hi.dn.ua Open in urlscan Pro
78.109.29.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hi.dn.ua/
Effective URL:
https://hi.dn.ua/
Submission: On November 25 via api (November 25th 2022, 2:11:00 am UTC) from GB — Scanned from GB

Summary HTTP 155 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 19 domains to perform 155 HTTP transactions. The main IP is 78.109.29.56, located in Ukraine and belongs to HOSTING-AS hosting.ua, UA. The main domain is hi.dn.ua.
TLS certificate: Issued by R3 on September 5th 2022. Valid for: 3 months.

This is the only time hi.dn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	78.109.29.56 78.109.29.56	41665 (HOSTING-A...) (HOSTING-AS hosting.ua)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 2	52.213.71.221 52.213.71.221	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:1000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:12::9	15169 (GOOGLE) (GOOGLE)
7	2600:1f13:800... 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c	16509 (AMAZON-02) (AMAZON-02)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
155	27

52 78.109.29.56 (Ukraine) 1 redirects

ASN41665 (HOSTING-AS hosting.ua, UA)
PTR: 56.29.109.78.hosting.ua

hi.dn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.71.221 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-71-221.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:12::9 (London, United Kingdom)

ASN15169 (GOOGLE, US)

rr4---sn-aigl6nl7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	hi.dn.ua 1 redirects hi.dn.ua	1 MB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	602 KB
19	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 94 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294	126 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 739 static.adsafeprotected.com — Cisco Umbrella Rank: 560 dt.adsafeprotected.com — Cisco Umbrella Rank: 511	114 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	185 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 274	1 MB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540	4 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4466	32 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	142 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 110	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 40	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	87 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 431	53 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52	3 KB
1	googlevideo.com rr4---sn-aigl6nl7.googlevideo.com — Cisco Umbrella Rank: 49533	1 MB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4672	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	695 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 67	43 KB
155	19

	Domain	Requested by
52	hi.dn.ua	1 redirects hi.dn.ua
21	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	hi.dn.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hi.dn.ua
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	s0.2mdn.net	hi.dn.ua s0.2mdn.net
6	fonts.gstatic.com	fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com	1 redirects connect.facebook.net
2	csi.gstatic.com	www.gstatic.com
2	googleads4.g.doubleclick.net	hi.dn.ua
2	fw.adsafeprotected.com	1 redirects hi.dn.ua
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hi.dn.ua connect.facebook.net
2	s.yimg.com	hi.dn.ua
2	fonts.googleapis.com	hi.dn.ua googleads.g.doubleclick.net
1	rr4---sn-aigl6nl7.googlevideo.com	googleads.g.doubleclick.net
1	mts0.google.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	hi.dn.ua
155	29

This site contains no links.

Subject Issuer	Validity	Valid
hi.dn.ua R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-17` - `2022-12-07`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-03` - `2022-12-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh
dt.adsafeprotected.com Amazon	`2022-11-04` - `2023-12-03`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://hi.dn.ua/
Frame ID: 4A84FB6411BE53073DA02E5BAFB77FE9
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 5A8703EF9FE4C1D4CB0A0FA8CA6150E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278
Frame ID: B7CEDD6AFDC5113E6D1939BEA23BA268
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&slotname=7070383555&adk=266901632&adf=505200489&pi=t.ma~as.7070383555&w=0&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=12&format=0xnull&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254583&bpp=1&bdt=878&idt=287&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=423&ady=2623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=R2d5Hty6Px&p=https%3A//hi.dn.ua&dtd=292
Frame ID: F26C6F13E90180C4F297F2A0EDDCD7A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254584&bpp=1&bdt=879&idt=294&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=iilv2H5ZOr&p=https%3A//hi.dn.ua&dtd=299
Frame ID: 2EB19CC7F670C3995E2AE0A9D963E148
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Frame ID: 82DA3676FCACECB7B7882F0DABF8DBEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&adk=1812271804&adf=3025194257&lmt=1669341933&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fhi.dn.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254599&bpp=2&bdt=894&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280%2C363x280&nras=1&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=328
Frame ID: 6760D999B4567C53DA8B6D567BB9BCEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGMbU7tUBMAE&v=APEucNXb1hyCkgJx-GX9nAkBl3GMq8jrm-qr4cAtT-hchMVhSyQ12WQ9oJEgp1UeHr-0VfiXzghrWKhOWNI_qFFaRufxmhyawbF3m0PJIVXjEHQFNvPFglBEhKegeOhnl9Vju-GFxFseS2ez5prSWOb8jcwriZjjifwDJMnMW_EXUaC3B2UUpSA
Frame ID: B1580A8F4C8F07B4B49EF0928A50C73B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDHkOhYGbvCZC5wstb6onh0TInPmmVwez2478uK5I8Q6rSgXHfscsWJHndjqnxFtrCH8KP5xzUBQRk8W20f6xn4_-69wAe0AQrx-69mR60d3cEA_5RstPTiP2yOt2o-E9vp7Lbf9mqIpJqWFSTbP7uJt1zX5WELb2EalNBkD7OiKym_gI&dbm_d=AKAmf-DKs1U6-sKCDSANH3Vx97_9Bp1XXq7k42c2QzDBOdJa1JFSE_3ePeqmlFI6owWp7EN_KjB6mGQ8HLGIW_TU7_sGXtGk4wrQnZSzwASYGisTWk5dHOQe3EHrY6c1avaEiHvXFnvam2wp9KoKr_nD1d3_zpGzoMbQ7LSbmdo8fiDm1814wnkEuTrYQpdRluJg1gPSPum6j3zqE4P40vIesBZ3HE9KBhRRnSpZ2vHkgIZlV-bLP9C8IahAfisPvHH_l_GYS48nzUJUFU4sWc5GSiEYf_slxZmXVLnGtDqz_ogXf8si_PUD3KXvbWPRD5_JLw7Kh3cRokBDRm---XL0eLKWzJBYlLfsRrwNqRDAPTrTm7vnZjvpcvc2tco8jt8pxeVL0JQJwlYI7u_xL7-yWJYCNE5gtGhgTlq0rEfp7SMVkQmHYCahwq_0bkj31g9RsSCmRmUJIV8q1smWdp9StxkFyAWleX3M8kwrLwd-J_YAgQn59qICb8zaWaHpm4g04dHsmAwNrCephRv9r2U2D2LQRpoCJTznXmkjBZ8Gkpp8HuK63M6ULypr77J9o4nexflCJVsG6anHbvbQIfbyBk011pEWs5Ye1hCKZnBTqLqqRFO4l7q2kKXqHySpoiOTvtRU9DwSOta3Xhvh0VXQvugYQWdhMngmrtTlntKdkt0bWXHhPNhNT-hySxJOS5_63jcPdHP-alx1JdPPxTcUO1j-VltVMPD1nn6ycqY7AM-k6CP3jvUZ2Vbr1GfGe2BlRuUPR2sSgZlheaw0tLSsvbVOrvQrhDse9JunNDB4HXCxINKf9YhmNGsqN3IcPusNx3j8Dmh5geFdGtPLDrnguHnMFQXEIhoVjLfcp7tdOACk4jBYXUwjRid3Z_L97p__ZVAscgJoSIHvzzByClcUNDUN_Is1Wm_Oy9oJ2wtFSPtx7A9nVocjQJFioy0t5E-72Sh8aoRXIsHx7gVr2neHLjvsIpaSGsTkpBfjthJqIjKeUqDGL8pzHMjgnoWb19PlqYVbsfGBxrvv2peTTEicPR2SdZrqyzWyMotDbWcObE927CZfIGW0JNs4v_bONMuPdBspdtJuastYpJxRRlGaMwJSV87S8yzh6CLD4fZAOKvwhBBaYyc-qRrYpj7J-ZXLhHvj-4pVr_HTa633cdJL9jFf8f0gO7w5cDYCg4Vx5V7Be-cB91OVuAKq1gLj45AM-sKF-6mQ14h8JcrThNzJuLqbmqCKR3SESg4klWgMIrohyLgZf-RAG7Qkm109_Vo0atmK9HsfDyfS8IBZqLw06qGOMBFRcVT5v4r3y36nXCKI6m7rQgRx3VMMVd6Xn5t0DFs3qNGCHeaM5gyc03wurfbCRUtQrpKqyDpO4528DClcHlKZ1hqsA5eLsjnO0CUk4ktBI0s492evxwHAez9_W02J-virazQbSdIQimSYapKOxwmTWrPaXZuO245OhAlrDDCgn9o_4-XQcCjshvP79xyIE8xC3omPjpDFMiCnfYe72BhQD01o6vqtuJ18sr0jaZQ1D23a0nc3zDXZq4DUp2xrpuMXMW7TLtrdNL1txvco9Zx4JHJ8SAALjNhGNpaf-qyQy6BGPN4pgSyMzAdF1c2i9__Ywn_pKO-BPc7KkxEIpWewJ7VHI2TqJ5Q__UtvESOL1dUOeSP5LaTArXigje1VlVigxm2-Wei5RkVcV4gdO1b45kKN07wkMDP08oPZ6viVY1BmFjdHotOCjeeUxi0WfkfgDUPGNhxmaWK_oxA_tc5aGrNOjzaMEiDrpl2ROFTsb36WlqFQ7n7zm2zwOfDpBIkmn1xYbIbqq4TUfK5EqVX32qTZU-MVaanMSGSIykcPIAlaBW0r8BNZwcUXE9xA1TiX2xmZ_1-mTNAAQEffEqhnkv0jaibqb6nwqSgpW6fPBThzcEWkAp40SyaI9Gvrb9CwSB-B9nfMZqakhA-OuIqGruyz0JLzdVVwsk8cqdV3n59mrbbv8OlX_tCeMhCoNkskWoNuxmV00c4DszJqjCXvVOXLjeScodWsGJtAtX33UCN70J9rZv2TE3zPzlfZt2IWfEajij7AMhDPL1k6iJrJc1cn-vf0IDISWUOAeasILAs7YueUnAbAAC0mEF8_5baiQIw2yZ3a1q5V1Q93t6Zfw7o4NuEfaq4H343zt0n9R2YrH2PR67YtjgoRg2DKdUUtV3ODcZQeE115vD9k_JvAw-e9E9GLGfHJCKRZ-2USX7C4rnQ9hik49HGmfVuBesaoXol0IvriL1ufJHEMJ5NOS2Jyqpf5fh-4dh5HqtOwFpmxyPkjq1fFjagDyS4VmvcGYUaHAwC_deEi5g1skmAw5LtEYN0xSWNAdKACwqXnaiBOe8vjesjaCF1Nx5E-wto4m8OFESfp5Ri1loBgq-osJrmI7S5fHWrLMQZ7w8ltyTqXyrH_LB4afPJK1nHbTbz0NAXLVZlrZ6Ez5pwByaLQ3s_PLKGygttf-rmtYwIFAW4uOA4DZPbgVQav6jGpwAXkK4KObNuWVisJipPa0jgsDwyS76rJe-PtqhMymtoLjXv9Gasqs5dqIQ2F4SRVTHu7LIKdVYunbX5O_uWlB2Lc5dVkt9J07w2Zp8bjnfM0i-f0jO370swrDgku5UlmfJKg54emhp21PoPFodPi5smF1uVZCsw7tKwVsAMRREuTH_GW_-aOquakDMh6OtM3xi3vtqriArE5hY0Wrqs6nweEd3eA1ea9pjJ7elPrNA8A7PK2q4ZFbCM6naOLzlWsbrG1Tyluoq1P-TrP986cScHomrKjZnlny11jrK8T1GRBkeX09Ur2T1rR53xqNvVjURhPV1HRbe-G7noWZ8eRsBzsyvCAJoHHTB-77x9_7sO4hbe64mWUdWEwW1L8ZmER9n6W82qwyuhqW1Xu2mMxLsds7LyHjEPRruQLApsM2pn41xGwjKhDb-oA4pUkshXUqYHCRzfctrOSypnF2goo4J18NLgg2gvXOPqyiGppTn6y88ySKM2jBbPJSfa7S71f40pw3pU4o0ruMuqUl6pkN7u0Bf2BT5Bjzz1vc8Q48PkecgJqezVTqNNsS7cL1jmhrGPwCS0G0VkDPU72iiEYrzswCrj2nzjPtGa-GFzAtKZalCZmD8tCcmlMASP4T1tvorcKmrXleIStm8XiFTabcSzDjF6NRn0SGMYjp0cIqgyVE5VRCD4A4nKnxsoHvUapcUUspojOnH8RpvMWrke8adeiCutVXk6BS1MtGRukILbSJT25EZm6wfuOv9bHbOYG_HMG7GRgHxXGmniBxYC4N_I7YGg2SyctBzQJLjBOpr_85qDtFA7bTRNZu1w5n53kWLOVErZbqCOv4OHObueWuQLjbMvSZ1gwNfAmJLLbuwcZR_MhvD3a-I3TMnDeanckiAT8VnJhR1FVWAHzmzRph2gL9V9P-zfJOFuS-_SpKKqEL--oqz8mPpturBRL0GJkAxdJfVHYWjc_tPq_7PY7CmN2Qepi3gO5bBaF8h4QOQIkm6ygxy3K3xSNxHTzilGAt4-p9s3DIwiDLvuleis2JGmWAE1OP4pDA2_LQNdhq50xp6Hn&cid=CAQSGwDq26N9vKmB2qhOEdxdARtUxkZ3DkfPT3ft_xgBIBM&rfl=2%2Chttps%253A%252F%252Fhi.dn.ua%252F%240
Frame ID: 9F8C48318E7B49901B1F45226B56AB82
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2DEB464B69E9D91852D42BEB717A5970
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 47F13D2C1D501E113C665D80B04C04C1
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/940388231368434397/index.html?e=69&leftOffset=0&topOffset=0&c=wRS4Go3i1s&t=1&renderingType=2&ev=01_247
Frame ID: 1478B3812B159ED1188B8B13B7A8C813
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F516C1BA6610DB7066FB835280251F18
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 61488F9ED12E7FDF590B88AEE43E7CEE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: F906A121D07F85111A830AB385E23E94
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: D16DB72B5699E9C7A7E4A801989E29B3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df880581d225cb8%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffcd5bda7a1b7b8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
Frame ID: 674B77F98F489F051B20B41EA915F1DB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28C96507A4BBF0593B4B67C4586FD1C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B1EEA6BBB78D30630519B5A3E0FD274
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини Краматорська, газета Привіт - Оголошення Краматорська

Page URL History Show full URLs

http://hi.dn.ua/ HTTP 301
https://hi.dn.ua/ Page URL

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

155
Requests

97 %
HTTPS

77 %
IPv6

19
Domains

29
Subdomains

27
IPs

7
Countries

5496 kB
Transfer

8280 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hi.dn.ua/ HTTP 301
https://hi.dn.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJK2VYgLNJziPMoTj4rY_tA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJK2VYgLNJziPMoTj4rY_tA&google_cver=1&C=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4AkL10aoOEYZOqUe0YGXQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQGvQ8waWvcfnsGpZqANmE&google_cver=1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ1IKu91CPoVHPfELm0sLEM&google_cver=1

Request Chain 93

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNjgyNTEwMDMxNzE1MDM2MA%3D%3D

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://fw.adsafeprotected.com/rfw/st/1212807/66365748/skeleton.js?ias_dspID=3&ias_campId=1009171093&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=18585469169&bidurl=https://hi.dn.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iAi6TlWxR9JF8EdohFHlEX&adsafe_url=https%3A%2F%2Fhi.dn.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fhi.dn.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4643767719705239%26output%3Dhtml%26h%3D280%26slotname%3D5196745422%26adk%3D3565012385%26adf%3D1188465226%26pi%3Dt.ma~as.5196745422%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1669341933%26rafmt%3D1%26format%3D363x280%26url%3Dhttps%253A%252F%252Fhi.dn.ua%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1669342254585%26bpp%3D1%26bdt%3D881%26idt%3D309%26shv%3Dr20221110%26mjsv%3Dm202211100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D363x280%252C0xnull%252C785x280%26correlator%3D5244461547730%26frm%3D20%26pv%3D1%26ga_vid%3D53512029.1669342255%26ga_sid%3D1669342255%26ga_hid%3D1548833522%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1208%26ady%3D339%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44773810%252C42531706%26oid%3D2%26pvsid%3D1867708314025329%26tmod%3D242200377%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3Ds2urCPPCCD%26p%3Dhttps%253A%2F%2Fhi.dn.ua%26dtd%3D316&adsafe_type=bed&adsafe_jsinfo=,id:3f817f0d-b415-e478-7824-49a1c5b2606c,c:uWpmax,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-frbxx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:220,mot:0,app:0,maw:0,fm:toa1YSP+11%7C12%7C13%7C141%7C142%7C151*.1212807-66365748%7C1511%7C1512%7C1513%7C16,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:239,oid:6502f5cf-6c66-11ed-8bdd-ee37f61ae026,v:19.8.366,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_300x250.js

Request Chain 143

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df880581d225cb8%26domain%3Dhi.dn.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhi.dn.ua%252Ffcd5bda7a1b7b8%26relation%3Dparent.parent&container_width=363&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FNovostiKramatorska&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df880581d225cb8%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffcd5bda7a1b7b8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

155 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
hi.dn.ua/
Redirect Chain

http://hi.dn.ua/
https://hi.dn.ua/

90 KB
18 KB

453ms
213ms

Document
text/html

78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL

https://hi.dn.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),

Reverse DNS

56.29.109.78.hosting.ua

Software

nginx / PHP/7.3.25

Resource Hash

63cabd7093ad723ffe697c0b96a6da1fa98867b3f8c23e569df22972657687db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Nov 2022 02:13:12 GMT
ETag: W/"3bd91b98e619563c677967b1d34cf2ba"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:33 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.3.25

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 25 Nov 2022 02:13:12 GMT
Location: https://hi.dn.ua/
Server: nginx
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK animate.min.css
hi.dn.ua/components/com_sppagebuilder/assets/css/ 52 KB
4 KB 82ms
82ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/css/animate.min.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1ec1c0519da1b0a13b0670687ffb7bf3d3761fb31fe26fe4f2ed816865a0eeda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 09:31:34 GMT
Server: nginx
ETag: W/"62b58476-d0b7"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK sppagebuilder.css
hi.dn.ua/components/com_sppagebuilder/assets/css/ 180 KB
28 KB 166ms
83ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/css/sppagebuilder.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: e0abc96abce7bf683e45cfd5d40a8b1afccc24a444574d06939fa59a9ecdca34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 09:31:34 GMT
Server: nginx
ETag: W/"62b58476-2d191"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK page-1.css
hi.dn.ua/media/com_sppagebuilder/css/ 7 KB
1 KB 237ms
82ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/com_sppagebuilder/css/page-1.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 03efb4c4b47e30e09d229bb476c77e9b547d6889f31477238cf0cd7fc08e8a4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Nov 2022 02:05:32 GMT
Server: nginx
ETag: W/"638022ec-1b7d"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK content.css
hi.dn.ua/plugins/system/jce/css/ 8 KB
1 KB 240ms
85ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/plugins/system/jce/css/content.css?aa754b1f19c7df490be4b958cf085e7c
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: cdd04fd9725f122d1c2305ea238e320dbb497dd682d1dfc520590a5e904314d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 09:10:08 GMT
Server: nginx
ETag: W/"62b57f70-1e45"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 41 KB
2 KB 141ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38fd484f5ec231a22cc50ddf0ea08d87adb67ec483333ce5bdfb88e5e8a0f597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 02:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 02:10:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 02:10:53 GMT

GET
H/1.1 200
OK template.css
hi.dn.ua/templates/shaper_newskit/css/ 464 KB
77 KB 316ms
160ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: ab0adbe6a9df0051d75d2e06ffdc5dbf0210dc0d2858ef95e28213e4ab3963c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jan 2022 14:13:50 GMT
Server: nginx
ETag: W/"61e0339e-73fd6"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK jquery.min.js Show response
hi.dn.ua/media/jui/js/ 94 KB
95 KB 314ms
159ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/jui/js/jquery.min.js?67375718c1febad57c5b711b9852bebe
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Tue, 09 Apr 2019 08:44:09 GMT
Server: nginx
ETag: "5cac5b59-1795e"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96606
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK jquery-noconflict.js Show response
hi.dn.ua/media/jui/js/ 21 B
374 B 238ms
82ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/jui/js/jquery-noconflict.js?67375718c1febad57c5b711b9852bebe
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Tue, 31 Jul 2018 03:40:26 GMT
Server: nginx
ETag: "5b5fda2a-15"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
hi.dn.ua/media/jui/js/ 10 KB
10 KB 317ms
80ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/jui/js/jquery-migrate.min.js?67375718c1febad57c5b711b9852bebe
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Tue, 31 Jul 2018 03:40:26 GMT
Server: nginx
ETag: "5b5fda2a-2748"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10056
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK jquery.parallax.js Show response
hi.dn.ua/components/com_sppagebuilder/assets/js/ 898 B
1 KB 318ms
80ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/js/jquery.parallax.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 729937c36d78cfec1fd6e3d8529885be8254ccc286bc5b16e721896bd106bbc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Fri, 24 Jun 2022 09:31:34 GMT
Server: nginx
ETag: "62b58476-382"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 898
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK sppagebuilder.js Show response
hi.dn.ua/components/com_sppagebuilder/assets/js/ 72 KB
73 KB 81ms
80ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/js/sppagebuilder.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: df9d06b9ad5f1e00724a0efa904888ac078fd9a69713b838f67b9496fd39d481

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 24 Jun 2022 09:31:34 GMT
Server: nginx
ETag: "62b58476-12125"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74021
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK jquery.mobile.customized.min.js Show response
hi.dn.ua/modules/mod_responsive_slider/assets/js/ 92 KB
93 KB 399ms
159ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/modules/mod_responsive_slider/assets/js/jquery.mobile.customized.min.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 452755ab5ffa443c96c4823367b4089531068ad1389beed8418ff4b59dc4f237

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Tue, 22 Jan 2019 22:22:06 GMT
Server: nginx
ETag: "5c47978e-171a0"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94624
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
hi.dn.ua/modules/mod_responsive_scroller_for_articles/assets/js/ 42 KB
42 KB 321ms
80ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/modules/mod_responsive_scroller_for_articles/assets/js/owl.carousel.min.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Mon, 15 Oct 2018 18:26:58 GMT
Server: nginx
ETag: "5bc4dbf2-a714"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42772
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK main2.js Show response
hi.dn.ua/templates/shaper_newskit/js/ 57 KB
57 KB 473ms
156ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/js/main2.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d460f01c251a96abae90f852fe8bbadc5a02b400235e551d7f38b75dcfdc25bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Sat, 18 Jun 2022 15:13:10 GMT
Server: nginx
ETag: "62adeb86-e3da"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58330
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK core.js Show response
hi.dn.ua/media/system/js/ 9 KB
9 KB 398ms
80ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/system/js/core.js?67375718c1febad57c5b711b9852bebe
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Mon, 11 Feb 2019 17:46:59 GMT
Server: nginx
ETag: "5c61b513-2268"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8808
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H/1.1 200
OK keepalive.js Show response
hi.dn.ua/media/system/js/ 462 B
817 B 479ms
81ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/system/js/keepalive.js?67375718c1febad57c5b711b9852bebe
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:12 GMT
Last-Modified: Tue, 31 Jul 2018 03:40:26 GMT
Server: nginx
ETag: "5b5fda2a-1ce"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 462
Expires: Sat, 10 Dec 2022 02:13:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 143ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10437307-1

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1bad3b22fa79a91ddbe12d2f7be80341b39d0962b492bf50ae6798539689ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43631
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Nov 2022 02:10:54 GMT

GET
H/1.1 200
OK Privet_zamena1301.gif
hi.dn.ua/images/ 9 KB
9 KB 80ms
80ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/Privet_zamena1301.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 48e25136ee6711353e7bc7f34652fdd5f2713eb9c8d76e053443ba6da737fba7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Thu, 13 Jan 2022 10:33:17 GMT
Server: nginx
ETag: "61dfffed-2438"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9272
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK metprom_perspectiva.gif
hi.dn.ua/images/ 40 KB
41 KB 85ms
80ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/metprom_perspectiva.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1e9caa55ac982451d0d59d00ccdf3eb97004a7bd337ad5c7566f60717ea8243f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 22 Feb 2019 18:18:39 GMT
Server: nginx
ETag: "5c703cff-a15a"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41306
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK metr_plus3_1908.jpg
hi.dn.ua/images/ 21 KB
22 KB 87ms
82ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/metr_plus3_1908.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 48bb1e43025685415b478082c09115ba3a6dac3018552b29dd01051f05440101

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Thu, 20 Aug 2020 05:45:03 GMT
Server: nginx
ETag: "5f3e0ddf-54eb"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21739
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK Privet_1301_Elma-theBest.gif
hi.dn.ua/images/ 12 KB
13 KB 87ms
83ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/Privet_1301_Elma-theBest.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: a59e132b1c2fb6b74efb031c5b158c6d501d769762786683aa2a9c85cb8d3653

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Thu, 13 Jan 2022 10:32:49 GMT
Server: nginx
ETag: "61dfffd1-30a7"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12455
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK logo.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 9 KB
9 KB 87ms
82ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 4e89c38189dd2e61117834de251e624e572e4ceef3e14f43f9341fa65036f709

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Sun, 19 Jun 2022 06:27:45 GMT
Server: nginx
ETag: "62aec1e1-224f"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8783
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK logo@2x.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 19 KB
19 KB 80ms
80ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo@2x.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: a0f0704fa49cf78b86a1beec93e28c5e1f6ca1aed094300b696fc3b1f086c626

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Sun, 19 Jun 2022 06:30:39 GMT
Server: nginx
ETag: "62aec28f-4b4c"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19276
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK logo2.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 8 KB
8 KB 236ms
82ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo2.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 40922aa70b57730608904f5cfefa3b0aaa885e0c872caa310a4961af10c7f0e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Mon, 16 Nov 2020 11:30:32 GMT
Server: nginx
ETag: "5fb262d8-205d"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8285
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK logo2@2x.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 22 KB
22 KB 80ms
80ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo2@2x.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 30c6a30a4f4cf6d33f88b0574a0e6ff876d88f778dd2e49833f955f58a110217

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Mon, 16 Nov 2020 11:23:22 GMT
Server: nginx
ETag: "5fb2612a-56be"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22206
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK USD.gif
hi.dn.ua/modules/mod_currencies/icons/ 657 B
999 B 151ms
80ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/USD.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 7e82ab1d661f86ff42e06248442db7ebdd153a8f517ff22d6431b69a71a37598

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Thu, 15 Mar 2018 12:30:24 GMT
Server: nginx
ETag: "5aaa6760-291"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 657
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK kurs_down.png
hi.dn.ua/modules/mod_currencies/icons/ 207 B
548 B 237ms
85ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/kurs_down.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 92fcab9c5ecda697f59e5877e9b1e226384a7f53e9b04e9a7b6aa5441738df11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Tue, 05 Apr 2016 07:40:42 GMT
Server: nginx
ETag: "57036bfa-cf"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK EUR.gif
hi.dn.ua/modules/mod_currencies/icons/ 730 B
1 KB 153ms
82ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/EUR.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 8fda7cf721d35626d32a0e4cc138e02b35edba75451d3077c739a861c4685178

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Thu, 15 Mar 2018 12:30:24 GMT
Server: nginx
ETag: "5aaa6760-2da"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 730
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK PLN.gif
hi.dn.ua/modules/mod_currencies/icons/ 100 B
441 B 179ms
82ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/PLN.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 70509a397221b1a5fc5e1207ab1c16ddc248a039923a3c09b1e8fc8a0e6ee210

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Sat, 18 Sep 2021 14:23:38 GMT
Server: nginx
ETag: "6145f66a-64"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H2 200 27n-100567.png
s.yimg.com/os/mit/media/m/weather/images/icons/l/ 22 KB
22 KB 141ms
45ms Image
image/png 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/os/mit/media/m/weather/images/icons/l/27n-100567.png

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9beebe40ef8b5070d6fd78d439fcc842f0fcc573a9b7865c9d43f6026e6a5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:32:01 GMT
x-amz-version-id: null
x-amz-meta-created-date: Mon, 11 Jun 2012 23:36:40 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: G3V89ZDQN0ASFXHQ
age: 34734
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1339457800064548
content-length: 22325
x-amz-id-2: 8lXpE2xwBy60oc6rWbeqDVeWwtEGJjyLci8minoR+I4sj2weFpHqXCMYnwh7olA6XsIH+2I8ZSIwJ66BrfAtSg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 May 2018 11:17:40 GMT
server: ATS
etag: "94730e222e41a4da56769926ba744efe"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=567648000,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:5f9a3700-c152-4ea6-925d-669ba1b0feee0004c23ad25d4e24"
x-amz-meta-x-ysws-access: public
expires: Fri, 16 May 2036 11:17:39 GMT

GET
H2 200 27d-100567.png
s.yimg.com/os/mit/media/m/weather/images/icons/l/ 30 KB
30 KB 181ms
85ms Image
image/png 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/os/mit/media/m/weather/images/icons/l/27d-100567.png

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1c3e1a26bff762e758008d219a90f4f0e46084d268b2f8deab98c2f1d9ffe899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 06:01:15 GMT
x-amz-version-id: null
x-amz-meta-created-date: Mon, 11 Jun 2012 23:36:41 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: ERBQRHPABST41316
age: 1282180
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1339457801272919
content-length: 30602
x-amz-id-2: 4OEV3+KfaEEe1YQMOeiqDX0GIVa7ZrfDkPWgXXy7uK42luLTaNlM+4R0zYXa8rl6omM1e8wZdp0=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 May 2018 22:41:41 GMT
server: ATS
etag: "708340434517891f81b49f0d12c0bd2e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=567648000,public
accept-ranges: bytes
x-amz-meta-mbst-etag: "YM:1:5eae7bfa-6bf1-41c6-aba3-7a97226966ea0004c23ad26fbe57"
x-amz-meta-x-ysws-access: public
expires: Sat, 17 May 2036 22:41:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 156ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f5e89fd0232335f9adaf40654e4201127d4e7862d226bf57269eb4e1087504b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49230
x-xss-protection: 0
server: cafe
etag: 12070331659753201659
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 02:10:54 GMT

GET
H/1.1 200
OK 316664003_682599970089227_5974408413541704817_n.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 11 KB
11 KB 80ms
80ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/316664003_682599970089227_5974408413541704817_n.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d80ffd6b4c28ea850b34028955083a7df578b7dc672bb3ee0608a23eb8bd48eb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-2bab"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11179
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK riba.jpeg
hi.dn.ua/cache/rsca/243x160/images/news133/ 9 KB
10 KB 80ms
80ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/riba.jpeg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: ce2bf85934363ed5f3f14de5448e9ac92d574f3cc381da97660ee13d88bcb725

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-24e6"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9446
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK y-2444444445532.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 14 KB
14 KB 80ms
80ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/y-2444444445532.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d14dd821cb5d08b485ca03d2a96741d824303110b3083187c20dd5ebe75f22e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-37e2"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14306
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK nok-7uuu2.jpeg
hi.dn.ua/cache/rsca/243x160/images/news133/ 6 KB
6 KB 80ms
80ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/nok-7uuu2.jpeg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 78fe3aae5b745a456eac86c93e7318cfbc8dd068033c17cd78a9d1f2cd48ed32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-1642"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5698
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK 7c458edf6916cffa5300585058fc1792.jpeg
hi.dn.ua/cache/rsca/243x160/images/news133/ 9 KB
10 KB 93ms
92ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/7c458edf6916cffa5300585058fc1792.jpeg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d8af529dcb303130231c1835f5a481be5a3fc9506bbcb66a47c6d4a4c1ffff05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-253c"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9532
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK uhka_c.png
hi.dn.ua/cache/rsca/243x160/images/news133/ 77 KB
77 KB 80ms
80ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/uhka_c.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 5226ce76d33caf5ac6cf6355ba36b97c5030fd944fce42bd5456173c029e1137

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-13329"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78633
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK c68ecbcb-9329f18c75a8766c5c9649255db5aa2f.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 8 KB
8 KB 82ms
82ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/c68ecbcb-9329f18c75a8766c5c9649255db5aa2f.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: bc43e2e09fa056b58509ce3323b02026fc450fc829e442f2549830d915d802c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-1e86"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7814
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK dogdpkj.jpg
hi.dn.ua/cache/rsca/243x160/images/news133/ 17 KB
18 KB 84ms
83ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news133/dogdpkj.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: db6edb72864f0a511a1374d9599970057d8e106b2b54bd160e6bf7c32c44949e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-4554"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17748
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK robooooooot.jpeg
hi.dn.ua/cache/rsca/243x160/images/news132/ 7 KB
7 KB 81ms
81ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news132/robooooooot.jpeg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: cd82d0e88e4b21a2f41122996be15b6285926bf3089c7ddae51223ac5a7f7729

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-1c1f"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7199
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK 632eaf1a59be6.jpeg
hi.dn.ua/cache/rsca/243x160/images/news132/ 12 KB
12 KB 80ms
80ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news132/632eaf1a59be6.jpeg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: b980127387edbc14545c838b85002dfc8c687b766d08483cd8b76269235a1f2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-2f59"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12121
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK budgeqgggt.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 10 KB
11 KB 84ms
83ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news132/budgeqgggt.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: be17907b215c53089d69f2dc8420851d9f327413e8779b5d17489bb419aa7a71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-28f0"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10480
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK 1653920924-5454.jpg
hi.dn.ua/cache/rsca/243x160/images/news131/ 9 KB
9 KB 85ms
84ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news131/1653920924-5454.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: b3fb7bcddf609e070abce11b5c1181034f77cb86da0ab0bbb9dce0cfa1fdb6a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:31 GMT
Server: nginx
ETag: "638022eb-245f"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9311
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK smvmvmiggldkfjmqqdq1g.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 9 KB
10 KB 84ms
84ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news132/smvmvmiggldkfjmqqdq1g.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 96a7522ba9b70604dd8d53ae09a87628aacb1c8b9561135c653666c9aebe6a19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:32 GMT
Server: nginx
ETag: "638022ec-2599"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9625
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK 50_main-v1663622506.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 10 KB
11 KB 87ms
87ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news132/50_main-v1663622506.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1a36b98ad1e34d6cc6e485ce9a3de0a2a4ce4e1d4ce42c8e732371e0ae022b93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:32 GMT
Server: nginx
ETag: "638022ec-29a6"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10662
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK 1643489684630f5f52b7053.jpg
hi.dn.ua/cache/rsca/243x160/images/news132/ 10 KB
10 KB 86ms
86ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news132/1643489684630f5f52b7053.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1cf9b1f7172f446f8f461b873e61c7189f02a90b403210215febe76b8627c0b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Fri, 25 Nov 2022 02:05:32 GMT
Server: nginx
ETag: "638022ec-277b"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10107
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK gorod_masterov18_05.gif
hi.dn.ua/images/ 281 KB
281 KB 115ms
82ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/gorod_masterov18_05.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 80273fc1aee79a2241ad5a484aa3f6eaa4931bdd242b545f2f40c5d7de8842fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Mon, 18 May 2020 06:18:29 GMT
Server: nginx
ETag: "5ec228b5-462aa"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 287402
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfLtrftV.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 10 KB
10 KB 169ms
79ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfLtrftV.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428fc11a6adab7e89d3a97a824d85fd2e639a68c2fb8760b3916b6fed0bc9bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:45:17 GMT
x-content-type-options: nosniff
age: 563137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10312
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 13:45:17 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
hi.dn.ua/templates/shaper_newskit/fonts/ 75 KB
76 KB 166ms
89ms Font
text/plain 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL

https://hi.dn.ua/templates/shaper_newskit/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),

Reverse DNS

56.29.109.78.hosting.ua

Software

nginx /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 02:13:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 Dec 2017 05:08:40 GMT
Server: nginx
ETag: W/"7d40382-12d68-55f7cb624c600"
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Cache-Control: public
Connection: keep-alive

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 22 KB
23 KB 129ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 08:45:52 GMT
x-content-type-options: nosniff
age: 235502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22768
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 08:45:52 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 148ms
50ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44e5d2ad56f8a85a5b977bde76039596ca2db9fa50c33733fa71f7c06e2f04c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 02:10:54 GMT
content-md5: 20ILmEpUCjgynO9BXgr6PQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: lJ9wkQRK9LXfj8/5qbhrxlh2hiEKelo1EeU1PsipN//OAZKXbc7+KjmciGrzEga4SQ85Dwkax2dzBqwXA7qOPQ==
x-fb-trip-id: 917726464
x-fb-content-md5: bf0e894303948f178a933f921c3c2981
cross-origin-opener-policy: same-origin-allow-popups
etag: "696bd5858e274ee668c52ca2cc6730eb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Fri, 25 Nov 2022 02:13:51 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 22 KB
22 KB 178ms
95ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:31:51 GMT
x-content-type-options: nosniff
age: 160743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22760
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 05:31:51 GMT

GET
H/1.1 200
OK newskit.ttf
hi.dn.ua/templates/shaper_newskit/fonts/ 26 KB
26 KB 167ms
91ms Font
application/octet-stream 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/fonts/newskit.ttf?9ymzo3
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 81b7b2f584dcfe1c72be286287e21f6258f621fed241d139793108e1cdbefc7c

Request headers

Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Mon, 04 Dec 2017 05:08:40 GMT
Server: nginx
ETag: "5a24d858-66dc"
Content-Type: application/octet-stream
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26332
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMB0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 10 KB
10 KB 167ms
86ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMB0ciZb.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d2d1df62f88b61869b7c5b83aed486fbd7eb569497f02a3a1b830b90e4319a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:03 GMT
x-content-type-options: nosniff
age: 19491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10240
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 20:46:03 GMT

GET
H/1.1 200
OK camera_skins.png
hi.dn.ua/modules/mod_responsive_slider/assets/images/ 24 KB
24 KB 206ms
165ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_responsive_slider/assets/images/camera_skins.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 42931bd149d230ca9ab1e72b1a914543dc108e3098673d339c1c3d32ccf2d776

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Mon, 15 Oct 2018 18:26:48 GMT
Server: nginx
ETag: "5bc4dbe8-5e8a"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24202
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H/1.1 200
OK IcoMoon.woff
hi.dn.ua/templates/shaper_newskit/fonts/ 25 KB
25 KB 107ms
93ms Font
font/woff 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/fonts/IcoMoon.woff
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Request headers

Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Mon, 04 Dec 2017 05:08:40 GMT
Server: nginx
ETag: "5a24d858-6350"
Content-Type: font/woff
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25424
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H2 200 wEOjEADFm8hSaQTFG18FErVhsC9x-tarUfPdr-NR.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 23 KB
23 KB 61ms
61ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOjEADFm8hSaQTFG18FErVhsC9x-tarUfPdr-NR.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1ad2c431573b94173dd97d42c82274437f2f2bf1313b6e9260db92233e5913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:50:41 GMT
x-content-type-options: nosniff
age: 48013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23708
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:49:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 12:50:41 GMT

GET
H/1.1 200
OK 316410769_505504794953712_3858923082829109467_n.jpg
hi.dn.ua/images/reslidercon/755x384/images/news133/ 71 KB
71 KB 121ms
80ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/reslidercon/755x384/images/news133/316410769_505504794953712_3858923082829109467_n.jpg?1669342254451
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 8942453aaa9ff11a6209bcbbbe1c03e5738129c4e0ce5ae75cd65393ef03c456

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Thu, 24 Nov 2022 12:36:32 GMT
Server: nginx
ETag: "637f6550-11a45"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72261
Expires: Sat, 10 Dec 2022 02:13:13 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 301 KB
85 KB 102ms
50ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=98365caa150ed0c27360d65374cb42ef

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45840ce506e989f54437cb8cc8ed4b7ce0d5821dc24791a29886a4aeb63be9e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hi.dn.ua/
Origin: https://hi.dn.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 02:10:54 GMT
content-md5: 8aV9eKJBp9umKRWwuOChmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87128
x-fb-rlafr: 0
x-fb-debug: U312WzQXAMiTPhqme8+Vt55xTsDlDs4lqCW2V3D8pys3cWFdUbrSUd7aTnhn+fYvyI7rFYxsTAggZCZR4RLSaw==
x-fb-content-md5: f0e7988639894778099f39d758c27487
cross-origin-opener-policy: same-origin-allow-popups
etag: "f2089e21b86364c15f367e7fcaaab604"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Nov 2023 01:43:17 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 154ms
73ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4643767719705239&plah=hi.dn.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221812a355ad9cfabb4c40792a5cbfe039935441f0278ec46005abaea2c63b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119606
x-xss-protection: 0
server: cafe
etag: 3260633503096173675
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 02:10:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 5A87 10 KB
5 KB 127ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 48624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 12:40:30 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 12:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
43ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10437307-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 01:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2765
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 25 Nov 2022 03:24:49 GMT

GET
H/1.1 200
OK ytyguyhyuyyughjhhf.png
hi.dn.ua/images/reslidercon/755x384/images/news133/ 143 KB
144 KB 91ms
91ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/reslidercon/755x384/images/news133/ytyguyhyuyyughjhhf.png?1669342254727
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: dbad12604eae82169eeb575d682b9c2911c50bc502286c3f6652a62f4662ddab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:13 GMT
Last-Modified: Thu, 24 Nov 2022 12:35:30 GMT
Server: nginx
ETag: "637f6512-23d0a"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146698
Expires: Sat, 10 Dec 2022 02:13:13 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 128ms
47ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1548833522&t=pageview&_s=1&dl=https%3A%2F%2Fhi.dn.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%9A%D1%80%D0%B0%D0%BC%D0%B0%D1%82%D0%BE%D1%80%D1%81%D1%8C%D0%BA%D0%B0%2C%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%B2%D1%96%D1%82%20-%20%D0%9E%D0%B3%D0%BE%D0%BB%D0%BE%D1%88%D0%B5%D0%BD%D0%BD%D1%8F%20%D0%9A%D1%80%D0%B0%D0%BC%D0%B0%D1%82%D0%BE%D1%80%D1%81%D1%8C%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2142537738&gjid=1908903114&cid=53512029.1669342255&tid=UA-10437307-1&_gid=641266032.1669342255&_r=1&gtm=2oub90&z=1881073303

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hi.dn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
695 B 150ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hi.dn.ua&callback=_gfp_s_&client=ca-pub-4643767719705239&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4643767719705239&plah=hi.dn.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0cff0286d170b942daa97e7c1f87d1dcc5038bedc34cf9dd47bf78d98110567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 166ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=hi.dn.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
56ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.dn.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B7CE 152 KB
40 KB 611ms
519ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

379d2bcfe48cd72a2714c8e8fc92642b219eded99683924988da9291ae97ac9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Fri, 25 Nov 2022 02:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F26C 436 B
235 B 277ms
204ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&slotname=7070383555&adk=266901632&adf=505200489&pi=t.ma~as.7070383555&w=0&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=12&format=0xnull&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254583&bpp=1&bdt=878&idt=287&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=423&ady=2623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=R2d5Hty6Px&p=https%3A//hi.dn.ua&dtd=292

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0e9a97bbff25b9843911947db7226231c4f5a8d7c00a3200d0686472401287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Fri, 25 Nov 2022 02:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2EB1 109 KB
35 KB 318ms
259ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254584&bpp=1&bdt=879&idt=294&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=iilv2H5ZOr&p=https%3A//hi.dn.ua&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99c9f0e7b4bbc495a3005c78f3555ee010e83f1dac1c8088198e5ff109bfbebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35761
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Fri, 25 Nov 2022 02:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82DA 18 KB
8 KB 389ms
342ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd10f1bc782139775a23d9e5ec2e8f883d5c86c5c26dd9acee30829b9d35e5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8554
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Fri, 25 Nov 2022 02:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6760 0
19 B 119ms
99ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&adk=1812271804&adf=3025194257&lmt=1669341933&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fhi.dn.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254599&bpp=2&bdt=894&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280%2C363x280&nras=1&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=328

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Fri, 25 Nov 2022 02:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 108ms
36ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10437307-1&cid=53512029.1669342255&jid=2142537738&gjid=1908903114&_gid=641266032.1669342255&_u=YEBAAUAAAAAAACAAI~&z=1825176065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.dn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 02:10:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hi.dn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK blank.gif
hi.dn.ua/modules/mod_responsive_slider/assets/images/ 1 KB
1 KB 87ms
86ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_responsive_slider/assets/images/blank.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: aee8c07608f2afc59c654360702b207236006a9adfd0abeb287fe33b362c7293

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Nov 2022 02:13:14 GMT
Last-Modified: Mon, 15 Oct 2018 18:26:48 GMT
Server: nginx
ETag: "5bc4dbe8-449"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1097
Expires: Sat, 10 Dec 2022 02:13:14 GMT

GET
H2 200 3767900494083221897
tpc.googlesyndication.com/simgad/ Frame 2EB1 12 KB
12 KB 187ms
93ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3767900494083221897?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkHngQ8yIcZ788Fjmu8VWEn1UMiUQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254584&bpp=1&bdt=879&idt=294&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=iilv2H5ZOr&p=https%3A//hi.dn.ua&dtd=299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6892ddc97cd2255bd00188611d1047931ae9db5e1caa5567f90e059b88baea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:31:55 GMT
x-content-type-options: nosniff
age: 513540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12153
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 10:34:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Nov 2023 03:31:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2EB1 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8iJJLiSAY8LwPILa7_UP18SH8Amx5MmtZ9mMo8HuDoO986DDLRABIPLk0xlgu4aAgNAKoAG86fiNA8gBAqkCqhIqLrpkqD6oAwHIA8kEqgS5AU_QTaLChw7TkOBgW4lXQNIyvBKclgWZJeHaOJSaSL1MHgS59MnFBK6SpgVejI3Z6sDtYZDGsb5YRs-wj5hw0Q197xLR59d6ZmcyDRiYXgEkk0ReegDGhw1JNYhc1CiFA1ohrwV54u1Dw6e_ZrbIB-WQ0EmCCo4TcZ_4Ty75ab9omxOu6lgy7fnoDZAmLYxKNB9odcaIf3NfqU3YwuEbf1fZ8LZqoXKPPHvsyaDkf-RykMt75iBG39MSwATZ9_vs7gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHrJaHcqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEIVw0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNDY0Mzc2NzcxOTcwNTIzORgA&sigh=0Zr-WHeBeP0&uach_m=[UACH]&cid=CAQSGwDq26N93d4cvfbeEvevkCNHPh_roazwRqcuVBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254584&bpp=1&bdt=879&idt=294&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=iilv2H5ZOr&p=https%3A//hi.dn.ua&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 02:10:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2EB1 23 KB
10 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2EB1 3 KB
1 KB 162ms
79ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 2EB1 67 B
196 B 174ms
91ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 06:08:41 GMT
x-content-type-options: nosniff
server: cafe
age: 72134
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Fri, 25 Nov 2022 06:08:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2EB1 18 KB
7 KB 134ms
51ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EB1 154 KB
47 KB 195ms
107ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:10:55 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2EB1 34 KB
13 KB 163ms
81ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 04:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 04:20:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B158 624 B
246 B 52ms
51ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGMbU7tUBMAE&v=APEucNXb1hyCkgJx-GX9nAkBl3GMq8jrm-qr4cAtT-hchMVhSyQ12WQ9oJEgp1UeHr-0VfiXzghrWKhOWNI_qFFaRufxmhyawbF3m0PJIVXjEHQFNvPFglBEhKegeOhnl9Vju-GFxFseS2ez5prSWOb8jcwriZjjifwDJMnMW_EXUaC3B2UUpSA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Fri, 25 Nov 2022 02:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9F8C 91 KB
36 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDHkOhYGbvCZC5wstb6onh0TInPmmVwez2478uK5I8Q6rSgXHfscsWJHndjqnxFtrCH8KP5xzUBQRk8W20f6xn4_-69wAe0AQrx-69mR60d3cEA_5RstPTiP2yOt2o-E9vp7Lbf9mqIpJqWFSTbP7uJt1zX5WELb2EalNBkD7OiKym_gI&dbm_d=AKAmf-DKs1U6-sKCDSANH3Vx97_9Bp1XXq7k42c2QzDBOdJa1JFSE_3ePeqmlFI6owWp7EN_KjB6mGQ8HLGIW_TU7_sGXtGk4wrQnZSzwASYGisTWk5dHOQe3EHrY6c1avaEiHvXFnvam2wp9KoKr_nD1d3_zpGzoMbQ7LSbmdo8fiDm1814wnkEuTrYQpdRluJg1gPSPum6j3zqE4P40vIesBZ3HE9KBhRRnSpZ2vHkgIZlV-bLP9C8IahAfisPvHH_l_GYS48nzUJUFU4sWc5GSiEYf_slxZmXVLnGtDqz_ogXf8si_PUD3KXvbWPRD5_JLw7Kh3cRokBDRm---XL0eLKWzJBYlLfsRrwNqRDAPTrTm7vnZjvpcvc2tco8jt8pxeVL0JQJwlYI7u_xL7-yWJYCNE5gtGhgTlq0rEfp7SMVkQmHYCahwq_0bkj31g9RsSCmRmUJIV8q1smWdp9StxkFyAWleX3M8kwrLwd-J_YAgQn59qICb8zaWaHpm4g04dHsmAwNrCephRv9r2U2D2LQRpoCJTznXmkjBZ8Gkpp8HuK63M6ULypr77J9o4nexflCJVsG6anHbvbQIfbyBk011pEWs5Ye1hCKZnBTqLqqRFO4l7q2kKXqHySpoiOTvtRU9DwSOta3Xhvh0VXQvugYQWdhMngmrtTlntKdkt0bWXHhPNhNT-hySxJOS5_63jcPdHP-alx1JdPPxTcUO1j-VltVMPD1nn6ycqY7AM-k6CP3jvUZ2Vbr1GfGe2BlRuUPR2sSgZlheaw0tLSsvbVOrvQrhDse9JunNDB4HXCxINKf9YhmNGsqN3IcPusNx3j8Dmh5geFdGtPLDrnguHnMFQXEIhoVjLfcp7tdOACk4jBYXUwjRid3Z_L97p__ZVAscgJoSIHvzzByClcUNDUN_Is1Wm_Oy9oJ2wtFSPtx7A9nVocjQJFioy0t5E-72Sh8aoRXIsHx7gVr2neHLjvsIpaSGsTkpBfjthJqIjKeUqDGL8pzHMjgnoWb19PlqYVbsfGBxrvv2peTTEicPR2SdZrqyzWyMotDbWcObE927CZfIGW0JNs4v_bONMuPdBspdtJuastYpJxRRlGaMwJSV87S8yzh6CLD4fZAOKvwhBBaYyc-qRrYpj7J-ZXLhHvj-4pVr_HTa633cdJL9jFf8f0gO7w5cDYCg4Vx5V7Be-cB91OVuAKq1gLj45AM-sKF-6mQ14h8JcrThNzJuLqbmqCKR3SESg4klWgMIrohyLgZf-RAG7Qkm109_Vo0atmK9HsfDyfS8IBZqLw06qGOMBFRcVT5v4r3y36nXCKI6m7rQgRx3VMMVd6Xn5t0DFs3qNGCHeaM5gyc03wurfbCRUtQrpKqyDpO4528DClcHlKZ1hqsA5eLsjnO0CUk4ktBI0s492evxwHAez9_W02J-virazQbSdIQimSYapKOxwmTWrPaXZuO245OhAlrDDCgn9o_4-XQcCjshvP79xyIE8xC3omPjpDFMiCnfYe72BhQD01o6vqtuJ18sr0jaZQ1D23a0nc3zDXZq4DUp2xrpuMXMW7TLtrdNL1txvco9Zx4JHJ8SAALjNhGNpaf-qyQy6BGPN4pgSyMzAdF1c2i9__Ywn_pKO-BPc7KkxEIpWewJ7VHI2TqJ5Q__UtvESOL1dUOeSP5LaTArXigje1VlVigxm2-Wei5RkVcV4gdO1b45kKN07wkMDP08oPZ6viVY1BmFjdHotOCjeeUxi0WfkfgDUPGNhxmaWK_oxA_tc5aGrNOjzaMEiDrpl2ROFTsb36WlqFQ7n7zm2zwOfDpBIkmn1xYbIbqq4TUfK5EqVX32qTZU-MVaanMSGSIykcPIAlaBW0r8BNZwcUXE9xA1TiX2xmZ_1-mTNAAQEffEqhnkv0jaibqb6nwqSgpW6fPBThzcEWkAp40SyaI9Gvrb9CwSB-B9nfMZqakhA-OuIqGruyz0JLzdVVwsk8cqdV3n59mrbbv8OlX_tCeMhCoNkskWoNuxmV00c4DszJqjCXvVOXLjeScodWsGJtAtX33UCN70J9rZv2TE3zPzlfZt2IWfEajij7AMhDPL1k6iJrJc1cn-vf0IDISWUOAeasILAs7YueUnAbAAC0mEF8_5baiQIw2yZ3a1q5V1Q93t6Zfw7o4NuEfaq4H343zt0n9R2YrH2PR67YtjgoRg2DKdUUtV3ODcZQeE115vD9k_JvAw-e9E9GLGfHJCKRZ-2USX7C4rnQ9hik49HGmfVuBesaoXol0IvriL1ufJHEMJ5NOS2Jyqpf5fh-4dh5HqtOwFpmxyPkjq1fFjagDyS4VmvcGYUaHAwC_deEi5g1skmAw5LtEYN0xSWNAdKACwqXnaiBOe8vjesjaCF1Nx5E-wto4m8OFESfp5Ri1loBgq-osJrmI7S5fHWrLMQZ7w8ltyTqXyrH_LB4afPJK1nHbTbz0NAXLVZlrZ6Ez5pwByaLQ3s_PLKGygttf-rmtYwIFAW4uOA4DZPbgVQav6jGpwAXkK4KObNuWVisJipPa0jgsDwyS76rJe-PtqhMymtoLjXv9Gasqs5dqIQ2F4SRVTHu7LIKdVYunbX5O_uWlB2Lc5dVkt9J07w2Zp8bjnfM0i-f0jO370swrDgku5UlmfJKg54emhp21PoPFodPi5smF1uVZCsw7tKwVsAMRREuTH_GW_-aOquakDMh6OtM3xi3vtqriArE5hY0Wrqs6nweEd3eA1ea9pjJ7elPrNA8A7PK2q4ZFbCM6naOLzlWsbrG1Tyluoq1P-TrP986cScHomrKjZnlny11jrK8T1GRBkeX09Ur2T1rR53xqNvVjURhPV1HRbe-G7noWZ8eRsBzsyvCAJoHHTB-77x9_7sO4hbe64mWUdWEwW1L8ZmER9n6W82qwyuhqW1Xu2mMxLsds7LyHjEPRruQLApsM2pn41xGwjKhDb-oA4pUkshXUqYHCRzfctrOSypnF2goo4J18NLgg2gvXOPqyiGppTn6y88ySKM2jBbPJSfa7S71f40pw3pU4o0ruMuqUl6pkN7u0Bf2BT5Bjzz1vc8Q48PkecgJqezVTqNNsS7cL1jmhrGPwCS0G0VkDPU72iiEYrzswCrj2nzjPtGa-GFzAtKZalCZmD8tCcmlMASP4T1tvorcKmrXleIStm8XiFTabcSzDjF6NRn0SGMYjp0cIqgyVE5VRCD4A4nKnxsoHvUapcUUspojOnH8RpvMWrke8adeiCutVXk6BS1MtGRukILbSJT25EZm6wfuOv9bHbOYG_HMG7GRgHxXGmniBxYC4N_I7YGg2SyctBzQJLjBOpr_85qDtFA7bTRNZu1w5n53kWLOVErZbqCOv4OHObueWuQLjbMvSZ1gwNfAmJLLbuwcZR_MhvD3a-I3TMnDeanckiAT8VnJhR1FVWAHzmzRph2gL9V9P-zfJOFuS-_SpKKqEL--oqz8mPpturBRL0GJkAxdJfVHYWjc_tPq_7PY7CmN2Qepi3gO5bBaF8h4QOQIkm6ygxy3K3xSNxHTzilGAt4-p9s3DIwiDLvuleis2JGmWAE1OP4pDA2_LQNdhq50xp6Hn&cid=CAQSGwDq26N9vKmB2qhOEdxdARtUxkZ3DkfPT3ft_xgBIBM&rfl=2%2Chttps%253A%252F%252Fhi.dn.ua%252F%240

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16fe5fd5e630981c37c905ee11c6582b6e8a9e4d056418a388b53fcacb04299d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36984
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9F8C 3 KB
1 KB 80ms
77ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9F8C 18 KB
7 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F8C 154 KB
48 KB 59ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:10:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F8C 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQndQZ_BjpFgWnV-QrJeudzUMHT0uga5PruGpLQAk4_ZMvTuBCQhQ7SuEWHKej48Jk_Dzxd2YahE2KY6uXbXlfhlGGD3LrEEIzkY0ufDo31LpXDBI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DEB 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254584&bpp=1&bdt=879&idt=294&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=iilv2H5ZOr&p=https%3A//hi.dn.ua&dtd=299
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 01:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B158
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJK2VYgLNJziPMoTj4rY_tA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJK2VYgLNJziPMoTj4rY_tA&google_cver=1&C=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJK2VYgLNJziPMoTj4rY_tA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGMbU7tUBMAE&v=APEucNXb1hyCkgJx-GX9nAkBl3GMq8jrm-qr4cAtT-hchMVhSyQ12WQ9oJEgp1UeHr-0VfiXzghrWKhOWNI_qFFaRufxmhyawbF3m0PJIVXjEHQFNvPFglBEhKegeOhnl9Vju-GFxFseS2ez5prSWOb8jcwriZjjifwDJMnMW_EXUaC3B2UUpSA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:10:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:10:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJK2VYgLNJziPMoTj4rY_tA&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B158
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4AkL10aoOEYZOqUe0YGXQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQGvQ8waWvcfnsGpZqANmE&google_cver=1

43 B
766 B

40ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQGvQ8waWvcfnsGpZqANmE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGMbU7tUBMAE&v=APEucNXb1hyCkgJx-GX9nAkBl3GMq8jrm-qr4cAtT-hchMVhSyQ12WQ9oJEgp1UeHr-0VfiXzghrWKhOWNI_qFFaRufxmhyawbF3m0PJIVXjEHQFNvPFglBEhKegeOhnl9Vju-GFxFseS2ez5prSWOb8jcwriZjjifwDJMnMW_EXUaC3B2UUpSA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:10:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIQGvQ8waWvcfnsGpZqANmE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B158
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ1IKu91CPoVHPfELm0sLEM&google_cver=1

43 B
1021 B

82ms
42ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJ1IKu91CPoVHPfELm0sLEM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGMbU7tUBMAE&v=APEucNXb1hyCkgJx-GX9nAkBl3GMq8jrm-qr4cAtT-hchMVhSyQ12WQ9oJEgp1UeHr-0VfiXzghrWKhOWNI_qFFaRufxmhyawbF3m0PJIVXjEHQFNvPFglBEhKegeOhnl9Vju-GFxFseS2ez5prSWOb8jcwriZjjifwDJMnMW_EXUaC3B2UUpSA

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:10:55 GMT
AN-X-Request-Uuid: 72f62ba7-f8ea-43c2-b07f-bb1b4214f2df
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJ1IKu91CPoVHPfELm0sLEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B158
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNjgyNTEwMDMxNzE1MDM2MA%3D%3D

170 B
188 B

143ms
59ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNjgyNTEwMDMxNzE1MDM2MA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 02:10:55 GMT
AN-X-Request-Uuid: c793f5f3-c2c7-45a2-a11b-cd733eb551cf
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAwNjgyNTEwMDMxNzE1MDM2MA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2EB1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c270d05a948b0ac9782eaacf5cf0885fa36b3a8fd922006b9ea11b3eaf1e3e8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DEB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
57ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Fri, 25 Nov 2022 02:10:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1212807/66365748/ Frame 9F8C 46 KB
12 KB 145ms
41ms Script
application/javascript 52.213.71.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1212807/66365748/skeleton.js?ias_dspID=3&ias_campId=1009171093&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=18585469169&bidurl=https://hi.dn.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iAi6TlWxR9JF8EdohFHlEX
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.71.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: de668f12ba78aaacc8322915a188d686d047ad4341145c4782769721adb9b9f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9F8C 170 KB
59 KB 130ms
41ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 9F8C 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDHkOhYGbvCZC5wstb6onh0TInPmmVwez2478uK5I8Q6rSgXHfscsWJHndjqnxFtrCH8KP5xzUBQRk8W20f6xn4_-69wAe0AQrx-69mR60d3cEA_5RstPTiP2yOt2o-E9vp7Lbf9mqIpJqWFSTbP7uJt1zX5WELb2EalNBkD7OiKym_gI&dbm_d=AKAmf-DKs1U6-sKCDSANH3Vx97_9Bp1XXq7k42c2QzDBOdJa1JFSE_3ePeqmlFI6owWp7EN_KjB6mGQ8HLGIW_TU7_sGXtGk4wrQnZSzwASYGisTWk5dHOQe3EHrY6c1avaEiHvXFnvam2wp9KoKr_nD1d3_zpGzoMbQ7LSbmdo8fiDm1814wnkEuTrYQpdRluJg1gPSPum6j3zqE4P40vIesBZ3HE9KBhRRnSpZ2vHkgIZlV-bLP9C8IahAfisPvHH_l_GYS48nzUJUFU4sWc5GSiEYf_slxZmXVLnGtDqz_ogXf8si_PUD3KXvbWPRD5_JLw7Kh3cRokBDRm---XL0eLKWzJBYlLfsRrwNqRDAPTrTm7vnZjvpcvc2tco8jt8pxeVL0JQJwlYI7u_xL7-yWJYCNE5gtGhgTlq0rEfp7SMVkQmHYCahwq_0bkj31g9RsSCmRmUJIV8q1smWdp9StxkFyAWleX3M8kwrLwd-J_YAgQn59qICb8zaWaHpm4g04dHsmAwNrCephRv9r2U2D2LQRpoCJTznXmkjBZ8Gkpp8HuK63M6ULypr77J9o4nexflCJVsG6anHbvbQIfbyBk011pEWs5Ye1hCKZnBTqLqqRFO4l7q2kKXqHySpoiOTvtRU9DwSOta3Xhvh0VXQvugYQWdhMngmrtTlntKdkt0bWXHhPNhNT-hySxJOS5_63jcPdHP-alx1JdPPxTcUO1j-VltVMPD1nn6ycqY7AM-k6CP3jvUZ2Vbr1GfGe2BlRuUPR2sSgZlheaw0tLSsvbVOrvQrhDse9JunNDB4HXCxINKf9YhmNGsqN3IcPusNx3j8Dmh5geFdGtPLDrnguHnMFQXEIhoVjLfcp7tdOACk4jBYXUwjRid3Z_L97p__ZVAscgJoSIHvzzByClcUNDUN_Is1Wm_Oy9oJ2wtFSPtx7A9nVocjQJFioy0t5E-72Sh8aoRXIsHx7gVr2neHLjvsIpaSGsTkpBfjthJqIjKeUqDGL8pzHMjgnoWb19PlqYVbsfGBxrvv2peTTEicPR2SdZrqyzWyMotDbWcObE927CZfIGW0JNs4v_bONMuPdBspdtJuastYpJxRRlGaMwJSV87S8yzh6CLD4fZAOKvwhBBaYyc-qRrYpj7J-ZXLhHvj-4pVr_HTa633cdJL9jFf8f0gO7w5cDYCg4Vx5V7Be-cB91OVuAKq1gLj45AM-sKF-6mQ14h8JcrThNzJuLqbmqCKR3SESg4klWgMIrohyLgZf-RAG7Qkm109_Vo0atmK9HsfDyfS8IBZqLw06qGOMBFRcVT5v4r3y36nXCKI6m7rQgRx3VMMVd6Xn5t0DFs3qNGCHeaM5gyc03wurfbCRUtQrpKqyDpO4528DClcHlKZ1hqsA5eLsjnO0CUk4ktBI0s492evxwHAez9_W02J-virazQbSdIQimSYapKOxwmTWrPaXZuO245OhAlrDDCgn9o_4-XQcCjshvP79xyIE8xC3omPjpDFMiCnfYe72BhQD01o6vqtuJ18sr0jaZQ1D23a0nc3zDXZq4DUp2xrpuMXMW7TLtrdNL1txvco9Zx4JHJ8SAALjNhGNpaf-qyQy6BGPN4pgSyMzAdF1c2i9__Ywn_pKO-BPc7KkxEIpWewJ7VHI2TqJ5Q__UtvESOL1dUOeSP5LaTArXigje1VlVigxm2-Wei5RkVcV4gdO1b45kKN07wkMDP08oPZ6viVY1BmFjdHotOCjeeUxi0WfkfgDUPGNhxmaWK_oxA_tc5aGrNOjzaMEiDrpl2ROFTsb36WlqFQ7n7zm2zwOfDpBIkmn1xYbIbqq4TUfK5EqVX32qTZU-MVaanMSGSIykcPIAlaBW0r8BNZwcUXE9xA1TiX2xmZ_1-mTNAAQEffEqhnkv0jaibqb6nwqSgpW6fPBThzcEWkAp40SyaI9Gvrb9CwSB-B9nfMZqakhA-OuIqGruyz0JLzdVVwsk8cqdV3n59mrbbv8OlX_tCeMhCoNkskWoNuxmV00c4DszJqjCXvVOXLjeScodWsGJtAtX33UCN70J9rZv2TE3zPzlfZt2IWfEajij7AMhDPL1k6iJrJc1cn-vf0IDISWUOAeasILAs7YueUnAbAAC0mEF8_5baiQIw2yZ3a1q5V1Q93t6Zfw7o4NuEfaq4H343zt0n9R2YrH2PR67YtjgoRg2DKdUUtV3ODcZQeE115vD9k_JvAw-e9E9GLGfHJCKRZ-2USX7C4rnQ9hik49HGmfVuBesaoXol0IvriL1ufJHEMJ5NOS2Jyqpf5fh-4dh5HqtOwFpmxyPkjq1fFjagDyS4VmvcGYUaHAwC_deEi5g1skmAw5LtEYN0xSWNAdKACwqXnaiBOe8vjesjaCF1Nx5E-wto4m8OFESfp5Ri1loBgq-osJrmI7S5fHWrLMQZ7w8ltyTqXyrH_LB4afPJK1nHbTbz0NAXLVZlrZ6Ez5pwByaLQ3s_PLKGygttf-rmtYwIFAW4uOA4DZPbgVQav6jGpwAXkK4KObNuWVisJipPa0jgsDwyS76rJe-PtqhMymtoLjXv9Gasqs5dqIQ2F4SRVTHu7LIKdVYunbX5O_uWlB2Lc5dVkt9J07w2Zp8bjnfM0i-f0jO370swrDgku5UlmfJKg54emhp21PoPFodPi5smF1uVZCsw7tKwVsAMRREuTH_GW_-aOquakDMh6OtM3xi3vtqriArE5hY0Wrqs6nweEd3eA1ea9pjJ7elPrNA8A7PK2q4ZFbCM6naOLzlWsbrG1Tyluoq1P-TrP986cScHomrKjZnlny11jrK8T1GRBkeX09Ur2T1rR53xqNvVjURhPV1HRbe-G7noWZ8eRsBzsyvCAJoHHTB-77x9_7sO4hbe64mWUdWEwW1L8ZmER9n6W82qwyuhqW1Xu2mMxLsds7LyHjEPRruQLApsM2pn41xGwjKhDb-oA4pUkshXUqYHCRzfctrOSypnF2goo4J18NLgg2gvXOPqyiGppTn6y88ySKM2jBbPJSfa7S71f40pw3pU4o0ruMuqUl6pkN7u0Bf2BT5Bjzz1vc8Q48PkecgJqezVTqNNsS7cL1jmhrGPwCS0G0VkDPU72iiEYrzswCrj2nzjPtGa-GFzAtKZalCZmD8tCcmlMASP4T1tvorcKmrXleIStm8XiFTabcSzDjF6NRn0SGMYjp0cIqgyVE5VRCD4A4nKnxsoHvUapcUUspojOnH8RpvMWrke8adeiCutVXk6BS1MtGRukILbSJT25EZm6wfuOv9bHbOYG_HMG7GRgHxXGmniBxYC4N_I7YGg2SyctBzQJLjBOpr_85qDtFA7bTRNZu1w5n53kWLOVErZbqCOv4OHObueWuQLjbMvSZ1gwNfAmJLLbuwcZR_MhvD3a-I3TMnDeanckiAT8VnJhR1FVWAHzmzRph2gL9V9P-zfJOFuS-_SpKKqEL--oqz8mPpturBRL0GJkAxdJfVHYWjc_tPq_7PY7CmN2Qepi3gO5bBaF8h4QOQIkm6ygxy3K3xSNxHTzilGAt4-p9s3DIwiDLvuleis2JGmWAE1OP4pDA2_LQNdhq50xp6Hn&cid=CAQSGwDq26N9vKmB2qhOEdxdARtUxkZ3DkfPT3ft_xgBIBM&rfl=2%2Chttps%253A%252F%252Fhi.dn.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9F8C 29 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:20 GMT

GET
H2 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame B7CE 9 KB
5 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:47 GMT

GET
H2 200 fe50f845da9df46373c0476e405ca904.js Show response
www.gstatic.com/mysidia/ Frame B7CE 134 KB
50 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe50f845da9df46373c0476e405ca904.js?tag=video_location/web_och

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14d3b16776b5fc73a8dc9c4dbbd49919859e8e4d50864d4772e905150d7fb71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 06:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50858
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 03:42:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 06:39:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B7CE 8 KB
895 B 132ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 02:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 01:28:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 02:10:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B7CE 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B7CE 23 KB
9 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B7CE 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B7CE 18 KB
7 KB 133ms
50ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7CE 154 KB
47 KB 132ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:10:55 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame B7CE 34 KB
14 KB 132ms
53ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F8C 41 KB
15 KB 113ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 569055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:06:40 GMT

GET
DATA 200
OK truncated
/ Frame 9F8C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46e29026d6e2e7087bf43a7835c2f8842eddd0920f242e095f063e42b51bbb27

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.19.8.366.js Show response
static.adsafeprotected.com/ Frame 9F8C 196 KB
61 KB 159ms
54ms Script
application/javascript 2600:9000:223f:1000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.366.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1212807/66365748/skeleton.js?ias_dspID=3&ias_campId=1009171093&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=18585469169&bidurl=https://hi.dn.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iAi6TlWxR9JF8EdohFHlEX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:37:52 GMT
x-amz-version-id: DTz7DAGx5H1oATkuvwxjIs9w8gvuFjKB
content-encoding: gzip
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 275583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 19:50:49 GMT
server: AmazonS3
etag: W/"ca4194ffbaa3712186a83d16b497895d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wT-YApBYWhkjEclZk6aCmn1oY4iB5XBRGBzAssRbU1x3W39b4cTGMg==

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 47F1 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/940388231368434397/ Frame 1478 72 KB
20 KB 131ms
49ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/940388231368434397/index.html?e=69&leftOffset=0&topOffset=0&c=wRS4Go3i1s&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89adedbb37328fb9df4cb3a4a555ecf174b4e17483ce8a851d4ec219b461082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:55 GMT
expires: Sat, 25 Nov 2023 02:10:55 GMT
last-modified: Fri, 04 Nov 2022 09:42:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F8C 0
0 192ms
84ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVwyYs-rNFWy_oNiuKwwlhKW8cNheXKW0HTafcOoTa-qJPXgCTYtsqYjo3RMarsQSQ_iHTXWScB5sqRki1jsj5aqee1tR3MA5mcLzlk8bywBKFh4CI474Eqwc1JcfiIw9j5PDyO--Cyl5qhGMxMPT6R5lRpr25GZkfxS9wykeVJyeZ9bjaGsZgjLnVhjGuEW2Km1ROjaqtOhlbRODFGVm9p8yJ6aaN86sC8Di4Btu0AOMzo-X0wdl-ar2CFy53336NDB2v2yghl4j7rOSD6LcQsQWSoBHHnAn0rwKxtK2i5OehFu43EfpbP4Y-mLHOaPa-kBIuW-He9SM1a4_bweCDq9d2GqjkG8e72Kn1e1qExXRYr-0XkidN58l_XYol-ZSjcAgMNuEJfADSD-M2SP0JCssXRC3hea-yR-pgQYmVzUQjfyAEqspx6zrB_IkgRcmgCRi_nZuJQAAkwFWhEk7ovPJ7oIketo6ps5kjpgKK94T3Bl7PbL53hwL9gVd5O-KFyPZglfS29k8SFp-yY_A0-mGMjhjT5cKK5axn-tgrQj5UPvYY04-5Re23LBNaneJ0CRA1jEyS-aenz_m5sZJCqEv88TTVwROf5wmRW2Gk4ISTy3rLKZCX8hB4TaFduKyha6MxBZ3l0r0GXoVRU2xCKSgp5QJIrb8iwz-FJU0x7PCIrPhupqDhKUR_H3eV14FJS9uTu1mDHCr2HQVSQgkpZ6zZJ8pD6hz4dYaeDv0Sogzz8an_D6Yeddu3TErJk6eg6Nnuea8lpAAKQyP9VG4hSlYbPSVdy6YfqnnybuEMhKxcU6Jwr5CgNFsQvkFU4k6guQddEFNEdPSgzxuv9KdZ6zBrx0jBvv-zlKO5fzEkhgiZiGNQkGVJefseFqpvWSyOmfUTwdairgDR3k9K_YLZEU7u67Dm-XX1r9JW3MwsWO7yMvjKiCBwOnt-b4C2LGiT5N09wogqR-VVS5r-5dn___r16sLFqoBnhcyjUdshWZK1djU5AOuCa4jzIMeQqYZHvvvT1XqSOsGF5w1lKYDY4ulXArSvinOZsXNAjN8H7g_oTgq-m2bLsmwIPgv1DTO2g46UIhqUToYwW-HmnmydCv1B4IpAUAmcwmKkvLlrxPqdyyQZnK0xurrTiZ9mLzrsSIkSFTSm8YQ&sai=AMfl-YRuUXGUYFXl1V6kqu47EhnQfBhAVTD3cz2NKkwaXKNsiv7DV6EA-_hjspmfGknG9t-721MK51_8arARHT2gJb3MTc75zQxB0UNLcmxaGGkhYssMDSS3GCyN1xp0nCTwYpd22P0kmDb2POwAX6_frNy5qqh1eliGHkN60-7cpSnk8UVURFCySqkJEg&sig=Cg0ArKJSzH7X48JuhYdgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=215&cbvp=1&cstd=209&cisv=r20221110.18745&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:10:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 02:10:55 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F516 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 569054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:06:41 GMT
expires: Sat, 18 Nov 2023 12:06:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4910914942415912418
tpc.googlesyndication.com/simgad/ Frame B7CE 25 KB
25 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4910914942415912418?w=600&h=600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8a8c1509dfee66a083f168e3e2cd394c3b241d7169e4d5ad1a2b7a7d4b09cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 08:27:36 GMT
x-content-type-options: nosniff
age: 495799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25339
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 14:42:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Nov 2023 08:27:36 GMT

GET
H3 200 15348253372493321217
tpc.googlesyndication.com/simgad/ Frame B7CE 970 B
997 B 41ms
40ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15348253372493321217?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:17:17 GMT
x-content-type-options: nosniff
age: 582818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
last-modified: Wed, 11 May 2022 10:35:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 08:17:17 GMT

GET
H2 200 data=8qA-cDapHyO4zcZjnz9Frp8w5eI34nBq1VELvze5LchAb8LyN0RfI6kbayVrwikzlnv96N_Rq48Q4F0g56Yk0Lo
mts0.google.com/vt/ Frame B7CE 30 KB
30 KB 204ms
109ms Image
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=8qA-cDapHyO4zcZjnz9Frp8w5eI34nBq1VELvze5LchAb8LyN0RfI6kbayVrwikzlnv96N_Rq48Q4F0g56Yk0Lo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f2d1e3413a0bf0862a2f95b6c8d240ea612e5eae1b6a3264fb447b4b039b9f4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:55 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30367
x-xss-protection: 0
x-server-version-bin: CggIBBDJtPebBg==
server: scaffolding on HTTPServer2
etag: 0d694978dd0d89216
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Fri, 25 Nov 2022 03:10:55 GMT

GET
DATA 200
OK truncated
/ Frame B7CE 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B7CE 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame B7CE 0
327 B 232ms
74ms Ping
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lavva074&c=3210730293630&slotId=1605365146815&qqid=COy9-MCgyPsCFVuD_Qcd8CsFSg&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe50f845da9df46373c0476e405ca904.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4910914942415912418
tpc.googlesyndication.com/simgad/ Frame B7CE 190 KB
190 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4910914942415912418

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa3b5a73842cc03b687e19c2f63ee422a131b7245e4c9c53d5dbbe0a1901b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:29:20 GMT
x-content-type-options: nosniff
age: 513695
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194245
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 14:42:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Nov 2023 03:29:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B7CE 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSYesLiSAY-zuPNuG9u8P8NeU0ATVtZzObZr6oeyCEc_33Zi6ARABIPLk0xlgu4aAgNAKoAHT_PbVA8gBCakCmip8a_d1sT6oAwHIA8sEqgS5AU_QvlKWDsXcC_X9ucFrmujGjRyE12shNau1vte-2vsC7fEmdXmcXCNwRSgoeaNDuF4RC4v1BFwGVeuyGNfzvnL7DgivzJqeDxZlASZsc7vpWjDXOTFPFzr_kmlm_V9piEGRV4joR4Gq4_fqrX7544BlY3EEnfJozI6GKMWDhCx9tgK-EensWQyGHaP1aB4KuEdi6wylTPG-Sj3saKz22QkBjwSmwtIou7DvgDYSGJiwjW2RluKVw99LwAS5yqPDpASSBQQIBBgBkgUECAUYBKAGLoAHop_qyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDw3AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAZgMoeen_ZQEuBOhBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi00NjQzNzY3NzE5NzA1MjM5GAA&sigh=zEmqpuwt32A&uach_m=[UACH]&cid=CAQSGwDq26N9nDHsu1BrgrQGIW_8OC3N0x7JIJnRoRgBIBM&template_id=545

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 02:10:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B7CE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643e7dd65a1d52dd712df33b01aaa00ae9b30fb9ae103fb7214aecb515cfef85

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content videoplayback
rr4---sn-aigl6nl7.googlevideo.com/ Frame B7CE 1 MB
1 MB 139ms
30ms Media
video/mp4 2a00:1450:4009:12::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-aigl6nl7.googlevideo.com/videoplayback?expire=1669371055&ei=LySAY6PeF8ySgAe6xLHACA&ip=2001:ac8:21:e::8&id=94337841d80cf041&itag=18&source=youtube&requiressl=yes&mh=1n&mm=31&mn=sn-aigl6nl7&ms=au&mv=m&mvi=4&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.218&lmt=1669279133875370&mt=1669341933&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgUm1ggsGWXh7ezrpIAZmt1glpUKmHZ377OcUzxZLr7ToCIAPLEJlidzUrExZxu6P5sWg_7KjiyLbQMbCT2BNDdyJx&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgLW2RqYvJvV6GY26wDnTNPKUCJylxtQj55MjpI_iKj3ACICYqADXJa51xrkS6lZfueETCelyc8UQvPv1WWhP_VWXQ&cpn=hOy9MVkj46Wk2K3o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4009:12::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d2c05fe56c06983efbd8c86d598e5e92760ceed7cb8d07e142935a9af8dce124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 25 Nov 2022 02:10:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Nov 2022 08:38:53 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1150813/1150814
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1150814
Expires: Fri, 25 Nov 2022 02:10:55 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1478 118 KB
40 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/940388231368434397/index.html?e=69&leftOffset=0&topOffset=0&c=wRS4Go3i1s&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/940388231368434397/index.html?e=69&leftOffset=0&topOffset=0&c=wRS4Go3i1s&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Nov 2022 11:10:17 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B7CE 28 KB
28 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 16514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:35:41 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame F516 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H2

200

passback_300x250.js Show response
static.adsafeprotected.com/ Frame 9F8C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1212807/66365748/skeleton.js?ias_dspID=3&ias_campId=1009171093&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=18585469169&bidurl=https://hi.dn.ua/...
https://static.adsafeprotected.com/passback_300x250.js

3 KB
2 KB

40ms
39ms

Script
application/javascript

2600:9000:223f:1000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x250.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Server: 2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding: gzip
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
date: Wed, 23 Nov 2022 01:03:25 GMT
x-amz-cf-pop: FRA56-P5
age: 176851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
etag: W/"44f0ac540dc9c11f94344414c879b658"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Pta6pRtK58LbIXqZER-Xyb79xAQioAx_ziZ18ZifvRvf7RAf6p506g==

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:55 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6148 91 KB
23 KB 44ms
43ms Script
application/javascript 2600:9000:223f:1000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5567679
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: MORKAmH9oabDXCJFprKz1nRPj9Yjw3xWZfe5uXql8jlkpByzua5Qjw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F8C 43 B
215 B 567ms
178ms Image
image/gif 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1212807&asId=3f817f0d-b415-e478-7824-49a1c5b2606c&tv=%7Bc:uWpmaY,pingTime:-3,time:265,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:238%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:265,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toa1YSP+11%7C12%7C13%7C141%7C142%7C151*.1212807-66365748%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:0,renddet:na,siq:239%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:56 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F8C 43 B
216 B 564ms
177ms Image
image/gif 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1212807&asId=3f817f0d-b415-e478-7824-49a1c5b2606c&tv=%7Bc:uWpmaZ,pingTime:-6,time:266,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:266,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toa1YSP+11%7C12%7C13%7C141%7C142%7C151*.1212807-66365748%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:0,renddet:na,siq:239%7D&tpiLookup=ao:hi.dn.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:56 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F8C 43 B
215 B 533ms
179ms Image
image/gif 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1212807&asId=3f817f0d-b415-e478-7824-49a1c5b2606c&tv=%7Bc:uWpmbx,pingTime:-2,time:300,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:329,beZ:330,mfA:549,cmA:551,inA:551,inZ:556,prA:556,prZ:562,si:568,poA:569,poZ:584,cmZ:584,mfZ:584,loA:595,loZ:598,ltA:629,ltZ:629,mdA:331,mdZ:535%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:238%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:300,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toa1YSP+11%7C12%7C13%7C141%7C142%7C151*.1212807-66365748%7C1511%7C1512%7C1513%7C16,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:239,sinceFw:60,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:56 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F8C 0
0 164ms
78ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVwyYs-rNFWy_oNiuKwwlhKW8cNheXKW0HTafcOoTa-qJPXgCTYtsqYjo3RMarsQSQ_iHTXWScB5sqRki1jsj5aqee1tR3MA5mcLzlk8bywBKFh4CI474Eqwc1JcfiIw9j5PDyO--Cyl5qhGMxMPT6R5lRpr25GZkfxS9wykeVJyeZ9bjaGsZgjLnVhjGuEW2Km1ROjaqtOhlbRODFGVm9p8yJ6aaN86sC8Di4Btu0AOMzo-X0wdl-ar2CFy53336NDB2v2yghl4j7rOSD6LcQsQWSoBHHnAn0rwKxtK2i5OehFu43EfpbP4Y-mLHOaPa-kBIuW-He9SM1a4_bweCDq9d2GqjkG8e72Kn1e1qExXRYr-0XkidN58l_XYol-ZSjcAgMNuEJfADSD-M2SP0JCssXRC3hea-yR-pgQYmVzUQjfyAEqspx6zrB_IkgRcmgCRi_nZuJQAAkwFWhEk7ovPJ7oIketo6ps5kjpgKK94T3Bl7PbL53hwL9gVd5O-KFyPZglfS29k8SFp-yY_A0-mGMjhjT5cKK5axn-tgrQj5UPvYY04-5Re23LBNaneJ0CRA1jEyS-aenz_m5sZJCqEv88TTVwROf5wmRW2Gk4ISTy3rLKZCX8hB4TaFduKyha6MxBZ3l0r0GXoVRU2xCKSgp5QJIrb8iwz-FJU0x7PCIrPhupqDhKUR_H3eV14FJS9uTu1mDHCr2HQVSQgkpZ6zZJ8pD6hz4dYaeDv0Sogzz8an_D6Yeddu3TErJk6eg6Nnuea8lpAAKQyP9VG4hSlYbPSVdy6YfqnnybuEMhKxcU6Jwr5CgNFsQvkFU4k6guQddEFNEdPSgzxuv9KdZ6zBrx0jBvv-zlKO5fzEkhgiZiGNQkGVJefseFqpvWSyOmfUTwdairgDR3k9K_YLZEU7u67Dm-XX1r9JW3MwsWO7yMvjKiCBwOnt-b4C2LGiT5N09wogqR-VVS5r-5dn___r16sLFqoBnhcyjUdshWZK1djU5AOuCa4jzIMeQqYZHvvvT1XqSOsGF5w1lKYDY4ulXArSvinOZsXNAjN8H7g_oTgq-m2bLsmwIPgv1DTO2g46UIhqUToYwW-HmnmydCv1B4IpAUAmcwmKkvLlrxPqdyyQZnK0xurrTiZ9mLzrsSIkSFTSm8YQ&sai=AMfl-YRuUXGUYFXl1V6kqu47EhnQfBhAVTD3cz2NKkwaXKNsiv7DV6EA-_hjspmfGknG9t-721MK51_8arARHT2gJb3MTc75zQxB0UNLcmxaGGkhYssMDSS3GCyN1xp0nCTwYpd22P0kmDb2POwAX6_frNy5qqh1eliGHkN60-7cpSnk8UVURFCySqkJEg&sig=Cg0ArKJSzH7X48JuhYdgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=503&vt=11&dtpt=288&dett=3&cstd=209&cisv=r20221110.18745&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 02:10:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1478 7 KB
6 KB 146ms
52ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98674e9197a506ecba8a01121af7789515c1ccce480064a56043702e577a72ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5654
x-xss-protection: 0

GET
H2 200 IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 9F8C 14 KB
14 KB 43ms
43ms Image
image/png 2600:9000:223f:1000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date: Thu, 24 Nov 2022 20:20:26 GMT
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 14233
last-modified: Fri, 18 Feb 2022 23:28:59 GMT
server: AmazonS3
etag: "65a8b98b798ce416d94c2847aca40c71"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: p_qYvoVXMD7opAfvOPoz9kqEB4AMH0giRvKnLcSFZV6Cfn_fHFZdIg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F8C 43 B
215 B 401ms
178ms Image
image/gif 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1212807&asId=3f817f0d-b415-e478-7824-49a1c5b2606c&tv=%7Bc:uWpmdE,time:431,type:e,im:%7Bpci:%7Btdr:76%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:431,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B207~0%5D,as:%5B207~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:toa1YSP+11%7C12%7C13%7C141%7C142%7C151*.1212807-66365748%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:239,sis:354%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:56 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame F906 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=2678599834&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254579&bpp=4&bdt=875&idt=262&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=5244461547730&frm=20&pv=2&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=aVKQhk2vT3&p=https%3A//hi.dn.ua&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F516 0
20 B 80ms
80ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbVggLySAY_j4FNCwx_APl7K5uAwAAAAAOAHgBAI&bg=!4uGl4aXNAAbvMpMzzzI7ACkAdvg8WrRiib5BxuxAy047opg0HKTzqDCPpIKk5FBL4IHv6nlfIfXMVQIAAACZUgAAAANoAQcKAIoqbnsK8yjpSQKEXUEVFyy6tFQV8vKWHr2nxfPX6G-Ld4XaOZkJg7VcK1EUTtboUHAhmfN8EIKEbtEDnsek013DEYeyID-Ly3q1zeYFxH7oMo3mv6_J7DGwA6JvEKYIAPVb8rHUOkqFXm6kIyOLToBZKPWbh9qyHZanA3nOdSETgGd3V9kR-1_d_k-ZAuZSsdifPTyC4vpVslowA1B7HdnHIOAYM9nfjI4iRrPjXy1SeP3A0MN-1HlmwyiHVPuwe9O47CA1ZbQD4JW_oT1aW7kc097rQvNH6kpYTFmV3DgPTfhLrb0wlvlzV0EWEHH5pQTZtFNuT0Geo0PLsdW6ZDUmG8LpiWhcGjgYnBKXUebZvsjS9zVXigpSCy_oFtnx5D7dVWc3CaqjsA10Mm3Y0ckN5lQeq05-JEVHDlSdW2iR1bd35lNmp0c04MWHKN75HodzZKjvG1XRmmjWEe47q9NTQZUnWlHn3H2pLmfrgUczfE3wpKYeiaSCTXX4jWj5PAbB0coKKeebpGrQk98giELphPqNuHFu6NR7pkjB294CMl9ftl20NY2viaoknd7I4kVsBoOlqOfmgUqnZFfrkGmI-uzJZt3_jOJUdFN57XYNYeVd42-juSHge6mY461nGLP_kou2BF9jmTXIf-J7vklWr3pWmbmoXmPejL864eSa3a_zzDhgpqu1K9rQfu7y_gLQKk6PYBkqLZYdmaJtDh8nZOeqoWmAAeYeSLipaKNtShcat3UBMO7saiUgTwQRtgcomzO28iKzQoF4EKEsZZXne9ZBBCJlSGosIdh8WpWYf0t8wcGADZcp_4eUtjIi2WdloOK0srLCY12vKrraq0QjzkkR7HkaKb5Nl6bMzm1zub8KPtlOa8WbCdwc1FXnTNOmHLNqv_4mU-lwZpHDGaHw85LX0XXQA734imBNCBZJjNl0oIlbAkuFK3CL5KgFcItAVT66na2-VzyPJTy1VYpPSDa0yb20vu24AJbBR6-7af5Jw7n4Q04r0UkAWebNlWH2HecVsKZxOI7yct96kZHIkAhgSiv-0G8jODAwYoRXPUcgBsKjX0XBk3O4aQ9rSAJsuCcL-2cy7Sgzg4VTutykDCwI4Z5v6Sxv1jk8q6RFIpLYM-sNGi8abOhDbyRMqIeEClCayxDDOPe_ws9DGljGwN8p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1478 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:10:56 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame D16D 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F8C 43 B
215 B 346ms
346ms Image
image/gif 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1212807&asId=3f817f0d-b415-e478-7824-49a1c5b2606c&tv=%7Bc:uWpmhj,pingTime:-10,time:658,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669342256289%7C%7C189b0b6a946929462a2b6b1d7f956b0e%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C214238ba8c28d09c7a0e96cc704afbd2%7C%7C1ee1564845bea966298d74d9682d2c8a%7C%7Cb8780138432117048fdbabf307fd5b02%7C%7Cb395c085aed4ec98a03970c516a53426%7C%7Cadad7aaa91aa03e05575644e5b0cd1c8%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=1188465226&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1669341933&rafmt=1&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669342254585&bpp=1&bdt=881&idt=309&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=5244461547730&frm=20&pv=1&ga_vid=53512029.1669342255&ga_sid=1669342255&ga_hid=1548833522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=339&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706&oid=2&pvsid=1867708314025329&tmod=242200377&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=s2urCPPCCD&p=https%3A//hi.dn.ua&dtd=316
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:56 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

/
www.facebook.com/login/ Frame 674B
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df880581d225cb8%26do...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

164ms
112ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df880581d225cb8%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffcd5bda7a1b7b8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=98365caa150ed0c27360d65374cb42ef

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Nov 2022 02:10:57 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: w3bBnkxc5v3zah0KuVxjkiXh10KiJBN4hO9qnkj9iYd7Jqf3JtJCjtcnILI5X7fS3f8Tqnai747M2lu+gUHmYw==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 25 Nov 2022 02:10:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df880581d225cb8%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ffcd5bda7a1b7b8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: h3jBl0DbsE+uZ2kXlODUT2RQzT0AoJB3XoEBUfeurFxBvxTvL/N6ILElgvV0uvPHOk2jtpIP2p2ygcpBxvswzw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 55ms
55ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

047e57a53c92ea4e81b985fbff3cd42721d7878e973495b0636ef0d6cb39ac3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11175
x-xss-protection: 0

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/940388231368434397/ Frame 1478 14 KB
14 KB 41ms
41ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/940388231368434397/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c6ce96a3d7e5554ff8ddce312b3cb232e0916b95e98ccc14ff13787e15d3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/940388231368434397/index.html?e=69&leftOffset=0&topOffset=0&c=wRS4Go3i1s&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 23:41:21 GMT
x-content-type-options: nosniff
age: 354575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14638
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 09:42:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Nov 2023 23:41:21 GMT

GET
H3 200 finale.jpg
s0.2mdn.net/sadbundle/940388231368434397/ Frame 1478 108 KB
108 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/940388231368434397/finale.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ebfd86d5dd99e57945499d41d8290bb0a3938a86a22a2f43c0469715f30a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/940388231368434397/index.html?e=69&leftOffset=0&topOffset=0&c=wRS4Go3i1s&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 23:41:21 GMT
x-content-type-options: nosniff
age: 354575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110433
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 09:42:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Nov 2023 23:41:21 GMT

GET
H3 200 SpriteSheet_300x250.jpg
s0.2mdn.net/sadbundle/940388231368434397/ Frame 1478 1 MB
1 MB 56ms
56ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/940388231368434397/SpriteSheet_300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0c0cae7138b35a22da85ff323b2005e62a184b1980026e3c0a81d07720b6ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/940388231368434397/index.html?e=69&leftOffset=0&topOffset=0&c=wRS4Go3i1s&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 23:41:21 GMT
x-content-type-options: nosniff
age: 354575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1220656
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 09:42:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 20 Nov 2023 23:41:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 02:10:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 28C9 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 16662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 21:33:14 GMT
expires: Fri, 24 Nov 2023 21:33:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B1E 783 B
534 B 309ms
55ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb86d6fbe5e574bc421cb11f1a04f99716934ae4e07c808802e63288a2465748

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cx-PnFYkoJLpDKVbM3m9Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.dn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-cx-PnFYkoJLpDKVbM3m9Ag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 02:10:57 GMT
expires: Fri, 25 Nov 2022 02:10:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 28C9 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F8C 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVg0Jjhgtd0dMcjGKnmGXLnggFALS5WZDMrWNBKoWd-XTPpfxzsH0kC5xGj0jLW8uRIqeNwxJk1hi5bHWaDiKK9dJN-eAfqK1x26dbMtBjwoqRabeDj2cd9GR1T1m8ylhTcAo4_A&sai=AMfl-YSsJSkng1B2gCMQPTkchMPEO8xuKojqRl7hijL4oBxVxrbCxzcB9btThxxGq7T4FU8RJkCGnn3K1ho__BU&sig=Cg0ArKJSzJ7SEE3rwHCvEAE&cid=CAQSGwDq26N9vKmB2qhOEdxdARtUxkZ3DkfPT3ft_xgBIBM&id=lidar2&mcvt=1000&p=0,0,504,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=20&adk=3565012385&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669342255302&rpt=704&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4B1E 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1867708314025329&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame B7CE 0
17 B 179ms
73ms Ping
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lavva07l&c=3210730293630&slotId=1605365146815&qqid=COy9-MCgyPsCFVuD_Qcd8CsFSg&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fe50f845da9df46373c0476e405ca904.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 28C9 0
11 B 39ms
39ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ClEiOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 02:10:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1867708314025329&bg=!hIelh8PNAAbvMpMzzzI7ACkAdvg8Wl-htlyAp2ryRgruXF0N-Ouu9R0vhBburN02VpzRPci0FGTB8AIAAABbUgAAAAJoAQcKAHButuFVPsMNLfjAn8v5H0R20OfY8D3H0iaryAiOIH9sji_JNywE0t6D8B2XjoREBQV0nEfb5pvRiyBKpTgqFE0rhmIx0KbTcsyY3qwziAQBB1pz1ssm3Yx4GVXU3EgFTecCIVStl8rdLpcyPirsbRoemQKXEYCw84uwirA06Z2ZMU-nImy8-WAsGOqReeNmObjFThChCi0qSnCNBT1sQN7uf0yJAY4DcOe_GrkjVEHLipxhHTD19snGDtwW6YJgxuAFa01-PJt_u7Cs92UVI6Xj06OLsOPxsSrWMWgxQk2FgV_WO4-FmSWhMt308ORQhGQcg0Q37Gp4UkebE4_w2YfHqScGvHp-CkLwpAQBMODLsgdlbszyS9MJbYIBZBfz6CmUzxV__ufZAp8imXIvqgr5EFs29LaKrK5tLwFOLZAV8u1HEMPhGMEaSfEjAAgDDBa50CuPaTj1OutaH120Vg-jd9gKf6KUd1OazaVQlwOaRjMjZdc2ZLEohQA_KGfz1Kw1e9UNRAjUjdRpjZwnG6mRtIZgzHFMNX6jmbkFqTX4VPPthElw9dZ3RHVCqjSerzGAqSMIGNrhudPWkAbYUNASIqtmzcNGhA9IvtZuF4zptmXp2fsgbiNsW67qRXYSX8jb0tbYJP6F_B9MmjpvZJ4pnCgvzOmES9CCjWPUqmfovCO-UqPOBVhFdQLsjiUDcsgQ8cuHC4nd6jFuD8cC16QFy61t3Q8XBWTi23ScikXNLOLV3aXn3PyFLzHDDsWLcKZua1_TdJqBlNU7vVH1QD-MwRYzVJpfsqUJIDh_ODgCRPHobzuHCR3NvwAuORuOT2T0y4MHLViZtc3P7FW1vGBQpVmTDfQxPWd3ASp72vKOurwpeYHP_j-PYrWwh4Dm8Zu2rEQoEw4puziU0gCuV8zAmS_Z0XDOixhWUGxmBV1o4-n7Krs5n_HrbzZEeEzA05FvdoSlvFf5OXqDCbd99Fk8nUsWgceof1BkFVljeZKMD-49YJtAOSmmfRG-KuHIolZYrXS4mZsLYXZ1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F8C 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1212807&asId=3f817f0d-b415-e478-7824-49a1c5b2606c&tv=%7Bc:uWpmHr,pingTime:1,time:2278,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:238%7D,%7Bpiv:100,vs:i,r:,t:1277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1053~0,0~100%5D,as:%5B1053~300.250%5D%7D%7D,%7Bsl:i,t:1277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:349,fm:toa1YSP+11%7C12%7C13%7C141%7C142%7C151*.1212807-66365748%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:239,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:57 GMT
server: nginx
x-server-name: dt46.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9F8C 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1212807&asId=3f817f0d-b415-e478-7824-49a1c5b2606c&tv=%7Bc:uWpmHr,pingTime:1,time:2278,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:238%7D,%7Bpiv:100,vs:i,r:,t:1277%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1053~0,0~100%5D,as:%5B1053~300.250%5D%7D%7D,%7Bsl:i,t:1277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.504,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:349,fm:toa1YSP+11%7C12%7C13%7C141%7C142%7C151*.1212807-66365748%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:239,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 02:10:57 GMT
server: nginx
x-server-name: dt47.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hi.dn.ua/	1969-12-31 23:59:59	Name: 04e0a671eda8eb9ef13ae0eb17b76657 Value: l0qha0maqdh183rrn2n49qmk74
.hi.dn.ua/	1970-01-20 17:18:22	Name: _ga Value: GA1.3.53512029.1669342255
.hi.dn.ua/	1970-01-20 07:43:48	Name: _gid Value: GA1.3.641266032.1669342255
.hi.dn.ua/	1970-01-20 07:42:22	Name: _gat_gtag_UA_10437307_1 Value: 1
.hi.dn.ua/	1970-01-20 17:03:58	Name: __gads Value: ID=75137d8d1493706b-225005ecc8cf0095:T=1669342254:RT=1669342254:S=ALNI_MZGUGSKG7InOGE7GTrN5YoDVG2-2Q
.hi.dn.ua/	1970-01-20 17:03:58	Name: __gpi Value: UID=00000b86bda1f3a2:T=1669342254:RT=1669342254:S=ALNI_MaNHEjIgRA4ZHGMilaXsQUXKXqNgg
.doubleclick.net/	1970-01-20 17:03:58	Name: IDE Value: AHWqTUm-WUZdTx-zlB40lfAXtKe78HZWdhXiaixdy_WH4i-xDgMBmW9eOniuDVKiz6g
.doubleclick.net/	1970-01-20 07:42:23	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 09:51:58	Name: uuid2 Value: 4006825100317150360
.doubleclick.net/	1970-01-20 07:42:25	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 09:51:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>@9O<Sx!@wnfH8K6pQK`!5=E<L5?%M(i-tZZif3zx8OpBuh1.5sXa1@<A*zeP/o(d%nugO%v4VB%nlQ3)_)mQ
.casalemedia.com/	1970-01-20 16:27:58	Name: CMID Value: Y4AkLyy304GxPcuuJJ.d5gAA
.casalemedia.com/	1970-01-20 09:51:58	Name: CMPS Value: 3329
.casalemedia.com/	1970-01-20 09:51:58	Name: CMPRO Value: 3329

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hi.dn.ua
ib.adnxs.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
rr4---sn-aigl6nl7.googlevideo.com
s.yimg.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.194
172.217.18.2
185.80.39.216
2600:1f13:800:7780:f6b7:f6b3:6ba9:b22c
2600:9000:223f:1000:8:48e:53c0:93a1
2a00:1288:80:807::2
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4009:12::9
2a00:1450:400c:c00::9b
2a00:1450:400d:803::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
37.252.171.22
52.213.71.221
78.109.29.56
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03efb4c4b47e30e09d229bb476c77e9b547d6889f31477238cf0cd7fc08e8a4d
047e57a53c92ea4e81b985fbff3cd42721d7878e973495b0636ef0d6cb39ac3d
05c6ce96a3d7e5554ff8ddce312b3cb232e0916b95e98ccc14ff13787e15d3e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fa3b5a73842cc03b687e19c2f63ee422a131b7245e4c9c53d5dbbe0a1901b93
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16fe5fd5e630981c37c905ee11c6582b6e8a9e4d056418a388b53fcacb04299d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a36b98ad1e34d6cc6e485ce9a3de0a2a4ce4e1d4ce42c8e732371e0ae022b93
1c3e1a26bff762e758008d219a90f4f0e46084d268b2f8deab98c2f1d9ffe899
1cf9b1f7172f446f8f461b873e61c7189f02a90b403210215febe76b8627c0b5
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0
1e9caa55ac982451d0d59d00ccdf3eb97004a7bd337ad5c7566f60717ea8243f
1ec1c0519da1b0a13b0670687ffb7bf3d3761fb31fe26fe4f2ed816865a0eeda
221812a355ad9cfabb4c40792a5cbfe039935441f0278ec46005abaea2c63b01
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c270d05a948b0ac9782eaacf5cf0885fa36b3a8fd922006b9ea11b3eaf1e3e8
30c6a30a4f4cf6d33f88b0574a0e6ff876d88f778dd2e49833f955f58a110217
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
379d2bcfe48cd72a2714c8e8fc92642b219eded99683924988da9291ae97ac9f
38fd484f5ec231a22cc50ddf0ea08d87adb67ec483333ce5bdfb88e5e8a0f597
3a8a8c1509dfee66a083f168e3e2cd394c3b241d7169e4d5ad1a2b7a7d4b09cd
40922aa70b57730608904f5cfefa3b0aaa885e0c872caa310a4961af10c7f0e0
41d2d1df62f88b61869b7c5b83aed486fbd7eb569497f02a3a1b830b90e4319a
428fc11a6adab7e89d3a97a824d85fd2e639a68c2fb8760b3916b6fed0bc9bcc
42931bd149d230ca9ab1e72b1a914543dc108e3098673d339c1c3d32ccf2d776
44e5d2ad56f8a85a5b977bde76039596ca2db9fa50c33733fa71f7c06e2f04c6
452755ab5ffa443c96c4823367b4089531068ad1389beed8418ff4b59dc4f237
45840ce506e989f54437cb8cc8ed4b7ce0d5821dc24791a29886a4aeb63be9e4
46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1
46e29026d6e2e7087bf43a7835c2f8842eddd0920f242e095f063e42b51bbb27
48bb1e43025685415b478082c09115ba3a6dac3018552b29dd01051f05440101
48e25136ee6711353e7bc7f34652fdd5f2713eb9c8d76e053443ba6da737fba7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e89c38189dd2e61117834de251e624e572e4ceef3e14f43f9341fa65036f709
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5226ce76d33caf5ac6cf6355ba36b97c5030fd944fce42bd5456173c029e1137
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5d1ad2c431573b94173dd97d42c82274437f2f2bf1313b6e9260db92233e5913
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cabd7093ad723ffe697c0b96a6da1fa98867b3f8c23e569df22972657687db
643e7dd65a1d52dd712df33b01aaa00ae9b30fb9ae103fb7214aecb515cfef85
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d
70509a397221b1a5fc5e1207ab1c16ddc248a039923a3c09b1e8fc8a0e6ee210
729937c36d78cfec1fd6e3d8529885be8254ccc286bc5b16e721896bd106bbc3
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
78fe3aae5b745a456eac86c93e7318cfbc8dd068033c17cd78a9d1f2cd48ed32
7e82ab1d661f86ff42e06248442db7ebdd153a8f517ff22d6431b69a71a37598
7f5e89fd0232335f9adaf40654e4201127d4e7862d226bf57269eb4e1087504b
80273fc1aee79a2241ad5a484aa3f6eaa4931bdd242b545f2f40c5d7de8842fc
80ebfd86d5dd99e57945499d41d8290bb0a3938a86a22a2f43c0469715f30a2c
81b7b2f584dcfe1c72be286287e21f6258f621fed241d139793108e1cdbefc7c
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8942453aaa9ff11a6209bcbbbe1c03e5738129c4e0ce5ae75cd65393ef03c456
8fda7cf721d35626d32a0e4cc138e02b35edba75451d3077c739a861c4685178
92fcab9c5ecda697f59e5877e9b1e226384a7f53e9b04e9a7b6aa5441738df11
96a7522ba9b70604dd8d53ae09a87628aacb1c8b9561135c653666c9aebe6a19
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98674e9197a506ecba8a01121af7789515c1ccce480064a56043702e577a72ff
99c9f0e7b4bbc495a3005c78f3555ee010e83f1dac1c8088198e5ff109bfbebe
9beebe40ef8b5070d6fd78d439fcc842f0fcc573a9b7865c9d43f6026e6a5caa
9c4885210d309a9a034d612e9ab2c94165b0c6f1bf5e528005b985ae04c9e65b
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0f0704fa49cf78b86a1beec93e28c5e1f6ca1aed094300b696fc3b1f086c626
a1bad3b22fa79a91ddbe12d2f7be80341b39d0962b492bf50ae6798539689ec2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59e132b1c2fb6b74efb031c5b158c6d501d769762786683aa2a9c85cb8d3653
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab0adbe6a9df0051d75d2e06ffdc5dbf0210dc0d2858ef95e28213e4ab3963c3
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
aee8c07608f2afc59c654360702b207236006a9adfd0abeb287fe33b362c7293
b0c0cae7138b35a22da85ff323b2005e62a184b1980026e3c0a81d07720b6ed2
b0cff0286d170b942daa97e7c1f87d1dcc5038bedc34cf9dd47bf78d98110567
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3fb7bcddf609e070abce11b5c1181034f77cb86da0ab0bbb9dce0cfa1fdb6a3
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd
b980127387edbc14545c838b85002dfc8c687b766d08483cd8b76269235a1f2e
bc43e2e09fa056b58509ce3323b02026fc450fc829e442f2549830d915d802c9
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be17907b215c53089d69f2dc8420851d9f327413e8779b5d17489bb419aa7a71
bf0e9a97bbff25b9843911947db7226231c4f5a8d7c00a3200d0686472401287
bf558b850010169a48f78bd32dc7162613de65038e767c6a2928de1b5c60fb98
cd10f1bc782139775a23d9e5ec2e8f883d5c86c5c26dd9acee30829b9d35e5ae
cd82d0e88e4b21a2f41122996be15b6285926bf3089c7ddae51223ac5a7f7729
cdd04fd9725f122d1c2305ea238e320dbb497dd682d1dfc520590a5e904314d4
ce2bf85934363ed5f3f14de5448e9ac92d574f3cc381da97660ee13d88bcb725
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d14d3b16776b5fc73a8dc9c4dbbd49919859e8e4d50864d4772e905150d7fb71
d14dd821cb5d08b485ca03d2a96741d824303110b3083187c20dd5ebe75f22e9
d2c05fe56c06983efbd8c86d598e5e92760ceed7cb8d07e142935a9af8dce124
d460f01c251a96abae90f852fe8bbadc5a02b400235e551d7f38b75dcfdc25bb
d6892ddc97cd2255bd00188611d1047931ae9db5e1caa5567f90e059b88baea5
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d80ffd6b4c28ea850b34028955083a7df578b7dc672bb3ee0608a23eb8bd48eb
d8af529dcb303130231c1835f5a481be5a3fc9506bbcb66a47c6d4a4c1ffff05
db6edb72864f0a511a1374d9599970057d8e106b2b54bd160e6bf7c32c44949e
dbad12604eae82169eeb575d682b9c2911c50bc502286c3f6652a62f4662ddab
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de668f12ba78aaacc8322915a188d686d047ad4341145c4782769721adb9b9f0
df9d06b9ad5f1e00724a0efa904888ac078fd9a69713b838f67b9496fd39d481
e0abc96abce7bf683e45cfd5d40a8b1afccc24a444574d06939fa59a9ecdca34
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89adedbb37328fb9df4cb3a4a555ecf174b4e17483ce8a851d4ec219b461082
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699
eb86d6fbe5e574bc421cb11f1a04f99716934ae4e07c808802e63288a2465748
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d1e3413a0bf0862a2f95b6c8d240ea612e5eae1b6a3264fb447b4b039b9f4c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

hi.dn.ua Open in urlscan Pro 78.109.29.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

97 %HTTPS

77 %IPv6

19 Domains

29 Subdomains

27 IPs

7 Countries

5496 kBTransfer

8280 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hi.dn.ua Open in urlscan Pro
78.109.29.56 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

97 %
HTTPS

77 %
IPv6

19
Domains

29
Subdomains

27
IPs

7
Countries

5496 kB
Transfer

8280 kB
Size

14
Cookies

155 HTTP transactions
5 data transactions