ye.ua Open in urlscan Pro
2606:4700:10::6816:3dfa Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ye.ua/
Effective URL:
https://ye.ua/
Submission: On October 31 via api (October 31st 2022, 5:11:14 am UTC) from GB — Scanned from GB

Summary HTTP 104 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 104 HTTP transactions. The main IP is 2606:4700:10::6816:3dfa, located in United States and belongs to CLOUDFLARENET, US. The main domain is ye.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 4th 2022. Valid for: a year.

This is the only time ye.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:3cfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	2606:4700:10:... 2606:4700:10::6816:3dfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::282 2a04:4e42::282	54113 (FASTLY) (FASTLY)
1	91.218.213.49 91.218.213.49	42352 (QOS) (QOS)
1	193.200.64.20 193.200.64.20	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
104	15

1 2606:4700:10::6816:3cfa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:10::6816:3dfa (United States)

ASN13335 (CLOUDFLARENET, US)

ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
openx2.ye.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.218.213.49 (Ukraine)

ASN42352 (QOS, UA)
PTR: nrcu.gov.ua

radio.nrcu.gov.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network

dominantroute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	ye.ua 1 redirects ye.ua openx2.ye.ua	551 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	350 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	111 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	131 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	142 KB
2	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 71 www.google.com — Cisco Umbrella Rank: 2	898 B
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5524	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 869	691 B
1	dominantroute.com dominantroute.com — Cisco Umbrella Rank: 170091	137 KB
1	nrcu.gov.ua radio.nrcu.gov.ua
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1362	450 B
104	12

	Domain	Requested by
29	ye.ua	1 redirects ye.ua
22	tpc.googlesyndication.com	ye.ua googleads.g.doubleclick.net tpc.googlesyndication.com
14	openx2.ye.ua	ye.ua openx2.ye.ua
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com ye.ua googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	ye.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dominantroute.com	ye.ua
1	radio.nrcu.gov.ua	ye.ua
1	polyfill.io	ye.ua
104	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
accounts.google.com
www.instagram.com
www.youtube.com
twitter.com
t.me
invite.viber.com
openx2.ye.ua
khm-radio.ye.ua
radio.ye.ua
vseazs.com
ua.sinoptik.ua
kam-pod.ye.ua
memory.ye.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-04` - `2023-04-03`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
radio.nrcu.gov.ua R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
dominantroute.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://ye.ua/
Frame ID: 130D192A255C578B52B3A1AD974D8BCB
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: 668070AEDB22A62247B55D33ED3CF700
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667193069&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069150&bpp=5&bdt=607&idt=158&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=5097078902873&frm=20&pv=2&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nNAF2rSaVT&p=https%3A//ye.ua&dtd=176
Frame ID: FF201663AA0A2753D9DC5DA559C5D692
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&adk=1812271804&adf=3025194257&lmt=1667193069&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fye.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069155&bpp=2&bdt=613&idt=178&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=183
Frame ID: 87A4187F609399394B101A691AE8759B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069163&bpp=1&bdt=621&idt=176&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=855&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rnavHPuevP&p=https%3A//ye.ua&dtd=180
Frame ID: E4044A124DE8A11B928F14AC4D5E12FF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069164&bpp=1&bdt=622&idt=182&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1156&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qcPpYiK9Vk&p=https%3A//ye.ua&dtd=185
Frame ID: 7B94BC8298ACCED7C9805F05AE7F7358
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069165&bpp=1&bdt=622&idt=186&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=N1xU6EsH3e&p=https%3A//ye.ua&dtd=189
Frame ID: A15639F0FADD12AAF830258C9F149672
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html
Frame ID: A37E0E5B5EE225948D25C907D2A3186F
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C0IML7VhfY9LwG4LQxgPllobAAfyAtLZs1tP8sKIQxvaOs74yEAEgucf6FWC7hoCA0AqgAcXRg_kDyAEJqQKs30H9WHyzPqgDAcgDSKoEuwFP0D7Q-_cwXvUUbZHclnvQoJY7dGIlLrYUFTcyOs4_6MXyofvz6Y06_PK1sY7jgGlujOqB7EG8sYrtbtyFO2ZgpX-X8s0xXLbwpN2jsjkDUMuwoFfYW2RnE-wD6BZsVppjhdguMlYOM0axYpDKKcMzuUeBzKhGJ27sgQvIjRIFfmR6EFGtq2F3rMrhjY26sWSllhSlDYiBRgEXTitzLGKDncVq5VpQQQXbfrhoS3L7k8bIvZULRSGWny3DwATtjr6xhgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHo678BqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDENRU0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMTIxNjg0MjQ0OTEyNzM2NRgA&sigh=gWCOBtbFAyY&uach_m=[UACH]&template_id=419
Frame ID: A47529A9FC514B34F786D0314A0E334E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C323FAA8CD4FD77F794DA57AE108FBD5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: B9F914D4438D4FC8310E7020D9BF8F0F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 60D598C45A0C35471432C9345D63D337
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Хмельницького "Є" | ye.ua ye-logo.v1.2

Page URL History Show full URLs

http://ye.ua/ HTTP 301
https://ye.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

100 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

15
IPs

4
Countries

1427 kB
Transfer

3240 kB
Size

13
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/v2.10/dialog/oauth?client_id=2010787465808195&scope=email&redirect_uri=https://ye.ua/include/other/all/fb.php

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?scope=email%20profile&state=%2Fprofile&redirect_uri=https://ye.ua/include%2Fother%2Fall%2Fgoogle.php&response_type=code&client_id=972825115840-li07dtavfsc46bibgg6ngt89ngk4ti00.apps.googleusercontent.com&approval_prompt=force

Search URL Search Domain Scan URL

URL: https://www.facebook.com/www.ye.ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ye.ua/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/gazetaE

Search URL Search Domain Scan URL

URL: https://twitter.com/GazetaYEnews

Search URL Search Domain Scan URL

URL: https://t.me/yeuanews

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQB2YhGIZF29XEpluCJevfH%2BsB2C%2BPPVaT%2B8U14DWSTUUX5G66bRxOGSH0OHxhDE

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=64__zoneid=25__cb=a3f398298c__oadest=https%3A%2F%2Fye.ua%2Fogo%2Fadd%2F%3Fref%3Dright-col

Search URL Search Domain Scan URL

URL: http://khm-radio.ye.ua/
Title: khm-radio.ye.ua

Search URL Search Domain Scan URL

URL: http://radio.ye.ua/
Title: radio.ye.ua

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=65__zoneid=28__cb=6dd6f33aaf__oadest=https%3A%2F%2Fwww.facebook.com%2Fgroups%2Fyeuaogo%2F%3Fref%3Dshare

Search URL Search Domain Scan URL

URL: https://vseazs.com/
Title: * вартість пального згідно з сайтом vseazs.com

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=73__zoneid=27__cb=28567c4524__oadest=https%3A%2F%2Fmotopoland.com.ua%2Fua%2F

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D1%85%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%B8%D0%B9
Title: Погода на 7 днів

Search URL Search Domain Scan URL

URL: https://openx2.ye.ua/www/delivery/ck.php?oaparams=2__bannerid=71__zoneid=21__cb=76939e121f__oadest=https%3A%2F%2Ftabletki.ua%2F%25D0%259D%25D0%25BE%25D1%2580%25D0%25BC%25D0%25BE%25D0%25B2%25D0%25B5%25D0%25BD%2Fpharmacy%2Fkhmelnitsky%2F

Search URL Search Domain Scan URL

URL: https://kam-pod.ye.ua/
Title: kam-pod.ye.ua

Search URL Search Domain Scan URL

URL: https://memory.ye.ua/
Title: Книга пам'яті

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ye.ua/ HTTP 301
https://ye.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

104 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ye.ua/
Redirect Chain

http://ye.ua/
https://ye.ua/

162 KB
40 KB

481ms
415ms

Document
text/html

2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.0

Resource Hash

82e3f78dee1414968b5f5ebe3b1cc871f033645867c94a8c4f9fae0e289918ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7629e363d84672de-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 31 Oct 2022 05:11:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.0
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-Ray: 7629e362a885771a-LHR
Connection: keep-alive
Content-Type: text/html
Date: Mon, 31 Oct 2022 05:11:08 GMT
Location: https://ye.ua/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ye.ua/js/js/js/ 85 KB
30 KB 42ms
39ms Script
application/javascript 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/jquery.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 06 Sep 2018 06:25:06 GMT
server: cloudflare
content-encoding: gzip
age: 18094157
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7629e36679b072de-LHR
x-xss-protection: 1; mode=block
expires: Tue, 04 Apr 2023 19:01:11 GMT

GET
H2 200 jquery.cookie.min.js Show response
ye.ua/js/js/default/ 2 KB
947 B 41ms
38ms Script
application/javascript 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/default/jquery.cookie.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b6e442e0162e2c67d3cf272012edd38a95076ecb4b71f54c28a8810f4dbbb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 05 Aug 2015 07:56:00 GMT
server: cloudflare
content-encoding: gzip
age: 18094157
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7629e36689b672de-LHR
x-xss-protection: 1; mode=block
expires: Tue, 04 Apr 2023 19:01:11 GMT

GET
H2 200 popper.min.js Show response
ye.ua/js/js/js/ 20 KB
7 KB 36ms
36ms Script
application/javascript 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/popper.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 06 Sep 2018 06:25:06 GMT
server: cloudflare
content-encoding: gzip
age: 18094157
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7629e366f9f172de-LHR
x-xss-protection: 1; mode=block
expires: Tue, 04 Apr 2023 19:01:12 GMT

GET
H2 200 bootstrap.min.js Show response
ye.ua/js/js/js/ 50 KB
14 KB 155ms
155ms Script
application/javascript 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/bootstrap.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-c62b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7629e366f9f372de-LHR

GET
H2 200 polyfill.min.js Show response
polyfill.io/v2/ 222 B
450 B 109ms
39ms Script
text/javascript 2a04:4e42::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
content-encoding: br
last-modified: Wed, 26 Oct 2022 16:31:51 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/99.0.0
server-timing: cache-lcy19252, PASS, fastly;desc="Edge time";dur=10
accept-ranges: bytes
content-length: 126

GET
H2 200 app.min.js Show response
ye.ua/js/js/js/ 34 KB
10 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/js/js/js/app.min.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b49df55acb1072af429ec4f155107c35de1921d9053fabb2693b0e57749f224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 625
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-89ce"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7629e36709f872de-LHR

GET
H2 200 asyncjs.php Show response
openx2.ye.ua/www/delivery/ 10 KB
4 KB 123ms
113ms Script
text/javascript 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://openx2.ye.ua/www/delivery/asyncjs.php
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: f3b5932558e6a765f1bfc3fb5ee364013cd03588adcf0f22293a77ddf2e90df0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Mon, 31 Oct 2022 06:11:08 GMT
cf-ray: 7629e3671a0272de-LHR

GET
H2 200 bootstrap-custom.css
ye.ua/css/css/css/ 191 KB
26 KB 43ms
41ms Stylesheet
text/css 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/bootstrap-custom.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0854243cee262b5de8673e332e533bcf232cda58cc48405d79998d6888ada200

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 10 Jan 2019 10:11:36 GMT
server: cloudflare
age: 12369389
vary: Accept-Encoding
content-type: text/css; charset=utf-8
content-encoding: gzip
cache-control: public, max-age=31556926
cf-ray: 7629e36679b172de-LHR
x-xss-protection: 1; mode=block
expires: Sat, 10 Jun 2023 01:09:23 GMT

GET
H2 200 fontawesome-custom.css
ye.ua/css/css/css/ 54 KB
12 KB 74ms
72ms Stylesheet
text/css 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/fontawesome-custom.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b59270e2d2a3730d00b61b36541001751277b940d73846e9f44ee7f189c60b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 18094157
cf-polished: origSize=55047
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 14 Jan 2020 09:45:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7629e36679b272de-LHR
expires: Tue, 04 Apr 2023 19:01:11 GMT

GET
H2 200 app.min.css
ye.ua/css/css/css/ 59 KB
11 KB 39ms
37ms Stylesheet
text/css 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/app.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ddaf573663b8243cc0e85098b1723ace007f1c13d83f6a1a95c554e37162fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 625
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-edf0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7629e36689b472de-LHR

GET
H2 200 legacy.min.css
ye.ua/css/css/css/ 10 KB
3 KB 39ms
38ms Stylesheet
text/css 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/legacy.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

890d81648be2bed4a1da49a1bab308041e26f3f6267f4dd41a76f3e2541e6fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 09 Jun 2022 21:16:47 GMT
server: cloudflare
content-encoding: gzip
age: 12354875
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556926
cf-ray: 7629e36689b572de-LHR
x-xss-protection: 1; mode=block
expires: Sat, 10 Jun 2023 05:11:17 GMT

GET
H2 200 icon_256x256.webp
ye.ua/images/ 11 KB
11 KB 49ms
48ms Image
image/webp 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/icon_256x256.webp

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ac0c44e962362e044f2df416f2553775b38b1b8064470f648825aa8d2a8996e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 624
content-length: 10868
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 19:28:25 GMT
server: cloudflare
etag: "62a4ecd9-2a74"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e36709f972de-LHR

GET
H2 200 big__Dzhamala_Maks_Barskih_Sergiy_Lazanovskiy_Grindzholi_Probass_Hardi__pidbirka_novoyi_ukrayinskoyi_muziki_1_2022_10_30_02_27_47.jpg
ye.ua/images/news/topnews/ 28 KB
28 KB 183ms
182ms Image
image/jpeg 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/big__Dzhamala_Maks_Barskih_Sergiy_Lazanovskiy_Grindzholi_Probass_Hardi__pidbirka_novoyi_ukrayinskoyi_muziki_1_2022_10_30_02_27_47.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

594a4a4b328398dcf0194f0e0c8edb4300c64eaf5dfdfe323ba6d5248b355068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 28739
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 30 Oct 2022 17:15:28 GMT
server: cloudflare
etag: "635eb130-7043"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e36709fa72de-LHR

GET
H2 200 print.min.css
ye.ua/css/css/css/ 2 KB
849 B 38ms
37ms Stylesheet
text/css 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/css/print.min.css

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8fe10f28fa2e884b988f4ef91390487f598e21fb54eb9c1a11ed39d647288a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5697
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: W/"62a4d96d-666"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
permissions-policy: interest-cohort=()
cf-ray: 7629e36709fb72de-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-regular.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 37ms
37ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-regular.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 624
content-length: 19156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4ad4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e36709ff72de-LHR

GET
H/1.1 200
OK ur1-mp3-m
radio.nrcu.gov.ua/ 127 KB
0 699ms
476ms Media
audio/mpeg 91.218.213.49
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://radio.nrcu.gov.ua/ur1-mp3-m
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.213.49 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: nrcu.gov.ua
Software: nginx /
Resource Hash

Request headers

Referer: https://ye.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Pragma: no-cache
Date: Mon, 31 Oct 2022 05:11:05 GMT
icy-name: UA:Óêðà¿íñüêå ðàä³î
Server: nginx
icy-br: 128
Transfer-Encoding: chunked
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
icy-pub: -1
Cache-Control: no-cache, no-store
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ornament.svg
ye.ua/css/css/images/ 1 KB
615 B 35ms
34ms Image
image/svg+xml 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/css/css/images/ornament.svg

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7c176af91f6fc30c3e49051636d4b456531b4e75245a62d931c9a8bb77ea4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/css/css/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 06 Sep 2018 06:27:13 GMT
server: cloudflare
content-encoding: gzip
age: 18094157
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31556926
cf-ray: 7629e3671a0a72de-LHR
x-xss-protection: 1; mode=block
expires: Wed, 04 May 2022 19:01:12 GMT

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 open-sans-condensed-v12-cyrillic_latin-700.woff2
ye.ua/css/css/fonts/ 22 KB
22 KB 42ms
41ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-condensed-v12-cyrillic_latin-700.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94e274617dd12daa61f94f74bcd2a3ceb82ad275b53ef797946a3608b0e1222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 624
content-length: 22776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-58f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3673a1d72de-LHR

GET
H2 200 fa-solid-900.woff2
ye.ua/css/css/fonts/ 49 KB
49 KB 155ms
154ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-solid-900.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 50372
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-c4c4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3673a1e72de-LHR

GET
H2 200 fa-regular-400.woff2
ye.ua/css/css/fonts/ 12 KB
12 KB 156ms
156ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-regular-400.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 12188
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-2f9c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3673a2372de-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-700.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 156ms
156ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-700.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19836
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3673a2472de-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-600.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 155ms
154ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-600.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19716
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d04"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3674a2672de-LHR

GET
H2 200 fa-brands-400.woff2
ye.ua/css/css/fonts/ 60 KB
60 KB 37ms
36ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/fa-brands-400.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/fontawesome-custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/fontawesome-custom.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 624
content-length: 61336
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-ef98"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3674a2772de-LHR

GET
H2 200 open-sans-v15-cyrillic_latin-300.woff2
ye.ua/css/css/fonts/ 19 KB
19 KB 156ms
156ms Font
font/woff2 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/css/css/fonts/open-sans-v15-cyrillic_latin-300.woff2

Requested by

Host: ye.ua
URL: https://ye.ua/css/css/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dd2bc32e766754718771fbbd323bd27ae4e64f71b28d87a619368ebf52a3c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ye.ua/css/css/css/app.min.css
Origin: https://ye.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-length: 19744
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 11 Jun 2022 18:05:33 GMT
server: cloudflare
etag: "62a4d96d-4d20"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3676a3a72de-LHR

GET
H/1.1 200
OK vinos.js Show response
dominantroute.com/bens/ 137 KB
137 KB 305ms
124ms Script
text/javascript 193.200.64.20
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://dominantroute.com/bens/vinos.js?24657&u=null&a=0.5689687512584651
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: etarg.network
Software: nginx /
Resource Hash: 1325acfc246f14dd2fbfae07ca5819b65500e1c59f33bffb0ab12cc953f2926d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript; charset=utf-8
Date: Mon, 31 Oct 2022 05:11:08 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 asyncspc.php Show response
openx2.ye.ua/www/delivery/ 5 KB
1 KB 56ms
56ms XHR
application/json 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://openx2.ye.ua/www/delivery/asyncspc.php?zones=23%7C25%7C28%7C29%7C27%7C30%7C21%7C34&prefix=revive-0-&loc=https%3A%2F%2Fye.ua%2F
Requested by: Host: openx2.ye.ua
URL: https://openx2.ye.ua/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 7aab0996995e4e288e8cb043042a8433d81c210626d984a7d38e6f8659a5f31b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ye.ua
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7629e3680a9e72de-LHR
expires: 0

GET
H2 200 s.js Show response
ye.ua/cdn-cgi/zaraz/ 5 KB
3 KB 51ms
51ms Script
text/javascript 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ye.ua/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyJUQwJTlEJUQwJUJFJUQwJUIyJUQwJUI4JUQwJUJEJUQwJUI4JTIwJUQwJUE1JUQwJUJDJUQwJUI1JUQwJUJCJUQxJThDJUQwJUJEJUQwJUI4JUQxJTg2JUQxJThDJUQwJUJBJUQwJUJFJUQwJUIzJUQwJUJFJTIwJTVDJTIyJUQwJTg0JTVDJTIyJTIwJTdDJTIweWUudWElMjIlMkMlMjJ4JTIyJTNBMC4xMDM1NDc0MjA5OTkzNjQ5OCUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGeWUudWElMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5092fd8e11d3b5828ec590a4de928fffb37e4ee373180657d41686adc054c19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
content-encoding: gzip
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://ye.ua
content-type: text/javascript
access-control-allow-credentials: true
cf-ray: 7629e3680a9f72de-LHR
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
55 KB 163ms
72ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35dfe980f86c1350b594ea60c883aaacc4b6a212fa70ecab54576069d3af0689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55275
x-xss-protection: 0
server: cafe
etag: 17447525275656012887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 05:11:08 GMT

GET
H2 200 sm__De_na_Hmelnichchini_z_listopada_zaboronili_ribaliti_1_2022_10_30_01_16_13.jpg
ye.ua/images/news/topnews/ 15 KB
15 KB 188ms
187ms Image
image/jpeg 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/sm__De_na_Hmelnichchini_z_listopada_zaboronili_ribaliti_1_2022_10_30_01_16_13.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91a83c82fde13931d201c4a7b469c77b8ccd584748e1d8f5a8dbc1cec3e0b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 15519
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 30 Oct 2022 14:16:18 GMT
server: cloudflare
etag: "635e8732-3c9f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3682aaa72de-LHR

GET
H2 200 sm__Pogoda_na_zavtra_31_zhovtnya___hmarno_teplo_ta_bez_opadiv_1_2022_10_30_02_32_09.jpg
ye.ua/images/news/topnews/ 39 KB
40 KB 180ms
179ms Image
image/jpeg 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/topnews/sm__Pogoda_na_zavtra_31_zhovtnya___hmarno_teplo_ta_bez_opadiv_1_2022_10_30_02_32_09.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f2f888ce75a896a6bd35f6e9db22a8de57acb8b23c744140b8fa6406da4df2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 40403
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 30 Oct 2022 13:04:23 GMT
server: cloudflare
etag: "635e7657-9dd3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3682aab72de-LHR

GET
H2 200 61347.jpg
ye.ua/images/news/preview/ 10 KB
11 KB 153ms
152ms Image
image/jpeg 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/preview/61347.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b5db73d91c9991901f6fe2ae659cab525c8cec51c67a2862cd70ffd44ad04bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 10728
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 30 Oct 2022 10:20:05 GMT
server: cloudflare
etag: "635e4fd5-29e8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3682aad72de-LHR

GET
H2 200 61367.jpg
ye.ua/images/news/preview/ 14 KB
14 KB 180ms
180ms Image
image/jpeg 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ye.ua/images/news/preview/61367.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5c730e5b86e72303ed8a45b164716d4f5e6841da9d7243d5ed23defd8ce6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 14272
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 30 Oct 2022 07:19:19 GMT
server: cloudflare
etag: "635e2577-37c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 7629e3682aae72de-LHR

POST
H2 200 ogoService.php Show response
ye.ua/ajax/ 862 B
609 B 72ms
72ms XHR
text/html 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ye.ua/ajax/ogoService.php

Requested by

Host: ye.ua
URL: https://ye.ua/js/js/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.0

Resource Hash

b6b4cad88c6a1815c885c113d0bd2a9e91be968831a8d643e31916008bebba63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ye.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-powered-by: PHP/8.1.0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
permissions-policy: interest-cohort=()
cf-ray: 7629e3682aaf72de-LHR
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
137 B 63ms
62ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=23&loc=https%3A%2F%2Fye.ua%2F&cb=061a47cc21
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3686ad672de-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 119ms
118ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=64&campaignid=54&zoneid=25&loc=https%3A%2F%2Fye.ua%2F&cb=a3f398298c
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3686ad772de-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 109ms
107ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=65&campaignid=54&zoneid=28&loc=https%3A%2F%2Fye.ua%2F&cb=6dd6f33aaf
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3686ad872de-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 107ms
106ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=29&loc=https%3A%2F%2Fye.ua%2F&cb=f420a40cbc
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3686ad972de-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
157 B 105ms
104ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=73&campaignid=59&zoneid=27&loc=https%3A%2F%2Fye.ua%2F&cb=28567c4524
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3686ada72de-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 115ms
115ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=30&loc=https%3A%2F%2Fye.ua%2F&cb=f946fd11e8
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3686add72de-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 109ms
108ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=71&campaignid=57&zoneid=21&loc=https%3A%2F%2Fye.ua%2F&cb=76939e121f
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3687adf72de-LHR
content-length: 43
expires: 0

GET
H2 200 lg.php
openx2.ye.ua/www/delivery/ 43 B
101 B 112ms
111ms Image
image/gif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2.ye.ua/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=34&loc=https%3A%2F%2Fye.ua%2F&cb=6f0894e421
Requested by: Host: ye.ua
URL: https://ye.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.3.33
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7629e3687ade72de-LHR
content-length: 43
expires: 0

GET
H2 200 9fd568dd44821cd84166a0cec6edc56c.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 5 KB
5 KB 71ms
70ms Image
image/webp 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/9fd568dd44821cd84166a0cec6edc56c.gif

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8adebfd685a1b2fe5148e65f71830e4e6a1d843b6c9f0d86b285d59cfb6d2080

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 5088
cf-resized: internal=ok/m q=0 n=13 c=0+15 v=2022.10.4 l=5088
last-modified: Sat, 12 Mar 2022 12:25:15 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cfzQoXuA-LP4WUQY2S46EWZA:2b16-5da048a1f71bf"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7629e3688ae972de-LHR

GET
H2 200 4096fe248f247f37042a18a207955f0a.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 6 KB
7 KB 62ms
62ms Image
image/webp 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/4096fe248f247f37042a18a207955f0a.gif

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad5b538430a5af477f4e1955b9ce53245b26a01f56ed2b273c5eee5ff28ed9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 6616
cf-resized: internal=ok/h q=0 n=49 c=1+18 v=2022.10.4 l=6616
last-modified: Sat, 12 Mar 2022 12:28:14 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cf-Hw0m-lmfxLaxnLdVvPzEg:48c7-5da0494c3e016"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7629e3691b2a72de-LHR

GET
H2 200 c1a3c73fbf899e530542eb6577abda98.jpg
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 7 KB
7 KB 62ms
62ms Image
image/avif 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/c1a3c73fbf899e530542eb6577abda98.jpg

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a80c04d986f60031fb15fa72a16f950fa952bfd99fd60ba5dea6196b7942fac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 07 Oct 2022 12:03:58 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cf1dSCwxx7omIxtvzmU1wwcw:7f0b-5ea709ad82d85"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7629e3691b2d72de-LHR
content-length: 7162
cf-resized: internal=ok/h q=0 n=36 c=0+110 v=2022.10.5 l=7162

GET
H2 200 cb127a8c5e8d08f121be5882d9cf8332.gif
openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/ 30 KB
30 KB 45ms
44ms Image
image/webp 2606:4700:10::6816:3dfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://openx2.ye.ua/cdn-cgi/image/format=auto,quality=75/www/images/cb127a8c5e8d08f121be5882d9cf8332.gif

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3dfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33c3e10d2c03033c12a4134b9fdfa6955ea6c7f86cf30a1698d4dde834e9f6fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 30320
cf-resized: internal=ok/h q=0 n=11 c=2+33 v=2022.10.4 l=30320
last-modified: Mon, 03 Oct 2022 11:00:01 GMT
cf-bgj: imgq:75,h2pri
server: cloudflare
etag: "cfuKKxLHvs_YB_VQAAskSofg:13426-5ea1f3ebd9c98"
vary: Accept, Accept-Encoding
warning: cf-images 299 "AVIF anim not supported"
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7629e3692b3672de-LHR

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame 6680 10 KB
5 KB 130ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 18171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 00:08:18 GMT
etag: 9671129459699598864
expires: Mon, 14 Nov 2022 00:08:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 353 KB
116 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1216842449127365&plah=ye.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79fef50772bf398e6c3d1bde4151ad840acf0749697048e80f9d864ea537cc2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118892
x-xss-protection: 0
server: cafe
etag: 106677084045393625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
691 B 145ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ye.ua&callback=_gfp_s_&client=ca-pub-1216842449127365&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1216842449127365&plah=ye.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

148138a356a9ab395a2cb8b812a43508ec9cb28cbfc5ac985fe1b68f82802523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 152ms
49ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ye.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
49ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ye.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF20 87 KB
31 KB 346ms
262ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667193069&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069150&bpp=5&bdt=607&idt=158&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=5097078902873&frm=20&pv=2&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nNAF2rSaVT&p=https%3A//ye.ua&dtd=176

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcbd1b7bfbf2843df912a951e9a53e30c899e4301427e883aed82e2929c2c740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32204
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 05:11:09 GMT
expires: Mon, 31 Oct 2022 05:11:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fye.ua%2F&tn=DIV&id=scroll-progress&cls=scroll-progress&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ye.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87A4 0
19 B 172ms
100ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&adk=1812271804&adf=3025194257&lmt=1667193069&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fye.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069155&bpp=2&bdt=613&idt=178&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=183

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 05:11:09 GMT
expires: Mon, 31 Oct 2022 05:11:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E404 89 KB
32 KB 371ms
303ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069163&bpp=1&bdt=621&idt=176&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=855&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rnavHPuevP&p=https%3A//ye.ua&dtd=180

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf032d322f8afdea963fc96e34c1cd86818f8eae908a48e3dd7a4a5709c4df03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32370
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 05:11:09 GMT
expires: Mon, 31 Oct 2022 05:11:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B94 430 B
230 B 374ms
313ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6939803206&adk=1421142297&adf=3150062283&pi=t.ma~as.6939803206&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069164&bpp=1&bdt=622&idt=182&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1156&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=qcPpYiK9Vk&p=https%3A//ye.ua&dtd=185

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fba3c972462957a5412080f3fae134607e28e5000af6aa56a5ae5b97fedb9195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 05:11:09 GMT
expires: Mon, 31 Oct 2022 05:11:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A156 134 KB
43 KB 279ms
223ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069165&bpp=1&bdt=622&idt=186&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=N1xU6EsH3e&p=https%3A//ye.ua&dtd=189

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592fcae7d35e3e8941bdc2460a0b26e53c616ec8a422d024d109caeb763795cb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJKbtZXaifsCFQKocQodZYsBGA&gqi=7VhfY6fGGrCB7_UPpumRmAE&layout=/sadbundle/%24csp%253Der3%24/14541270369334595131/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ye.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43888
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJKbtZXaifsCFQKocQodZYsBGA&gqi=7VhfY6fGGrCB7_UPpumRmAE&layout=/sadbundle/%24csp%253Der3%24/14541270369334595131/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 05:11:09 GMT
expires: Mon, 31 Oct 2022 05:11:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/ Frame A37E 16 KB
5 KB 181ms
87ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6726c48638d4e3716d5c861ab6c0ea2e3b00eb5d2ce574848824b4ca51d5fc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 275101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3774
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 00:46:08 GMT
expires: Sat, 28 Oct 2023 00:46:08 GMT
last-modified: Fri, 02 Sep 2022 10:57:47 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A475 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0IML7VhfY9LwG4LQxgPllobAAfyAtLZs1tP8sKIQxvaOs74yEAEgucf6FWC7hoCA0AqgAcXRg_kDyAEJqQKs30H9WHyzPqgDAcgDSKoEuwFP0D7Q-_cwXvUUbZHclnvQoJY7dGIlLrYUFTcyOs4_6MXyofvz6Y06_PK1sY7jgGlujOqB7EG8sYrtbtyFO2ZgpX-X8s0xXLbwpN2jsjkDUMuwoFfYW2RnE-wD6BZsVppjhdguMlYOM0axYpDKKcMzuUeBzKhGJ27sgQvIjRIFfmR6EFGtq2F3rMrhjY26sWSllhSlDYiBRgEXTitzLGKDncVq5VpQQQXbfrhoS3L7k8bIvZULRSGWny3DwATtjr6xhgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHo678BqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDENRU0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMTIxNjg0MjQ0OTEyNzM2NRgA&sigh=gWCOBtbFAyY&uach_m=[UACH]&template_id=419

Requested by

Host: ye.ua
URL: https://ye.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069165&bpp=1&bdt=622&idt=186&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=N1xU6EsH3e&p=https%3A//ye.ua&dtd=189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Oct 2022 05:11:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame A475 23 KB
10 KB 132ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069165&bpp=1&bdt=622&idt=186&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=N1xU6EsH3e&p=https%3A//ye.ua&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 00:13:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A475 3 KB
1 KB 208ms
117ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 00:13:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame A475 17 KB
7 KB 137ms
46ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A475 153 KB
48 KB 143ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FF20 4 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667193069&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069150&bpp=5&bdt=607&idt=158&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=5097078902873&frm=20&pv=2&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nNAF2rSaVT&p=https%3A//ye.ua&dtd=176

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 03:18:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame FF20 2 KB
847 B 200ms
118ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 18:28:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FF20 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv40e7VhfY8ygG5GKjuwP74m1IIOE7_JngKTPrIwPvZWb4sYuEAEgucf6FWC7hoCA0AqgAdKipKgCyAEJqQK-6H6cqveBPqgDAcgDywSqBMIBT9D1JUVWzt5eoVa1YosFPqimeAEoWUQnfo3Wx38-JlaLE7sMgz-esjlo3mKfVd9dLJkhadmd8KB46Op4K5EKKDDY7UTJq0jhOTe4LgLdHhSixS0dxu-QDvR1vU4bRuuFTs4xWWG0YMq2VsumnBsbSJKaf5npTj9RLzMh-TNwbF6UGnBjAaP-8dttefgcSeeJ3x31qZ4oFbnQca4_paWPA4o1gMmzTXjwylaGpZKEtY5xybPO_bOfjhOJGz3R1RqdGMXABKSpx-qLBKAGLoAHlt3b1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDylQjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwPQFQGAFwGyFxwKGggAEhRwdWItMTIxNjg0MjQ0OTEyNzM2NRgA&sigh=PcSvRYozA10&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=60&slotname=1921848652&adk=4228632296&adf=3865820252&pi=t.ma~as.1921848652&w=980&lmt=1667193069&format=980x60&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069150&bpp=5&bdt=607&idt=158&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&correlator=5097078902873&frm=20&pv=2&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CaeE%7C&abl=NA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nNAF2rSaVT&p=https%3A//ye.ua&dtd=176
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Oct 2022 05:11:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame FF20 23 KB
9 KB 124ms
52ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 00:13:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame FF20 3 KB
1 KB 190ms
119ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 00:13:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame FF20 17 KB
7 KB 172ms
101ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF20 153 KB
47 KB 182ms
110ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame FF20 33 KB
14 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5520342198612875945/ Frame FF20 6 KB
7 KB 192ms
121ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5520342198612875945/downsize_200k_v1?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05790f844b59c1ea762bd248d3193cdbfbfd633891bf405eec087117b26bc765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:00:00 GMT
x-content-type-options: nosniff
age: 245469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6548
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 10:08:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 09:00:00 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15256573419694504594/ Frame FF20 1 KB
2 KB 169ms
99ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15256573419694504594/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf94ecc3151e0f0e409130b2b4c9ce737e5287fafe23c4d9774b94d01406c044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:00:02 GMT
x-content-type-options: nosniff
age: 227467
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1448
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 10:08:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 14:00:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E404 6 KB
745 B 109ms
51ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069163&bpp=1&bdt=621&idt=176&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=855&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rnavHPuevP&p=https%3A//ye.ua&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 03:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame E404 2 KB
799 B 170ms
120ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 18:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 18:28:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame E404 23 KB
9 KB 157ms
106ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 00:13:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame E404 3 KB
1 KB 154ms
121ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 00:13:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame E404 17 KB
7 KB 130ms
80ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 18:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 18:22:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E404 153 KB
47 KB 174ms
124ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 05:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame E404 33 KB
14 KB 98ms
48ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 407397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E404 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyA4x7VhfY9nYG5Cg1fAP79Ou4A2DhO_yZ9ijz6yMD72Vm-LGLhABILnH-hVgu4aAgNAKoAHSoqSoAsgBCakCvuh-nKr3gT6oAwHIA8sEqgTGAU_QIdvSALe_6ruhYInGbyLJ6k1VDwzvXgAxrV50nPFhDYJVSy0TPpmpT6gfduSx2LjCNrVdyvcEbsxSUXeFA5QUSGMnPXHJRwpwGX_wwVS-7lTEN8uOrNyBmrp3Dkj7csxnt_P82S9Xw9sLZKeFS-E8HnOmE0DBQTH2NsRonBjuuvgpuOMQlnX0_wi9i8YsUAEVPsTXmnDE4gaydx8W7xkW0yy5qr-5LbOTNuk9CdSwRgQoFEDEQSdnXKaTbj56RS7mEcFDYMAEpKnH6osEoAYugAeW3dvXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMuyBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTA9AVAYAXAbIXHAoaCAASFHB1Yi0xMjE2ODQyNDQ5MTI3MzY1GAA&sigh=LgqWOm9trtM&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=6561702719&adk=1832233552&adf=1808043182&pi=t.ma~as.6561702719&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069163&bpp=1&bdt=621&idt=176&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=855&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rnavHPuevP&p=https%3A//ye.ua&dtd=180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Oct 2022 05:11:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Oct 2022 05:11:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16968570065217829730/ Frame E404 8 KB
9 KB 120ms
92ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16968570065217829730/14763004658117789537?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ae4fcf8de691e8b56594bcb6c6fec789b9ff6052e599beb8b6d65ee19241fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 00:37:31 GMT
x-content-type-options: nosniff
age: 362018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8666
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:47:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Oct 2023 00:37:31 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15256573419694504594/ Frame E404 2 KB
2 KB 128ms
100ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15256573419694504594/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13d0ea4c8c0ede513387c274e7471b7573c8defb287e533ed2410e761c0bb057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:29:57 GMT
x-content-type-options: nosniff
age: 513672
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1813
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 08:32:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Oct 2023 06:29:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C323 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1216842449127365&output=html&h=100&slotname=5220700882&adk=138781024&adf=328285302&pi=t.ma~as.5220700882&w=481&lmt=1667193069&rafmt=12&format=481x100&url=https%3A%2F%2Fye.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667193069165&bpp=1&bdt=622&idt=186&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x60%2C0x0%2C481x100%2C481x100&nras=1&correlator=5097078902873&frm=20&pv=1&ga_vid=409524845.1667193069&ga_sid=1667193069&ga_hid=1180080188&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=46&ady=1864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31070306%2C42531705%2C44775017&oid=2&pvsid=2858693210762073&tmod=2021721025&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Cd%7CopEebr%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=N1xU6EsH3e&p=https%3A//ye.ua&dtd=189
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 04:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A475 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98677c00a44c940f0dbe2cc7828a05d08381c7fcebc0ac0ea96e5dcf674a9bfa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A37E 6 KB
3 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 31 Oct 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A37E 34 KB
13 KB 126ms
42ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 31 Oct 2022 09:40:58 GMT

GET
H3 200 054773aa3fafab98903aa56130c97b22.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/ Frame A37E 87 KB
25 KB 143ms
60ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/054773aa3fafab98903aa56130c97b22.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65294db285731672a5e4f0450a7b3631fd24366059ee0957069477c795403213

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 23:10:04 GMT
age: 194465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25328
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 10:57:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 23:10:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C323
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
53ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 05:11:10 GMT
expires: Mon, 31 Oct 2022 05:11:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Oct 2022 05:11:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FF20 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d53f22e3a56e49082d6b86aaedfb612b089b26d4fe497252142d561535389019

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E404 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fccc2e673d48fdd7bd931cde23aa5641fecc824b2cf4587d648965d7334e47c4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF20 15 KB
16 KB 198ms
85ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 259301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF20 15 KB
16 KB 154ms
41ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 230177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E404 15 KB
15 KB 209ms
113ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 204530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 20:22:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E404 15 KB
16 KB 205ms
112ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 259301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 05:09:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E404 15 KB
15 KB 140ms
51ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 230177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 13:14:53 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame B9F9 36 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 00:14:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A37E 4 KB
621 B 136ms
52ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/054773aa3fafab98903aa56130c97b22.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10464e0d2dbf3451240f35c31cccb7655ae8b4846233be895c5f2e86b84d3a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Oct 2022 05:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 05:11:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Oct 2022 05:11:10 GMT

GET
H3 200 630d2f679086e3449dd9fcd2924aac6b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/media/ Frame A37E 7 KB
7 KB 42ms
41ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/media/630d2f679086e3449dd9fcd2924aac6b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

192a179a38b4fdc6132560eb2dcc3d5151c74b0433ba19592388bf78d2b8d8ea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 23:10:05 GMT
x-content-type-options: nosniff
age: 194465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6796
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 10:57:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 23:10:05 GMT

GET
H3 200 02b8279f2be422d55ee4d47a706b0273.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/media/ Frame A37E 3 KB
3 KB 43ms
42ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/media/02b8279f2be422d55ee4d47a706b0273.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfce95dc635107b9946656d3b4a5aa8f08cde9fc41947d251d9438324c6a9f84

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 23:10:05 GMT
x-content-type-options: nosniff
age: 194465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2885
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 10:57:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 23:10:05 GMT

GET
H3 200 e76a378a51717be01592f7773b579a65.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/media/ Frame A37E 4 KB
4 KB 44ms
43ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/media/e76a378a51717be01592f7773b579a65.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14541270369334595131/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d17bc783981bc4175e2826d25d89d8afc67984388f2cf0899734d429512b0c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 28 Oct 2022 23:10:05 GMT
x-content-type-options: nosniff
age: 194465
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4055
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 10:57:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Oct 2023 23:10:05 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame A37E 13 KB
13 KB 128ms
44ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 380778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:24:52 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame A37E 13 KB
13 KB 125ms
42ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 380770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:25:00 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame 60D5 36 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 00:14:02 GMT

GET
H3 200 nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js Show response
pagead2.googlesyndication.com/bg/ Frame A37E 36 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 00:14:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF20 42 B
64 B 162ms
78ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMq6qb2jAUi-0Kan-XqcUPjMqI95eipDscIJJkxBLxuJHsk76LQaTb8EJciiOD87Xze3vZ-X32ss8juTmn783TDWRf27qUBQ3410W5hycv6zx3XqTKQhqOVWNjxnIgAK6_NK3OiB50n2ve4piZdaxkYcFV6cNj0HsHJR_Fxa9BMdq0-uJOKYHH-rUvg78E8HSbuQ-7aTM6ZaDanaPDhoiHqVQGpOCasAWih1nD6QbsAlKE_1RMNdaPFT6A0EeAPx20B48OjVyrST6d6jg4gE7vuiv8UIM5NgjU9S9MJ_wbUkZODjNArFKLVCDISpub5xs_to8RMD0bLElCLQMt6LMU1i1W-xS1BNql3CkCHsf3nAFFj20hX6Kcj29IqNN8xEUF_RymC3a0LRoABBuYJnRPKzsc3Lf5jFRj9gvwMqSfAb2uzZT5yLplDP5jk6N-ueFKBOxr7Rfoa9V0V4rFnVf9y_eqowwAgkrZ5H4vSPSWg-a_mUhCVzaPYqgUS7lK6ExudxZnjkucQS-yi0OAYPhkpTccX4bsPm59GXE4WdEOxoMZxbQKebEd1_MyYoCU8gyBLjBSJGqcDSIOoOAcvYXJ3WtFFBKz1oF20SCYBkeSquJjKKloBXmw2HzNArSqZLZS-ZqiT-2akQqbMZr2BSYXXha-9BczXUhsMFsF7sPn8iNNq_XpITASBExUf1jYsXEceGLro0XH16s3BSYUqGpUZvovGKqjhBrm9tkVGs0YSqAJ5_1_yzMi_dlbJdv-65jbPMSAv8ibV3_0tgs_QH99sdyN3uq9ZEYxrYGLQX875b8j9W8sMVDIySoA8nHRpcPWYFt8F53pUaqm5H5ebqvuAGPa8nuQcoGwGe31ksAhWLn-cbUmxzmVp1Ah1WFilk73WoM4cWmA8iLlNiDi4AQck_yySry-ZP0B_5RlhP8e&sai=AMfl-YT3RCJ_WPsqpbRKYN3VGuiN_bjfmU1z-exM9W4F-3Jgfk8hjHgTGFLhLtzKXIf_fAEb-0GiZJ7U9XHGApSy7HGXhk_H8KOl4v4C&sig=Cg0ArKJSzE4HgEJjP9eGEAE&id=lidar2&mcvt=1000&p=0,0,60,980&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4228632296&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667193069327&rpt=682&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E404 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu129JZa1oD1tLXKQQu7lK1O_ljc5vkenvEoe8ONpq_eA4MpxCaWjlB7rCXf4dMWEcRW1UpspIOoyIYV0Qa-5VwKg6oHZNT1wmiS5Kv3JwhCcxYqKKpDmPGj1XkZKzMPMs2JAj73eAeMSeO0uRmv1ER0QYp09Dq9nY9-9hCpdJf1hmXLIJCs7VHh76QRasJV-_wl-C6PRY-qJ8H6DFFKGGS8zM3dtqRUrAH13t8iGuP1O5lom-Yq4WwY9GA-vDw1Qb9ubMvcccj3U3d-VtfUny_o3Kdqvig3IAHYgQLSrTCI-4ApesQswD-5YN2Yy1JNBSzHFDpOB8UaMwpJI02yU8N1A2jMNhnqG-FuAHXzyCy1sHVFPpooZhD9C2ls0zc26itNRpxU6kbL41VOhTdMg9FTgtm0wo6LI66kSTmbRBVRkL3rOkpzSs3zrE4406iyUx91ncCCaXAuUJ2djZM7zLOzypb8jfL8my0BHpC2L0HiJ2leXq6yZu4YmFCSCMJ90me9sHvkminDJzOQhb10eEAvxxWoLiJzt6zj1KDl5xBZP-w4SJBd3EpboXCXfelHcoQftEVP_WvS_kuXPGpx7TN7Q7_BMYTUFSveySIE6O1hCqAhG-3Z4PZsjVifPSd_U4mxOoLpo2i-eVM0QxuPz-bsGfnVqbJjQI_2BFY-7B9OaIjODD6q4tL2iX-D79hPPp-Zi4zAx1ZsOC3sB95npj3p2if4OTp8fFKApfuiC6AlVbcaXms3FIS-lbOCKh3QH1Io0s-b8QrdB1-lNjE879OmAJKLkGlkvZ74uivuh46O4J_0myrbgINyQKjagblxRmllrfYYsL3bugeFzvCMZIFUacW614-RBXbB8qJQn4W5FjcN5Lr7B4wzZXc7ceRf_9TOVTwxGF3D6OPy34EU-ljfHuh6lDifI0JHCS9bHpECa0-87iLIg&sai=AMfl-YTivjcB2pWGjcq_JOcVhC3rxxmXWBfxJYLTo7xvr_p7fbGV2zihy2F8GlWHLkaPJoeO95KDDBkB8aafpMvzvy1HIXXRYNgLmWW_&sig=Cg0ArKJSzHT8Rw1LLG48EAE&id=lidar2&mcvt=1000&p=0,0,100,481&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1832233552&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667193069344&rpt=917&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Oct 2022 05:11:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ye.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 99280250074ddf38c005a37aeb4c1de6
ye.ua/	1969-12-31 23:59:59	Name: check_cookie Value: c5206152da0c2511eddd67d9cbb57a14
.ye.ua/	1970-01-20 16:42:33	Name: _ga Value: 9bad945f-0937-476d-aeeb-3481bd8194a9
ye.ua/	1969-12-31 23:59:59	Name: _ga4s Value: 1
.ye.ua/	1970-01-20 16:42:33	Name: _ga4 Value: 2cd4455e-8c77-4c8b-95c9-4d66199de70a
ye.ua/	1969-12-31 23:59:59	Name: _ga4sid Value: 1336307742
openx2.ye.ua/	1970-01-20 15:52:09	Name: OAID Value: 01000111010001000101000001010010
.dominantroute.com/	1970-01-20 16:42:33	Name: uuid Value: 16671925143649750124
.ye.ua/	1970-01-20 07:07:16	Name: u_count Value: %5B0%2C0%5D
.ye.ua/	1970-01-20 16:28:09	Name: __gads Value: ID=b3529532d6c5aa29-2220c0995ace0095:T=1667193069:RT=1667193069:S=ALNI_MZZ17BaspEuKCgwyx1ulKEF_0BsAw
.ye.ua/	1970-01-20 16:28:09	Name: __gpi Value: UID=00000b7a911e3136:T=1667193069:RT=1667193069:S=ALNI_MZms3clOQigAi4xwbDQUzkjsljSTg
.doubleclick.net/	1970-01-20 16:28:09	Name: IDE Value: AHWqTUl1SBRp3ooftA8X_i1Qs2w7ImMezhLWl9zocrT8AC5BxJshFEwQo5wIFWCyj1Y
.doubleclick.net/	1970-01-20 07:06:36	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
dominantroute.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
openx2.ye.ua
pagead2.googlesyndication.com
partner.googleadservices.com
polyfill.io
radio.nrcu.gov.ua
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
ye.ua
193.200.64.20
2606:4700:10::6816:3cfa
2606:4700:10::6816:3dfa
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a04:4e42::282
91.218.213.49
05790f844b59c1ea762bd248d3193cdbfbfd633891bf405eec087117b26bc765
0854243cee262b5de8673e332e533bcf232cda58cc48405d79998d6888ada200
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b6e442e0162e2c67d3cf272012edd38a95076ecb4b71f54c28a8810f4dbbb59
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
10464e0d2dbf3451240f35c31cccb7655ae8b4846233be895c5f2e86b84d3a28
1325acfc246f14dd2fbfae07ca5819b65500e1c59f33bffb0ab12cc953f2926d
13d0ea4c8c0ede513387c274e7471b7573c8defb287e533ed2410e761c0bb057
148138a356a9ab395a2cb8b812a43508ec9cb28cbfc5ac985fe1b68f82802523
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
192a179a38b4fdc6132560eb2dcc3d5151c74b0433ba19592388bf78d2b8d8ea
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1ac0c44e962362e044f2df416f2553775b38b1b8064470f648825aa8d2a8996e
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
2dd2bc32e766754718771fbbd323bd27ae4e64f71b28d87a619368ebf52a3c75
2ddaf573663b8243cc0e85098b1723ace007f1c13d83f6a1a95c554e37162fe6
2f2f888ce75a896a6bd35f6e9db22a8de57acb8b23c744140b8fa6406da4df2c
33c3e10d2c03033c12a4134b9fdfa6955ea6c7f86cf30a1698d4dde834e9f6fe
35dfe980f86c1350b594ea60c883aaacc4b6a212fa70ecab54576069d3af0689
3e5c730e5b86e72303ed8a45b164716d4f5e6841da9d7243d5ed23defd8ce6eb
468f87ca7a0cf5529eb96f6ed5c5fb253e0be79e9a8412c6d367a91e6eb7bb64
4b5db73d91c9991901f6fe2ae659cab525c8cec51c67a2862cd70ffd44ad04bf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
592fcae7d35e3e8941bdc2460a0b26e53c616ec8a422d024d109caeb763795cb
594a4a4b328398dcf0194f0e0c8edb4300c64eaf5dfdfe323ba6d5248b355068
5c7c176af91f6fc30c3e49051636d4b456531b4e75245a62d931c9a8bb77ea4b
5d17bc783981bc4175e2826d25d89d8afc67984388f2cf0899734d429512b0c6
65294db285731672a5e4f0450a7b3631fd24366059ee0957069477c795403213
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
79fef50772bf398e6c3d1bde4151ad840acf0749697048e80f9d864ea537cc2c
7a80c04d986f60031fb15fa72a16f950fa952bfd99fd60ba5dea6196b7942fac
7aab0996995e4e288e8cb043042a8433d81c210626d984a7d38e6f8659a5f31b
82e3f78dee1414968b5f5ebe3b1cc871f033645867c94a8c4f9fae0e289918ad
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
848e3ddf8d07c81ebc0ee309dfc63a60b0b970d46857911c5f2e78487825a3e3
890d81648be2bed4a1da49a1bab308041e26f3f6267f4dd41a76f3e2541e6fb4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8adebfd685a1b2fe5148e65f71830e4e6a1d843b6c9f0d86b285d59cfb6d2080
91a83c82fde13931d201c4a7b469c77b8ccd584748e1d8f5a8dbc1cec3e0b79b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98677c00a44c940f0dbe2cc7828a05d08381c7fcebc0ac0ea96e5dcf674a9bfa
9ad5b538430a5af477f4e1955b9ce53245b26a01f56ed2b273c5eee5ff28ed9f
9b49df55acb1072af429ec4f155107c35de1921d9053fabb2693b0e57749f224
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b59270e2d2a3730d00b61b36541001751277b940d73846e9f44ee7f189c60b5f
b6726c48638d4e3716d5c861ab6c0ea2e3b00eb5d2ce574848824b4ca51d5fc5
b6b4cad88c6a1815c885c113d0bd2a9e91be968831a8d643e31916008bebba63
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd8fe10f28fa2e884b988f4ef91390487f598e21fb54eb9c1a11ed39d647288a
bf032d322f8afdea963fc96e34c1cd86818f8eae908a48e3dd7a4a5709c4df03
bfce95dc635107b9946656d3b4a5aa8f08cde9fc41947d251d9438324c6a9f84
c3ae4fcf8de691e8b56594bcb6c6fec789b9ff6052e599beb8b6d65ee19241fd
c5092fd8e11d3b5828ec590a4de928fffb37e4ee373180657d41686adc054c19
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cf94ecc3151e0f0e409130b2b4c9ce737e5287fafe23c4d9774b94d01406c044
d10ff7ad5c1f3ce5c6ad2b17ef06f8a0515628d04a00178bc6bdefc23d8ba94b
d53f22e3a56e49082d6b86aaedfb612b089b26d4fe497252142d561535389019
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94e274617dd12daa61f94f74bcd2a3ceb82ad275b53ef797946a3608b0e1222
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b5932558e6a765f1bfc3fb5ee364013cd03588adcf0f22293a77ddf2e90df0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fba3c972462957a5412080f3fae134607e28e5000af6aa56a5ae5b97fedb9195
fcbd1b7bfbf2843df912a951e9a53e30c899e4301427e883aed82e2929c2c740
fccc2e673d48fdd7bd931cde23aa5641fecc824b2cf4587d648965d7334e47c4
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

ye.ua Open in urlscan Pro 2606:4700:10::6816:3dfa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

88 %IPv6

12 Domains

16 Subdomains

15 IPs

4 Countries

1427 kBTransfer

3240 kBSize

13 Cookies

18 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ye.ua Open in urlscan Pro
2606:4700:10::6816:3dfa Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

15
IPs

4
Countries

1427 kB
Transfer

3240 kB
Size

13
Cookies

104 HTTP transactions
7 data transactions