:46:31 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 24 Sep 2022 11:46:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E236
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDe2PEnsmgbiP5aLeeICW1Q&google_cver=1&google_push=AZmPxg8yC2sliyF5gDjyKaJO9-GdDjgDUf0JmH3kfYWKfj6bWVDMaIYAI-qEO4JxKm064j_MHOG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhGVUpEV1ItMTAtRVRCWQ==&google_push=AZmPxg8yC2sliyF5gDjyKaJO9-GdDjgDUf0JmH3kfYWKfj6bWVDMaIYAI-qEO4JxKm064j_MHOGC9kO_rOhCTw4twrGLWU-6Awg

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhGVUpEV1ItMTAtRVRCWQ==&google_push=AZmPxg8yC2sliyF5gDjyKaJO9-GdDjgDUf0JmH3kfYWKfj6bWVDMaIYAI-qEO4JxKm064j_MHOGC9kO_rOhCTw4twrGLWU-6Awg

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhGVUpEV1ItMTAtRVRCWQ==&google_push=AZmPxg8yC2sliyF5gDjyKaJO9-GdDjgDUf0JmH3kfYWKfj6bWVDMaIYAI-qEO4JxKm064j_MHOGC9kO_rOhCTw4twrGLWU-6Awg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame E236 43 B
296 B 251ms
36ms Image
image/gif 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPT6UN0jbI7oQMs4kZ8BKlU&google_cver=1&google_push=AZmPxg9ui7SA7CJ3bv8gWnArlkVVtNfyWCgzdS89UgP6BqZAbJK9okNsiQY_DP_Wg1VfefTcitlaaujMKqf2DqQAHbJhcg3OiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3439465718&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1664018312&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664019987255&bpp=1&bdt=354&idt=284&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=3062071250927&frm=20&pv=1&ga_vid=68445269.1664019988&ga_sid=1664019988&ga_hid=949924652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069830&oid=2&pvsid=2213359336574703&tmod=1553337175&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=xoJIxNITrz&p=https%3A//gumoreska.in.ua&dtd=287
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:fce4:7d96:66d4:9311 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame E236 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E236 0
12 B 48ms
47ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjtO0WynJbMpZUVowiNUVeb3msJO-opUo6vSKixd-4D4KHAKrcvzBJo14LyAcHkkC0gNaQjA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 11:46:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js Show response
pagead2.googlesyndication.com/bg/ Frame AAE3 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15943
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 06:56:09 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 508 KB
47 KB 123ms
41ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d066567c4894a89e3e1c53ae1b803733f562e52b7c862977bad337b27b3fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 360658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 48025
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:35:31 GMT
expires: Wed, 20 Sep 2023 07:35:31 GMT
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B528 0
27 B 170ms
86ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmobZ9y9Vwe9r690edKijFBYp23xS46740O9rxr3EG-yMu40_fZF4YD5gVS-j5UN4DN3Yrzpd_Hyd1gQV-sVSW9k_UHqAVamr_fF_fS1V8ZThWcx9efnrLalMKFxMFNlNW9cqnJdxVQfOmTO6HCdM3Nsqhbv6VdltRQCRkrCS6rI-D6UkONu0Jx3SfP5ERWFriQiUu5Z2Ogti1agoHxl3faDKFZHZPo3MjwYS9fZ_JD6lTf8Rf3SRtVmBYCOh0rY2sMix4NsbcY5EPgcn3d45ZAs28Q1BBLAXFEN00JYx4IDdvUpQ7onGe_BHK9qAV81ECZm8cHCDbyWAS2EiWGunbyCg_lYfZIFtOOhgmmcITfFuaNjTf0dOX4JFe5HnjNLRYOg1MHOXom6MgWHLea3WSUoI-rKif8ZAXH_iCvQiO1Sew3MnaRt1sJraeihWujd3mMPkSmYHzlAwaDo3GkCRNkKsEM2FZya8_RbDf2rGMK6ZpTqmgR8O6RngTD_IXQ6cciat8v4wqZtPiar2KUfCG5Jrcy_IjDF-wLy66YRdFyqPHJ88W5OVEzv9Lgs_1SEyNmSZTgZ7lD4eAUtG0N_ihuR6uyF39GMlK0yISs4ZyklxoW1FmO6_7CW339qgcTi-Ic_N4j7C6HRaPVQftJRRdbmppcO1nsmI-UEkcxbK2YbgaiOKmq5N5i1KwWQxkzAJya1Q6gRqY0NRWbNw_Tq51sTsceq4AG-ONYxxCUwyj6lmc-DXWLfTDNVrGlL5BLpKcWN8x3XJunbcVW0MJyGrcr6BPVZApRcwcO2isHDIZduguS1dmIqA57oDknnfAy31efWlgkW1WRRqCd94Wt_s3zDHQShA9NUKW64MLgGdnhlVHkWYi_ByWXjFPVrnQvqMpJOFC8CcG2DhbCvDqQidDx-BZF8Av3qZGbmVaer1f-Mpy0krx4hHyCeW4fkUMGZQYEvHK5_Z1VARPaC5mlrjijLOKmgE3o7DxLlx2vnL8FzbWlRhgWdg1kE0LBbbLf0F4qUeyv2R5OB5UfAw5v-PDm2-wc4DGnp6m1_fhAPNnYCbZs18VTYTfVaGOujKWDwfiO2SuuClShzxg22MfvjXe1aekC2LshYqx6RIN7BhIUeYPQ-Hn7uaa9lAVg5qgqkmUrea_j57JGjPv9z6OCuWqTqC2fERocU_WMWTtXh0zcoZVcMRvQWJi5l9dU4oHqVOIMIXK7hh0ljm9OC92ZSEz5_PTs2fswqLgFuyamgF3&sai=AMfl-YSFqApSuzeBDpr0plb89WD6PoF9ZqfbBGUEHe0QTj9EIcxRpb1riMJBHOAlAdx91Y7cK1WQl1dV28xbOesRFdA_qTNAh39lTvsYDzaNxTsgmLlYp5ZJkcYZzO58BbyZ2EApZgPZvxRttJ6MV51YIpoi7PyLoQ&sig=Cg0ArKJSzMmlHH6R4U3WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=189&cbvp=1&cstd=187&cisv=r20220921.63618&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 24 Sep 2022 11:46:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B081 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaFRu9hy3cze5oPcj9vwWvizkbCE8JADkANlbAgFHj4CmOLevoC7ssUjCNhGL7glWIHFdJLsjEDlmAGYDPDbVoP-maTdV1qJUI2eueru8fAr7YfDVuvfzjTvDm0o7098eo2s_DtA&sai=AMfl-YRNNUl_ibla2k6CyGwktDbDDlTtQElK3gkey8HbLCCSl5t9b3lRQdAfAwdR_NoQ0FOiqXGWMQ-lHYvZ&sig=Cg0ArKJSzB8kZowjfj6JEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=118,802,1000,1101,1101&tos=118,684,198,101,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664019988369&rpt=332&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=2213359336574703&bg=!ERKlElbNAAYIxsuQKMY7ACkAdvg8Wq6MjQZ0z_Iqw_kD9Sf7iipmdmth-Xi6qjPMS1zp_OpSZfnaQQIAAABtUgAAAAFoAQcKALp7xXWS4Kz94BnPqkNYvs5_MgG11fTAXNzmekCXegjR1oiKbh5-r4cGoNSuX9fxTtQmn9MmpwMyQ2nNEZUtM_hoD8pjSgBWrZGfBAJ8kWONQJXrHUV4AOaghpfEb6i9in-CzBcWEgtXT-nTMPMLtZLiWmfMyDm5CVEkoHIDSu7HcYXIoCu4KWWr3H1m1iUIj4NRphYv6cerNeAOoN9nFEo5wRRQwirIhfMozGA0svocj3shcYne2HmPjZ2ZApWJbSrnlaLDZuo8KdFp-qACisULTqFBXU-LjW283sTuTdlKwMxGVitiF0jHZx9AVrOJKnCDo-BZOz3hjSB2hlhBaHIaehH37d8JLNu3xFa-GD32tdqxpiVmozuvvkX81-R_0xgZAySVigtEBhxJD1VaxnQaBATFLhzdrTArqPl-IPqyWRFkuxun1KCzmHWKS1_VxqfAT7shGbLOMWC9STIJ3XyZ9QCEiifPS4BHiYNm6LUUA2jtElQimmj0J4WXtB2k-7DaKcOBodt0mDyGyXUIu0LTLx-Q3uvEW597of_hTG7R9LN5p6p-VsESk9u0KC7wvRxAmoizRQEroYfP9Dv5O9CEzKL2YaP-5carOSzpMBtND0qyXLI3t_pm0tDjKDCZ-A58h-8QOXujTVHC_wLRaypP597m6JWWdo7rIJmzqq7FOXCrT0JFbuBf3z9pfHmHY2ZHVSHLIeovbPMUzvpy-aT2jokQW5qrUspNtsc1r_ONoBfPrDwOiDYHsjQn5KSaK5oVk4VuiBj9DkyKXuJSnmH1j1o9jcsQeMbOcK-rH4bLueAzdt5CicAwzhksiWZs1GORTuHvIRhWuMKbwSTHOSSgipGWckOurU7rxTtXLSvu8hssKwiTm0grDh02A3PMVkW-pXsk46syuc86wVhrvXc4PHvWDHXJWvxeQYsu9wY9VNFsQ_N5nNXJvlzptAbnTuFwPiZuN-LnP_aNF-zXx3wCt27N3NS4u-WfUxXcZoeht-XL9LQLnr7tzm__eq_5EFPT2FdviBlwokBWqFEkm6kGc77fwH6zhM71Q7No7fwPGqzVw6upJQIEql1Cfioa94tRF-d5daLXE2Dp9ad458wJSg8SgLTTjqBQXrKETmLNFA6T
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74A2 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucqil8_W1ywHOCTtHWKFWDm1oGNkGnwXo3TDg9dkYsw6c-rR689RSlnHR5DLCrEJKeH9BjecLJ8a8NOE0yHxmr6qbTSVlSqT4Nd5tRGmupJUNYO4E2VjXfpDpcWWMZ3FLmEvTq2w&sai=AMfl-YQh93nTuHKE8EXsO3BGAE9Kv5T2sAxt23B-b2bGANP5KZcf3valHFr4wt9O0rNTzZI1WcyWIs4Vu5MK&sig=Cg0ArKJSzDi40CioIChHEAE&id=lidar2&mcvt=1000&p=0,0,280,1160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1253207218&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664019987529&rpt=1328&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AAE3 0
20 B 81ms
81ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7JqlFe4uY-y_IPWO9u8P1ISDsAwAAAAAOAHgBAI&bg=!kJOlk9fNAAYIxsuQKMY7ACkAdvg8Wj2xc174USa6uOsOJ0J6ccpw40Rjq152zyeUF1uGMilICrWQkAIAAABOUgAAAANoAQeZAul_OocsFVQSeuycMxRtwb1wmDZ50qHgPuXZDUt5e4yBHqVvxCl24RpUCaAy-i01k0Z50U07PPncy7YhBfbbPwXeFBWZiPAiGQmeU6KRdK5UD6SpvjisMeIdXe2hY8o2_NzNHWH8TowJiivECIPD8cLOsmcuAGfNTptKnyiUdrxh87hXA-mspBgMoIVOPqVkY5GkLshYHvqdR7ARW85U_RhKDq_DPkeDvRud-dDoTanLyxBqFUyV53F4tu4LXJBC3yxgmxGFQ3zpDdlDpHNnT8iD9iwZ_BFJOngK8a0LGFxrU0aAb5W5FV_pGfCMwPGmBUBsKvwMAzyAUFoN5v500A4RBmmEL-nOSlHXdRsaJYtYCa8flnpjUxBUSZ6Qt9JkRVMHTa6mIA8cibXfOtcuChx6AE-4dY0ItZvpg8c-3xvshh4LCfOlIjlM1f0pTcmDk_crVfV7njDHBdl7tb1XBQg0hy1YgfDhHPaI9y1pUCMEdQCjqJDh7A4Wc8GcP6CYXZDOO3GlMSx8IBxtZAKSAt9U6Hp6lcnOf7Fl0vgv2brlfNCDUf9R2tPvWgZrocQ21GIZbWJOJEnAi0tpCmSYp4j7v_ZH68LHC4y7cR_qDEtXq7hgB_p4XZlXSdIBU_ZbtaXSy1e3ksdDZ5ybpaJAav9ROpZVsssRfWxi2CI390oxQesTrOuaC_Un_hv2ZsB3FtQqZN3dbOUrthzAsGRbOC2GU0fX3ciY-Bxk4JjJ-m-R4WXxctYoqfBa7wlisvcmp7qs5aWOXZkTtYXSyhPtubX3PWQdttAU8oU8vNQDYTFNLnOyG9CMTjYt6i7Na1e7EVqDIUyo64_yzVHFNmTyUcVQsLCHM1PtPMKtxOL0YRnv5Upeeg-_l86eTz_-dboibyH-vS_wKqn3_pA-ki0wWBrpr2a5DwdCSeQmR2EBd6RvkouDmarplp6bOpQR5YuIpqS34rUl10ITc3OVabDtU88URxu5knc3_cLu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6D03 29 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 05:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Sep 2022 05:27:08 GMT

GET
H3 200 VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 38 KB
38 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/VolvoNovum-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39068
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

GET
H3 200 Volvo_White.png
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 5 KB
5 KB 50ms
49ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/Volvo_White.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a584e2fdcda4adee84916ff47e3fe5a50ea99304accfb44c0cec955e99eeb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4972
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

GET
H3 200 icon3.png
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 29 KB
29 KB 44ms
43ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/icon3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a73df65a0fa03e359d59f2422b6c464e67c8ad2eab7ac6895ece309cf4a4730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29445
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

GET
H3 200 icon2.png
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 51 KB
51 KB 66ms
65ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/icon2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdfef5bdc12edcf41579130a794d409f346cbdbc014e23df96928641917d771a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52546
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

GET
H3 200 icon1.png
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 80 KB
80 KB 56ms
55ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/icon1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91268344ff0b5227c19f3ca0f95c9030afeb9cc8def079f6272d817053f375b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81798
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

GET
H3 200 image3.jpg
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 74 KB
74 KB 82ms
81ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/image3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7957066859b6da5d1b065600e921126c2981db53652908f21652c6e2a33928b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75392
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

GET
H3 200 image2.jpg
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 78 KB
78 KB 70ms
69ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/image2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6fec57f620cc83059be3c1523d23818f029304d6929cb05b515e4327dc91193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80030
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

GET
H3 200 image1.jpg
s0.2mdn.net/sadbundle/15563021547256938496/ Frame 6D03 122 KB
122 KB 51ms
50ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15563021547256938496/image1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941035fbecb566ed586708b1c0c7259ee6ab02c6f4a66f6b780c18bd2050bd31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15563021547256938496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:35:32 GMT
x-content-type-options: nosniff
age: 360658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124601
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 17:43:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Sep 2023 07:35:32 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B528 0
26 B 79ms
79ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmobZ9y9Vwe9r690edKijFBYp23xS46740O9rxr3EG-yMu40_fZF4YD5gVS-j5UN4DN3Yrzpd_Hyd1gQV-sVSW9k_UHqAVamr_fF_fS1V8ZThWcx9efnrLalMKFxMFNlNW9cqnJdxVQfOmTO6HCdM3Nsqhbv6VdltRQCRkrCS6rI-D6UkONu0Jx3SfP5ERWFriQiUu5Z2Ogti1agoHxl3faDKFZHZPo3MjwYS9fZ_JD6lTf8Rf3SRtVmBYCOh0rY2sMix4NsbcY5EPgcn3d45ZAs28Q1BBLAXFEN00JYx4IDdvUpQ7onGe_BHK9qAV81ECZm8cHCDbyWAS2EiWGunbyCg_lYfZIFtOOhgmmcITfFuaNjTf0dOX4JFe5HnjNLRYOg1MHOXom6MgWHLea3WSUoI-rKif8ZAXH_iCvQiO1Sew3MnaRt1sJraeihWujd3mMPkSmYHzlAwaDo3GkCRNkKsEM2FZya8_RbDf2rGMK6ZpTqmgR8O6RngTD_IXQ6cciat8v4wqZtPiar2KUfCG5Jrcy_IjDF-wLy66YRdFyqPHJ88W5OVEzv9Lgs_1SEyNmSZTgZ7lD4eAUtG0N_ihuR6uyF39GMlK0yISs4ZyklxoW1FmO6_7CW339qgcTi-Ic_N4j7C6HRaPVQftJRRdbmppcO1nsmI-UEkcxbK2YbgaiOKmq5N5i1KwWQxkzAJya1Q6gRqY0NRWbNw_Tq51sTsceq4AG-ONYxxCUwyj6lmc-DXWLfTDNVrGlL5BLpKcWN8x3XJunbcVW0MJyGrcr6BPVZApRcwcO2isHDIZduguS1dmIqA57oDknnfAy31efWlgkW1WRRqCd94Wt_s3zDHQShA9NUKW64MLgGdnhlVHkWYi_ByWXjFPVrnQvqMpJOFC8CcG2DhbCvDqQidDx-BZF8Av3qZGbmVaer1f-Mpy0krx4hHyCeW4fkUMGZQYEvHK5_Z1VARPaC5mlrjijLOKmgE3o7DxLlx2vnL8FzbWlRhgWdg1kE0LBbbLf0F4qUeyv2R5OB5UfAw5v-PDm2-wc4DGnp6m1_fhAPNnYCbZs18VTYTfVaGOujKWDwfiO2SuuClShzxg22MfvjXe1aekC2LshYqx6RIN7BhIUeYPQ-Hn7uaa9lAVg5qgqkmUrea_j57JGjPv9z6OCuWqTqC2fERocU_WMWTtXh0zcoZVcMRvQWJi5l9dU4oHqVOIMIXK7hh0ljm9OC92ZSEz5_PTs2fswqLgFuyamgF3&sai=AMfl-YSFqApSuzeBDpr0plb89WD6PoF9ZqfbBGUEHe0QTj9EIcxRpb1riMJBHOAlAdx91Y7cK1WQl1dV28xbOesRFdA_qTNAh39lTvsYDzaNxTsgmLlYp5ZJkcYZzO58BbyZ2EApZgPZvxRttJ6MV51YIpoi7PyLoQ&sig=Cg0ArKJSzMmlHH6R4U3WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=599&vt=11&dtpt=410&dett=3&cstd=187&cisv=r20220921.63618&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Sep 2022 11:46:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B528 42 B
64 B 83ms
83ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssS_rs5RoDB_LKdcCGeFpLOebHsnvJxYrSfo1TI20Sz0HuTEdCHKdKJfQacvgU5VcK60gP9RSp7gtjikL7p44yxkSKnAHh9_8712bZGJA4JB5l5co5nJQjDGpsItNsObsxa7gCdXw&sai=AMfl-YSSnxhohhwvtNoV_-akr8SV5FUmYRv2YxM4-mknHK0QJp9FI79DVDGKdfiQb8pOvabMK_ts-mVJmCyynznjDTrNSFbUxRtuttk&sig=Cg0ArKJSzFtrUov5NCQgEAE&cid=CAASEuRo9ZTQ7nkI4rtNg13ptbSfeA&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4253229104&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664019989478&rpt=557&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,209,807%26tos%3D0,2022,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 077D 42 B
63 B 201ms
91ms Image
image/gif 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,209,807%26tos%3D0,2022,0,0,0%26mtos%3D0,2022,2022,2022,2022%26amtos%3D0,0,0,0,0%26mcvt%3D2022%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2197%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D28%26pst%3D202%26dur%3D12010%26vmtime%3D2208%26dtos%3D2022%26dtoss%3D1%26dvs%3D2022%26dfvs%3D0%26dvpt%3D2197%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.91%26mc%3D0.91%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2022;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1664019989198;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 077D 42 B
64 B 78ms
78ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLUj94h40-1V4kygtNweJFFKlFSVnW3HkcRnsociiyvqbjPRdEUv646zkojdQNoKQtCcpgRb_npwR_EHYaXlC1BcuUykqHZwwjuHcYVyS4CL8XPo9qNiyOSAgK&sai=AMfl-YQMSjwCyIAmDw2BEW4q4pG7zDt83hoIAaxyRtsMdGxHhuF8C3DnZCx51_kUbHa7u6sMxvU_A7awQ14h&sig=Cg0ArKJSzDpXUtFpOD_HEAE&cid=CAASBORoX-I&id=lidarv&acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,209,807%26tos%3D0,2022,0,0,0%26mtos%3D0,2022,2022,2022,2022%26amtos%3D0,0,0,0,0%26mcvt%3D2022%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2197%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D28%26pst%3D202%26dur%3D12010%26vmtime%3D2208%26dtos%3D2022%26dtoss%3D1%26dvs%3D2022%26dfvs%3D0%26dvpt%3D2197%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.91%26mc%3D0.91%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2022&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1664019989198

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Sep 2022 11:46:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,209,807%26tos%3D0,2947,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 077D 0
0

GET /
googleads.g.doubleclick.net/pagead/interaction/ Frame 077D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjfBqbfFnn9Pp03KIVny4OHOH4OpzWKwWiV7wk4JHV8tDuo2AhOw3txrusPLI8aLGmZGiQtM9ev80lBTZo8XqVfCZ_2hfmp9hPNJAyM3MNloNu9tTjpDD5TLFqQq4383Ior86JYQ&sai=AMfl-YT-zN4q7tzwJp8bboA-B3tiqklELBRMjWD_YAqk5SpLE_mcT5PCPCI5Dl_7E7DZgBJcMgimAZ-LV0vn&sig=Cg0ArKJSzE5Mdohs_tsUEAE&id=lidartos&mcvt=28&p=0,0,250,332&mtos=28,28,28,28,28&tos=28,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4253229104&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1664019987543&rpt=1288&ec=0&met=mue&wmsd=0

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKL6DOPWYu4xCr_lD86XyRo&google_cver=1&google_push=AZmPxg_-rdxcxmmP6x0Av6XzHECqUAFu_GZ2J-xBsLpKeWpw962J1METeo7v5KtsyC-SHGZEoK7mxmQnY747hBdWGZFjSTuO0_Q

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4_TEwq2t-gIVFZp3Ch1mAAYOEAAYACCJpZVJQhMI9aWPwq2t-gIVMAiiAx21wggh;met=1;acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,209,807%26tos%3D0,2947,0,0,0%26mtos%3D0,2947,2947,2947,2947%26amtos%3D0,0,0,0,0%26mcvt%3D2947%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3122%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D30%26pst%3D202%26dur%3D12010%26vmtime%3D3135%26dtos%3D925%26dtoss%3D2%26dvs%3D925%26dfvs%3D0%26dvpt%3D925%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D275%26c%3D0.91%26mc%3D0.91%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2947,2947,2947,2947%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D15%26psv%3D14%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2947;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1664019989198;ecn1=1;etm1=0;eid1=960584;

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/interaction/?ai=CIp1vE-4uY7XQKbCQiM0PtYWjiAKPsuiHbMiEgLjcEPAuEAEgpa-Hb2C7hoCA0ArIAQWpAkz3zoOgN7I-qAMByAObBKoE7wFP0GnoG59BSBZ4sOdGiQCiVGFCRLNMP8GytrPvyy0RgkJ2sxdfmlQNdOtL75ew3HvEZtxW6LVT6rZBJ42xHDM7fLoiL96RiQNS6Kub2SVP9xpMUNPs6sFwLCH-Gxwjm9ozz9G6eh7LcwHMo4p0Ql9YhMkZGK7mRsBj35DucBC-rZ7CIbF3yK0RXdNuE9eqEoD_RNN3wUhRd2vwaHNHb3d8zfcOaQEs4yNyeKuEJ-U-LgToSRSt8xuJ0AtuLvyNW9ThkseMU-rCMuMGlZpxFMh1Aq3P4_gi1FcSiBevRX1FWJgPmSX96xXSz9_QCYttQMAE-KGDxqQE4AQDkAYBoAZ2gAeh68akAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbAT6Z-lENATANgTA4gUoRjYFAHQFQH4FgGAFwE&sigh=vQX9d8hFfjU&label=videoplaytime25&ad_mt=3135&acvw=sv%3D935%26v%3D20220919%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,209,807%26tos%3D0,2947,0,0,0%26mtos%3D0,2947,2947,2947,2947%26amtos%3D0,0,0,0,0%26mcvt%3D2947%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3122%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D30%26pst%3D202%26dur%3D12010%26vmtime%3D3135%26dtos%3D925%26dtoss%3D2%26dvs%3D925%26dfvs%3D0%26dvpt%3D925%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D275%26c%3D0.91%26mc%3D0.91%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,2947,2947,2947,2947%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D330835145%26psm%3D15%26psv%3D14%26psfv%3D0%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2947&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.08%26t%3D1664019989198

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gumoreska.in.ua/	1970-01-20 14:59:15	Name: pll_language Value: uk
.gumoreska.in.ua/	1970-01-20 15:35:15	Name: __gads Value: ID=99cbe35032a66b15-22c9fc6f2dce003c:T=1664019987:RT=1664019987:S=ALNI_MZepD1cea0EJM0rVdT3lwtGZsxbzQ
.gumoreska.in.ua/	1970-01-20 15:49:39	Name: _ga_XD2CSE5HNH Value: GS1.1.1664019988.1.0.1664019988.0.0.0
.gumoreska.in.ua/	1970-01-20 15:49:39	Name: _ga Value: GA1.3.68445269.1664019988
.gumoreska.in.ua/	1970-01-20 06:15:06	Name: _gid Value: GA1.3.1295804044.1664019988
.gumoreska.in.ua/	1970-01-20 06:13:40	Name: _gat_gtag_UA_131431071_1 Value: 1
.doubleclick.net/	1970-01-20 15:35:15	Name: IDE Value: AHWqTUmMwI7pG5k_3PprOK2Fp02W0V3k97eKLJeBBvZguGcTXbe14mRfNdZs2V-Pl00
.adnxs.com/	1970-01-20 08:23:15	Name: uuid2 Value: 8000448615130290303
.adnxs.com/	1970-01-20 08:23:15	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#f:n>o!]tbPl1M>e)ZlrFUfJ+tGXxpCFvE`HD]Rz+D>7'aB1k6@QrLCjQ<:Z(b7aID3If)y3KL9D3I?+Hq7zdj
.casalemedia.com/	1970-01-20 08:23:15	Name: CMPS Value: 4541
.quantserve.com/	1970-01-20 08:23:15	Name: d Value: ECkBCQGWJ4EA
.quantserve.com/	1970-01-20 15:43:54	Name: mc Value: 632eee15-cae1f-6080f-e68de
.rlcdn.com/	1970-01-20 14:59:15	Name: rlas3 Value: db2xHx0kn/v1WfuhoFuDe17LTv35cb/4H6e89YDfiOI=
.casalemedia.com/	1970-01-20 14:59:15	Name: CMID Value: Yy7uFSPTNomCBZJAGIbScQAA
.casalemedia.com/	1970-01-20 08:23:15	Name: CMPRO Value: 4541
.rlcdn.com/	1970-01-20 07:40:03	Name: pxrc Value: CJXcu5kGEgUI6AcQABIGCOndKhAA
.innovid.com/	1970-01-20 08:23:15	Name: uuid Value: ef2894c1-0286-49b1-8eee-a292bd822bd9-20220924 07:46:29
.agkn.com/	1970-01-20 14:59:15	Name: ab Value: 0001%3AK5j%2B%2BdzAGgHQJE7qpXuT5kgCKxUKj5eP
.agkn.com/	1970-01-20 14:59:15	Name: u Value: C\|0CEAqwaqVKsGqlQAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 08:23:15	Name: CMTS Value: 4479
.e.dlx.addthis.com/	1970-01-20 15:43:54	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:43:54	Name: na_id Value: 2022092411463100018167421586
.addthis.com/	1970-01-20 15:43:54	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:43:54	Name: uid Value: 632eee17b395b3d0
.addthis.com/	1970-01-20 15:43:54	Name: ouid Value: 632eee170001b489f054314ddd22dd5aba166ae02413bad2fdd2
.dlx.addthis.com/	1970-01-20 06:56:51	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:56:51	Name: na_sr Value: 20220924
.dlx.addthis.com/	1970-01-20 06:13:40	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:56:51	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKL6DOPWYu4xCr_lD86XyRo&google_cver=1&google_push=AZmPxg_-rdxcxmmP6x0Av6XzHECqUAFu_GZ2J-xBsLpKeWpw962J1METeo7v5KtsyC-SHGZEoK7mxmQnY747hBdWGZFjSTuO0_Q Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gumoreska.in.ua
ib.adnxs.com
id.rlcdn.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r2---sn-aigzrnsz.c.2mdn.net
region1.google-analytics.com
rtb-csync.smartadserver.com
s0.2mdn.net
sp-ao.shortpixel.ai
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ade.googlesyndication.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
pagead2.googlesyndication.com
104.18.19.126
142.250.102.157
142.250.185.66
142.251.39.66
185.180.12.68
185.86.137.133
185.89.210.46
2001:4860:4802:32::36
216.58.212.162
23.7.201.234
2404:6800:4004:81e::2003
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2002
2a00:1450:4001:800::200e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
2a00:1450:4009:1b::7
2a00:1450:400d:807::200a
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2008
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
2a00:1450:4025:402::9d
2a05:d01c:1d8:8101:fce4:7d96:66d4:9311
35.157.16.92
35.244.174.68
77.83.100.33
8.39.36.142
042d593d6cac578e2df0492e4f8a7f046af3509af77fff4310015dc72de8317c
07ea76a8fbc2a3d22de81428834f1ac895eab8e1b84091549f6a39cb50656bb0
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d066567c4894a89e3e1c53ae1b803733f562e52b7c862977bad337b27b3fa9c
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a73df65a0fa03e359d59f2422b6c464e67c8ad2eab7ac6895ece309cf4a4730
1d9b8995cd861d514d8d6d08b1338e5e15ca3224deee0ce357ea2ad8065d0c8a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21c893a6d9b5ca0d3be8b4ba659493c68cb870a63a4ee84ec8c4d9e30ae6bcd0
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
276c60e4e89665f798b675b425f5aa40942faf13217ffbff48dc68c8d8a73051
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6
3b6cca2fdf07a53ed4e6f113ce70de874275cfe6b54c8b61d3ee9fd4bfc8aaf9
43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5d6c97670cb16f85488af8027610694f916875c5f55af235aa379872405d0fe3
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66b202f286f6566a5c00a5e97a3c87ac805ba2ab0396485ad529b3d6b7fb75d6
67ec803f11712200df40e8457e9ffba669110709706bb9745671956fd1aa9494
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7957066859b6da5d1b065600e921126c2981db53652908f21652c6e2a33928b8
7a584e2fdcda4adee84916ff47e3fe5a50ea99304accfb44c0cec955e99eeb15
7c2fb2f53f28ddfc9fe690f62f03a79f9a8cda371bb1dc025b02495bc61d2966
8653ddc973fe38430a5e51d5118a779a0466c23da5f6ffcc82ca2a82352ffc20
89228a52b6b008d64b288d17bbc3ba3e3f97561e850ff507b4069dde9e15d369
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e8fc2b6d306720c642b84b803fc6babfa1c7715abb6aa6029fd38deb84430ce
91268344ff0b5227c19f3ca0f95c9030afeb9cc8def079f6272d817053f375b1
92ca63be95834384b191762ca6faf153506113c0bf0da0741d4aae83f7db5860
941035fbecb566ed586708b1c0c7259ee6ab02c6f4a66f6b780c18bd2050bd31
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
94de8e2a292922489a6a57e56a9501ba6e0b0da301e6321c80dbcc113599701b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a69428c08a9ef13e7c6ebfe09dd633989ee87feae730f6f591015024b7a2062
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b1ceff2a957431d0adce4a1b0c3e6f995dbdaba47cfec81d7bfb53425468c0
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac9e70f95868827a38a7a27684db2762b8e2b4dc98219213717eace07a75e66e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b791b2c415915ea1b5fca842a48ac621c392de38e98cd6263b1ab1b6c9454256
bbfba9ecde14a323dfdf4f304b68ca3e9db35a8025a5859b49abfde256becc69
bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655
c0c095f0d3d65cfbb4c9bc4aa63e3520e9769a4579e35bfef4b44a775a72e160
c1f242c0ca41b5205d903c5e63adbfaea5caffe0961c686132e9db15f3d1e5a2
c218bf793c038d6169cee916ea29e3a8512180672afba588f3ff50d504b26172
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c73fc04a027202a60174fa7ce3cf283ad3c91f59f613889f9a4c52a71988191a
cd9216308f7433d319f912cfc029861f0176f0d0af13c57338d291f757fb01de
d41ca32f2494913c3a3288f8f23e8e8359f94de1fe46e8695246b9826d207592
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
dc0556eae68e3f5be0b9cfb19901f0f151f82bdd15fc0f2eea23d57a19e4cf2e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df84934cc2c94e758c3958514c3229af43d22da5b9dbb99afe43c1881ef7f8f9
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e393d1a547c71dc5cda7d80fa5eb91a2f615ef179c9f13b315fc3b53b7b1186d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e508fa800971d809f00bf148108afb3a227db75a599c2ada14f4e44184ed9dfc
e63d054d435aaef9da6ec0247916cd5c96c1f75cfdcfe31a9dd4ce5d10a278ca
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e82757f81892467f14842df06fb6ca9350886391b823f1f5d86782db25e15304
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6df68c6b3013ccc1df8fd9aa23657ff3c2cb998d0aa8db2f339269acc91d8ed
f6fec57f620cc83059be3c1523d23818f029304d6929cb05b515e4327dc91193
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9c6a4ee8749d09bd48da6e0253ebba2c87e5d223dfa1ff0bebf577f4fc123dd
fdfef5bdc12edcf41579130a794d409f346cbdbc014e23df96928641917d771a
fe4d9e7ed54d527a9e200b0d8a5949ae177ccd4cceeb5598e89f7a74c00dee3d

gumoreska.in.ua Open in urlscan Pro 77.83.100.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

89 %HTTPS

63 %IPv6

23 Domains

36 Subdomains

30 IPs

10 Countries

3886 kBTransfer

7193 kBSize

29 Cookies

7 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gumoreska.in.ua Open in urlscan Pro
77.83.100.33 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

89 %
HTTPS

63 %
IPv6

23
Domains

36
Subdomains

30
IPs

10
Countries

3886 kB
Transfer

7193 kB
Size

29
Cookies

156 HTTP transactions
8 data transactions